def protected():
"""
Enforce the bearer token authentication
.. note:: In this method, returning nothing will yield back to the request handling methods.
"""
current_request: Request = request
request_path = current_request.path
request_method = current_request.method
request.id = uuid.uuid4()
request.claims = dict()
request.user_id = None
if request_method == 'OPTIONS':
return _allow_cors(Response('', status=200, content_type='text/plain'))
fc: FrontController = container.get(FrontController)
if not fc.require_access_control(request_path[len(auto_path_prefix) + 1:]):
logger.debug(
f'REQUEST {request.id}: Request to {request_path} is extempted from authentication check.'
)
return
try:
bearer_token = current_request.headers['authorization']
except KeyError:
return _allow_cors(
make_error_response('missing_bearer_token', status=401))
if not bearer_token.startswith('Bearer '):
return _allow_cors(
make_error_response('bearer_token_required', status=401))
authenticator: Authenticator = container.get(Authenticator)
try:
access_token = bearer_token[7:]
request.claims = authenticator.decode_token(access_token)
request.user_id = request.claims['sub']
except InvalidTokenError:
logger.warning(
f'REQUEST {request.id}: Someone tried to use a fake token ("{access_token}").'
)
return _allow_cors(make_error_response('invalid_token', status=401))
except ExpiredTokenError:
logger.info(
f'REQUEST {request.id}: Intercepted an expired token ("{access_token}").'
)
return _allow_cors(make_error_response('expired_token', status=401))
def execute(self, args):
authenticator: Authenticator = container.get(Authenticator)
token = authenticator.encode_token(
dict(sub=args.subject, scopes=args.scopes))
print(f'Bearer Token: {token}')
print(f'Claims: {authenticator.decode_token(token)}')
def execute(self, args: Namespace):
print(f'Importing from {args.export_file_path}...')
rows: List[ExportedEntry] = []
with open(args.export_file_path, 'r') as f:
reader = csv.reader(f)
read_header = False
headers = []
for row in reader:
if not read_header:
read_header = True
headers.extend(row)
continue
if not row:
continue
rows.append(
ExportedEntry(**{
headers[i]: row[i].strip()
for i in range(len(headers))
}))
storage: StorageService = container.get(StorageService)
data = storage.load()
default_tag = f'imported:{time()}'
for row in rows:
tags = [default_tag]
if row.grouping:
tags.append(row.grouping)
if row.url == 'http://sn':
data.notes.append(Note.make(row.name, row.extra, tags))
else:
if row.url == 'http://':
tags.append('local')
else:
tags.append('web')
if re.search(r'^http://\d+(\.\d+){3}', row.url):
tags.append('intranet')
else:
tags.append('internet')
data.credentials.append(
Credential.make(row.name, row.username, row.password,
row.extra, tags))
storage.save(data)
def execute(self, args):
# Designed to work behind a proxy server.
service: KeymasterGRPCService = container.get(KeymasterGRPCService)
server = grpc.server(ThreadPoolExecutor(max_workers=10))
add_KeymasterServicer_to_server(service, server)
server.add_insecure_port(f'[::]:{args.port}')
server.start()
print(f'Listening on port {args.port}...')
try:
while True:
pass
except KeyboardInterrupt:
print('\rService terminating...')
finally:
server.stop(None)
print('\rService terminated cleanly')
def delegate_to_front_controller(request_path):
fc: FrontController = container.get(FrontController)
method = str(request.method).lower()
# List all available paths
if request_path == 'all':
if method != 'get':
return make_error_response('method_not_allowed', status=405)
return make_json_response(fc.route_map)
# TODO Use fc.find_route
route = None
route_matches: re.Match = None
for routing_pattern in fc.route_map:
route_matches = re.match(routing_pattern, request_path)
if route_matches:
route = fc.route_map[routing_pattern]
break
# TODO ↑
if not route:
return make_error_response('endpoint_not_found', status=404)
if not hasattr(route.handler, method):
return make_error_response(
'method_not_allowed',
details=dict(handler_class_name=type(route.handler).__name__,
handler_module_name=type(route.handler).__module__,
method=method.upper()),
status=405)
handling_method = getattr(route.handler(), method)
response = handling_method(**route_matches.groupdict())
if isinstance(response, Response):
return response
return make_json_response(response)
os.path.join(os.getcwd(), 'config/app.yml')))
parser.add_argument('--debug',
'-d',
action='store_true',
help='Enable the debug mode')
args = parser.parse_args()
logger = LoggerFactory.get('oriole',
level=logging.DEBUG if args.debug else None)
logger.debug('Application Configuration File: %s', args.config_file)
with open(args.config_file) as f:
config = yaml.load(f.read(), yaml.SafeLoader)
fc: FrontController = container.get(FrontController,
lock_down_enabled=False)
fc.map(config['routes'])
main_web_module_name = f'oriole.{config["backend"]}.web'
try:
web = importlib.import_module(main_web_module_name)
web.main(args)
except ImportError:
raise UnknownBackendModeError(
f'The "backend" configuration can only be either "sync" or "async".'
)