def permission_registration_endpoint_(self, request="", requestor="", client_id="", **kwargs): """ The endpoint URI at which the resource server registers a client-requested permission with the authorization server. This is a proposed permission waiting for the user to accept it. """ _ticket = rndstr(24) logging.debug("Registering permission request: %s" % request) resp = PermissionRegistrationResponse(ticket=_ticket) self.permit.add_request(requestor, _ticket, request) return Created(resp.to_json(), content="application/json")
def permission_registration_endpoint_(self, entity, **kwargs): """ The endpoint URI at which the resource server registers a client-requested permission with the authorization server. This is a proposed permission waiting for the user to accept it. """ request = kwargs["request"] _ticket = rndstr(24) logging.debug("Registering permission request: %s" % request) resp = PermissionRegistrationResponse(ticket=_ticket) self.permission_requests.add_request(_ticket, request) return Created(resp.to_json(), content="application/json")
def permission_registration_endpoint_(self, request, **kwargs): """ The endpoint URI at which the resource server registers a client-requested permission with the authorization server. This is a proposed permission waiting for the user to accept it. :param request: The permission registration request :return: HTTP Response """ adb = self.get_adb(kwargs['client_id']) prr = self.to_prr(request, kwargs['client_id']) if prr: _ticket = adb.ticket_factory.pack(aud=[kwargs['client_id']], type='ticket') logging.debug("Registering permission request: %s" % request) adb.permission_requests[_ticket] = prr resp = PermissionRegistrationResponse(ticket=_ticket) return Created(resp.to_json(), content="application/json") else: return BadRequest("Can't register permission for unknown resource")
def application(environ, start_response): session = {} try: cookie = environ["HTTP_COOKIE"] try: _tmp = CookieHandler.get_cookie_value(cookie, COOKIE_NAME) except InvalidCookieSign: pass else: if _tmp: session = json.loads(_tmp[0]) except KeyError: pass path = environ.get('PATH_INFO', '').lstrip('/') logger.info("PATH: %s" % path) if session: logger.info("Session: %s" % (session,)) if path == "robots.txt": return static(environ, session, "static/robots.txt") elif path.startswith("static/"): return static(environ, session, path) try: query = parse_qs(environ["QUERY_STRING"]) except KeyError: query = None if query: logger.info("Query: %s" % (query,)) resp = None if path == "": #?user=<rs_uid> resp = opbyuid(environ, start_response) _val = {"uid": query["user"][0]} resp.headers.append(CookieHandler.create_cookie( json.dumps(_val), "uma_rs", cookie_name=COOKIE_NAME)) return resp(environ, start_response) elif path == "rp": # Authenticating the user and binding the RS to the AS link = acr = "" if "uid" in query: try: link = RES_SRV.find_srv_discovery_url( resource=query["uid"][0]) except requests.ConnectionError: resp = ServiceError("Webfinger lookup failed, connection error") return resp(environ, start_response) elif "url" in query: link = query["url"][0] if "acr_values" in query: acr = query["acr_values"][0] else: acr = query["uid"][0].split("@")[0] # The userid if link: RES_SRV.srv_discovery_url = link md5 = hashlib.md5() md5.update(link) opkey = base64.b16encode(md5.digest()) session["callback"] = True func = getattr(RES_SRV, "begin") return func(environ, start_response, session, opkey, acr_value=acr) else: resp = BadRequest() return resp(environ, start_response) elif path.startswith("info"): # Assume query of the form # info/<uid>/<bundle>[?attr=<attribute>[&attr=<attribute>]] or # info/<uid>[?attr=<attribute>[&attr=<attribute>]] owner = path[5:] try: res = RES_SRV.dataset_endpoint(path, owner, environ) except Unknown: resp = BadRequest("Unknown user: %s" % owner) return resp(environ, start_response) except UnknownAuthzSrv: resp = BadRequest("User have not registered an authz server") return resp(environ, start_response) except KeyError, err: resp = BadRequest("Missing info: %s" % err) return resp(environ, start_response) # either a ErrorResponse or a ResourceResponse er = ErrorResponse().from_json(res) try: er.verify() headers = [] for var in ["as_uri", "host_id", "error"]: try: headers.append((var, str(er[var]))) except KeyError: pass if "ticket" in er: prr = PermissionRegistrationResponse(ticket=er["ticket"]) resp = Forbidden(prr.to_json(), headers=headers, content="application/json") else: resp = Unauthorized(headers=headers) except MissingRequiredAttribute: rr = ResourceResponse().from_json(res) resp = Response(rr.to_json()) return resp(environ, start_response)