def authenticated_patron(self, db, token):
"""Go from a token to an authenticated Patron.
:param db: Database session
:type db: sqlalchemy.orm.session.Session
:param token: The provider token extracted from the Authorization
header. This is _not_ the bearer token found in
the Authorization header; it's the provider-specific token
embedded in that token.
:type token: Dict
:return: A Patron, if one can be authenticated. None, if the
credentials do not authenticate any particular patron. A
ProblemDetail if an error occurs.
:rtype: Union[Patron, ProblemDetail]
"""
data_source, ignore = self._get_token_data_source(db)
credential = Credential.lookup_by_token(db, data_source,
self.TOKEN_TYPE, token)
if credential:
return credential.patron
# This token wasn't in our database, or was expired. The
# patron will have to log in through the SAML provider again
# to get a new token.
return None
def patron_from_authdata_lookup(self, authdata):
"""Look up a patron by their persistent authdata token."""
credential = Credential.lookup_by_token(
self._db, self.data_source, self.AUTHDATA_TOKEN_TYPE,
authdata, allow_persistent_token=True
)
if not credential:
return None
return credential.patron
def urn_to_label(self, urn):
credential = Credential.lookup_by_token(
self._db, self.data_source, self.VENDOR_ID_UUID_TOKEN_TYPE,
urn, True)
if not credential:
return None
patron = credential.patron
uuid, label = self.uuid_and_label(credential.patron)
return label
