def authenticate_credentials(self, key): # pylint:disable=arguments-differ
try:
auth_parts = base64.b64decode(key).decode('utf-8').split(
RedisEphemeralTokens.SEPARATOR)
except (TypeError, UnicodeDecodeError, binascii.Error):
msg = 'Invalid basic header. Credentials not correctly base64 encoded.'
raise exceptions.AuthenticationFailed(msg)
if len(auth_parts) != 2:
msg = 'Invalid token header. Token should contain token and uuid.'
raise exceptions.AuthenticationFailed(msg)
token = auth_parts[0]
token_uuid = auth_parts[1]
ephemeral_token = RedisEphemeralTokens(token_uuid)
if not ephemeral_token:
msg = 'Invalid token.'
raise exceptions.AuthenticationFailed(msg)
scope = ephemeral_token.scope
if not ephemeral_token.check_token(token=token):
ephemeral_token.clear()
msg = 'Invalid token header'
raise exceptions.AuthenticationFailed(msg)
return EphemeralUser(scope=scope), None
def test_objects(self):
token = RedisEphemeralTokens()
assert token.key is not None
assert token.redis_key == RedisEphemeralTokens.KEY_EPHEMERAL_TOKENS.format(
token.key)
assert token.get_state() is None
assert token.salt is None
assert token.ttl is None
assert token.scope is None
token = RedisEphemeralTokens.generate(
scope=token.get_scope(1, 'experiment', 1))
assert token.get_state() is not None
assert token.salt is not None
assert token.ttl == conf.get(TTL_EPHEMERAL_TOKEN)
assert token.scope == token.get_scope(1, 'experiment', 1)
assert token.check_token('foo') is False
# Checking delete the token
assert token.get_state() is None
token = RedisEphemeralTokens.generate(
scope=token.get_scope(1, 'experiment', 1))
assert token.check_token(None) is False
# Checking delete the token
assert token.get_state() is None
token = RedisEphemeralTokens.generate(
scope=token.get_scope(1, 'experiment', 1))
valid = RedisEphemeralTokens.make_token(token)
assert token.check_token(valid) is True
# Checking delete the token
assert token.get_state() is None
assert token.salt is None
assert token.ttl is None
assert token.scope is None