def wrap_action(self, action_, *args, **kwargs):
"""
Wrap the controller action ``action_``.
:param action_: The controller action to be wrapped.
``args`` and ``kwargs`` are the positional and named arguments which
will be passed to ``action_`` when called.
"""
try:
# get token
# from header information
request = RequestOAuth(args[0].R)
with ResponseHTTP(response=request.response) as t:
_in = u'Failed'
# handle token
token = request.access_token
if token:
oauth_context = TokenManager.get_token_context(token.get('token'))
if oauth_context.valid:
args[0].__dict__.update(R=request)
kwargs.update(dict(oauth_context=oauth_context))
# not mandatory use of oauth, but valid token
if self.anon:
LOG.debug(oauth_context.valid)
return action_(*args, **kwargs)
# validate scope
elif TokenManager.has_valid_scope(oauth_context.scopes, self.allowed_scopes):
LOG.debug(oauth_context.scopes)
# kwargs.update(dict(oauth_context=oauth_context))
return action_(*args, **kwargs)
else:
if self.anon:
return action_(*args, **kwargs)
# api_key = request.matchdict.get(self.api_field, None)
# otherwise, we're done, you're not allowed
message = 'Not authorized for request.'
code, status = ResponseHTTP.FORBIDDEN
return t.to_json(_in,
message=message,
code=code, status=status)
except ValueError as e:
LOG.debug(e.message)
def get_token_context(token):
return TokenManager.get_token_context(token)
