def permission_registration_endpoint_(self, request="", requestor="",
client_id="", **kwargs):
"""
The endpoint URI at which the resource server registers a
client-requested permission with the authorization server.
This is a proposed permission waiting for the user to accept it.
"""
_ticket = rndstr(24)
logging.debug("Registering permission request: %s" % request)
resp = PermissionRegistrationResponse(ticket=_ticket)
self.permit.add_request(requestor, _ticket, request)
return Created(resp.to_json(), content="application/json")
def permission_registration_endpoint_(self, entity, **kwargs):
"""
The endpoint URI at which the resource server registers a
client-requested permission with the authorization server.
This is a proposed permission waiting for the user to accept it.
"""
request = kwargs["request"]
_ticket = rndstr(24)
logging.debug("Registering permission request: %s" % request)
resp = PermissionRegistrationResponse(ticket=_ticket)
self.permission_requests.add_request(_ticket, request)
return Created(resp.to_json(), content="application/json")
def permission_registration_endpoint_(self, request, **kwargs):
"""
The endpoint URI at which the resource server registers a
client-requested permission with the authorization server.
This is a proposed permission waiting for the user to accept it.
:param request: The permission registration request
:return: HTTP Response
"""
adb = self.get_adb(kwargs['client_id'])
prr = self.to_prr(request, kwargs['client_id'])
if prr:
_ticket = adb.ticket_factory.pack(aud=[kwargs['client_id']],
type='ticket')
logging.debug("Registering permission request: %s" % request)
adb.permission_requests[_ticket] = prr
resp = PermissionRegistrationResponse(ticket=_ticket)
return Created(resp.to_json(), content="application/json")
else:
return BadRequest("Can't register permission for unknown resource")
def permission_registration_endpoint_(self, request, **kwargs):
"""
The endpoint URI at which the resource server registers a
client-requested permission with the authorization server.
This is a proposed permission waiting for the user to accept it.
:param request: The permission registration request
:return: HTTP Response
"""
adb = self.get_adb(kwargs['client_id'])
prr = self.to_prr(request, kwargs['client_id'])
if prr:
_ticket = adb.ticket_factory.pack(aud=[kwargs['client_id']],
type='ticket')
logging.debug("Registering permission request: %s" % request)
adb.permission_requests[_ticket] = prr
resp = PermissionRegistrationResponse(ticket=_ticket)
return Created(resp.to_json(), content="application/json")
else:
return BadRequest("Can't register permission for unknown resource")
def application(environ, start_response):
session = {}
try:
cookie = environ["HTTP_COOKIE"]
try:
_tmp = CookieHandler.get_cookie_value(cookie, COOKIE_NAME)
except InvalidCookieSign:
pass
else:
if _tmp:
session = json.loads(_tmp[0])
except KeyError:
pass
path = environ.get('PATH_INFO', '').lstrip('/')
logger.info("PATH: %s" % path)
if session:
logger.info("Session: %s" % (session,))
if path == "robots.txt":
return static(environ, session, "static/robots.txt")
elif path.startswith("static/"):
return static(environ, session, path)
try:
query = parse_qs(environ["QUERY_STRING"])
except KeyError:
query = None
if query:
logger.info("Query: %s" % (query,))
resp = None
if path == "": #?user=<rs_uid>
resp = opbyuid(environ, start_response)
_val = {"uid": query["user"][0]}
resp.headers.append(CookieHandler.create_cookie(
json.dumps(_val), "uma_rs", cookie_name=COOKIE_NAME))
return resp(environ, start_response)
elif path == "rp": # Authenticating the user and binding the RS to the AS
link = acr = ""
if "uid" in query:
try:
link = RES_SRV.find_srv_discovery_url(
resource=query["uid"][0])
except requests.ConnectionError:
resp = ServiceError("Webfinger lookup failed, connection error")
return resp(environ, start_response)
elif "url" in query:
link = query["url"][0]
if "acr_values" in query:
acr = query["acr_values"][0]
else:
acr = query["uid"][0].split("@")[0] # The userid
if link:
RES_SRV.srv_discovery_url = link
md5 = hashlib.md5()
md5.update(link)
opkey = base64.b16encode(md5.digest())
session["callback"] = True
func = getattr(RES_SRV, "begin")
return func(environ, start_response, session, opkey,
acr_value=acr)
else:
resp = BadRequest()
return resp(environ, start_response)
elif path.startswith("info"):
# Assume query of the form
# info/<uid>/<bundle>[?attr=<attribute>[&attr=<attribute>]] or
# info/<uid>[?attr=<attribute>[&attr=<attribute>]]
owner = path[5:]
try:
res = RES_SRV.dataset_endpoint(path, owner, environ)
except Unknown:
resp = BadRequest("Unknown user: %s" % owner)
return resp(environ, start_response)
except UnknownAuthzSrv:
resp = BadRequest("User have not registered an authz server")
return resp(environ, start_response)
except KeyError, err:
resp = BadRequest("Missing info: %s" % err)
return resp(environ, start_response)
# either a ErrorResponse or a ResourceResponse
er = ErrorResponse().from_json(res)
try:
er.verify()
headers = []
for var in ["as_uri", "host_id", "error"]:
try:
headers.append((var, str(er[var])))
except KeyError:
pass
if "ticket" in er:
prr = PermissionRegistrationResponse(ticket=er["ticket"])
resp = Forbidden(prr.to_json(), headers=headers,
content="application/json")
else:
resp = Unauthorized(headers=headers)
except MissingRequiredAttribute:
rr = ResourceResponse().from_json(res)
resp = Response(rr.to_json())
return resp(environ, start_response)
