コード例 #1
0
    def _validate_token(self, env):
        """Validate token"""
        query_string = env.get('QUERY_STRING', '')
        query_params = dict(urlparse.parse_qsl(query_string))

        # Note: This is a WSGI environment variable name
        token_in_headers = env.get('HTTP_X_AUTH_TOKEN', None)
        token_in_query_params = query_params.get('x-auth-token', None)

        return validate_token(token_in_headers=token_in_headers,
                              token_in_query_params=token_in_query_params)
コード例 #2
0
ファイル: auth.py プロジェクト: joshgre/st2
    def _validate_token(self, env):
        """Validate token"""
        query_string = env.get('QUERY_STRING', '')
        query_params = dict(urlparse.parse_qsl(query_string))

        # Note: This is a WSGI environment variable name
        token_in_headers = env.get('HTTP_X_AUTH_TOKEN', None)
        token_in_query_params = query_params.get(QUERY_PARAM_ATTRIBUTE_NAME, None)

        return validate_token(token_in_headers=token_in_headers,
                              token_in_query_params=token_in_query_params)
コード例 #3
0
ファイル: hooks.py プロジェクト: miqui/st2
    def _validate_token(request):
        """
        Validate token provided either in headers or query parameters.
        """
        headers = request.headers
        query_string = request.query_string
        query_params = dict(urlparse.parse_qsl(query_string))

        token_in_headers = headers.get('X-Auth-Token', None)
        token_in_query_params = query_params.get('x-auth-token', None)
        return validate_token(token_in_headers=token_in_headers,
                              token_in_query_params=token_in_query_params)
コード例 #4
0
ファイル: hooks.py プロジェクト: Kailashkatheth1/st2
    def _validate_token(request):
        """
        Validate token provided either in headers or query parameters.
        """
        headers = request.headers
        query_string = request.query_string
        query_params = dict(urlparse.parse_qsl(query_string))

        token_in_headers = headers.get(HEADER_ATTRIBUTE_NAME, None)
        token_in_query_params = query_params.get(QUERY_PARAM_ATTRIBUTE_NAME, None)
        return validate_token(token_in_headers=token_in_headers,
                              token_in_query_params=token_in_query_params)
コード例 #5
0
ファイル: hooks.py プロジェクト: ravidsinghbiz/st2
    def _validate_token(request):
        """
        Validate token provided either in headers or query parameters.
        """
        headers = request.headers
        query_string = request.query_string
        query_params = dict(urlparse.parse_qsl(query_string))

        token_in_headers = headers.get(HEADER_ATTRIBUTE_NAME, None)
        token_in_query_params = query_params.get(QUERY_PARAM_ATTRIBUTE_NAME,
                                                 None)
        return validate_token(token_in_headers=token_in_headers,
                              token_in_query_params=token_in_query_params)
コード例 #6
0
ファイル: hooks.py プロジェクト: yangjiebeijing/st2
    def _validate_creds_and_get_user(request):
        """
        Validate one of token or api_key provided either in headers or query parameters.
        Will returnt the User

        :rtype: :class:`UserDB`
        """

        headers = request.headers
        query_string = request.query_string
        query_params = dict(urlparse.parse_qsl(query_string))

        token_in_headers = headers.get(HEADER_ATTRIBUTE_NAME, None)
        token_in_query_params = query_params.get(QUERY_PARAM_ATTRIBUTE_NAME,
                                                 None)

        api_key_in_headers = headers.get(HEADER_API_KEY_ATTRIBUTE_NAME, None)
        api_key_in_query_params = query_params.get(
            QUERY_PARAM_API_KEY_ATTRIBUTE_NAME, None)

        if (token_in_headers or token_in_query_params) and \
           (api_key_in_headers or api_key_in_query_params):
            raise auth_exceptions.MultipleAuthSourcesError(
                'Only one of Token or API key expected.')

        user = None
        if token_in_headers or token_in_query_params:
            token_db = validate_token(
                token_in_headers=token_in_headers,
                token_in_query_params=token_in_query_params)
            user = token_db.user
        elif api_key_in_headers or api_key_in_query_params:
            api_key_db = validate_api_key(
                api_key_in_headers=api_key_in_headers,
                api_key_query_params=api_key_in_query_params)
            user = api_key_db.user
        else:
            raise auth_exceptions.NoAuthSourceProvidedError(
                'One of Token or API key required.')

        if not user:
            LOG.warn('User not found for supplied token or api-key.')
            return None

        try:
            return User.get(user)
        except StackStormDBObjectNotFoundError:
            # User doesn't exist - we should probably also invalidate token/apikey if
            # this happens.
            LOG.warn('User %s not found.', user)
            return None
コード例 #7
0
    def post(self, request):
        token = getattr(request, 'token', None)

        if not token:
            raise exc.HTTPBadRequest('Token is not provided.')

        try:
            return {'valid': auth_utils.validate_token(token) is not None}
        except (TokenNotFoundError, TokenExpiredError):
            return {'valid': False}
        except Exception:
            msg = 'Unexpected error occurred while verifying token.'
            LOG.exception(msg)
            raise exc.HTTPInternalServerError(msg)
コード例 #8
0
ファイル: auth.py プロジェクト: rlugojr/st2
    def post(self, request, **kwargs):
        token = getattr(request, "token", None)

        if not token:
            pecan.abort(http_client.BAD_REQUEST, "Token is not provided.")

        try:
            return {"valid": auth_utils.validate_token(token) is not None}
        except (TokenNotFoundError, TokenExpiredError):
            return {"valid": False}
        except Exception:
            msg = "Unexpected error occurred while verifying token."
            LOG.exception(msg)
            pecan.abort(http_client.INTERNAL_SERVER_ERROR, msg)
コード例 #9
0
ファイル: auth.py プロジェクト: StackStorm/st2
    def post(self, request):
        token = getattr(request, 'token', None)

        if not token:
            raise exc.HTTPBadRequest('Token is not provided.')

        try:
            return {'valid': auth_utils.validate_token(token) is not None}
        except (TokenNotFoundError, TokenExpiredError):
            return {'valid': False}
        except Exception:
            msg = 'Unexpected error occurred while verifying token.'
            LOG.exception(msg)
            raise exc.HTTPInternalServerError(msg)
コード例 #10
0
    def post(self, request, **kwargs):
        token = getattr(request, 'token', None)

        if not token:
            pecan.abort(http_client.BAD_REQUEST, 'Token is not provided.')

        try:
            return {'valid': auth_utils.validate_token(token) is not None}
        except (TokenNotFoundError, TokenExpiredError):
            return {'valid': False}
        except Exception:
            msg = 'Unexpected error occurred while verifying token.'
            LOG.exception(msg)
            pecan.abort(http_client.INTERNAL_SERVER_ERROR, msg)
コード例 #11
0
ファイル: hooks.py プロジェクト: jspittman/st2
    def _validate_creds_and_get_user(request):
        """
        Validate one of token or api_key provided either in headers or query parameters.
        Will returnt the User

        :rtype: :class:`UserDB`
        """

        headers = request.headers
        query_string = request.query_string
        query_params = dict(urlparse.parse_qsl(query_string))

        token_in_headers = headers.get(HEADER_ATTRIBUTE_NAME, None)
        token_in_query_params = query_params.get(QUERY_PARAM_ATTRIBUTE_NAME, None)

        api_key_in_headers = headers.get(HEADER_API_KEY_ATTRIBUTE_NAME, None)
        api_key_in_query_params = query_params.get(QUERY_PARAM_API_KEY_ATTRIBUTE_NAME, None)

        if (token_in_headers or token_in_query_params) and \
           (api_key_in_headers or api_key_in_query_params):
            raise auth_exceptions.MultipleAuthSourcesError(
                'Only one of Token or API key expected.')

        user = None
        if token_in_headers or token_in_query_params:
            token_db = validate_token(token_in_headers=token_in_headers,
                                      token_in_query_params=token_in_query_params)
            user = token_db.user
        elif api_key_in_headers or api_key_in_query_params:
            api_key_db = validate_api_key(api_key_in_headers=api_key_in_headers,
                                          api_key_query_params=api_key_in_query_params)
            user = api_key_db.user
        else:
            raise auth_exceptions.NoAuthSourceProvidedError('One of Token or API key required.')

        if not user:
            LOG.warn('User not found for supplied token or api-key.')
            return None

        try:
            return User.get(user)
        except ValueError:
            # User doesn't exist - we should probably also invalidate token/apikey if
            # this happens.
            LOG.warn('User %s not found.', user)
            return None