def authenticate(self, username=None, password=None, request=None): """ Return user if validated by LDAP. Return None otherwise. """ #First argument, username, should hold the OAuth Token, no password. # if 'username' in username, the authentication is meant for CAS # if username and password, the authentication is meant for LDAP logger.debug("[OAUTH] Authentication Test") if not request: logger.debug("[OAUTH] Authentication skipped - No Request.") return None auth = request.META.get('HTTP_AUTHORIZATION', '').split() if len(auth) == 2 and auth[0].lower() == "Bearer": oauth_token = auth[1] logger.debug("[OAUTH] OAuth Token - %s " % oauth_token) valid_user, _ = get_user_for_token(oauth_token) if not valid_user: logger.debug("[OAUTH] Token %s invalid, no user found." % oauth_token) return None logger.debug("[OAUTH] Authorized user %s" % valid_user) oauth_attrs = oauth_lookupUser(valid_user) attributes = oauth_formatAttrs(oauth_attrs) logger.debug("[OAUTH] Authentication Success - " + valid_user) return get_or_create_user(valid_user, attributes)
def validate_oauth_token(token, request=None): """ Validates the token attached to the request (SessionStorage, GET/POST) On every request, ask OAuth to authorize the token """ #Authorization test username, expires = get_user_for_token(token) if not username: return False auth_token = createOAuthToken(username, token, expires) logger.info("AuthToken for %s:%s" % (username, auth_token)) if not auth_token: return False return True
def validate_oauth_token(token, request=None): """ Validates the token attached to the request (SessionStorage, GET/POST) On every request, ask OAuth to authorize the token """ #Authorization test username, expires = get_user_for_token(token) if not username: return False auth_token = createOAuthToken(username, token, expires) logger.info("AuthToken for %s:%s" % (username,auth_token)) if not auth_token: return False return True