def register(self, server, type="client_associate", **kwargs):
req = RegistrationRequest(type=type)
if type == "client_update" or type == "rotate_secret":
req["client_id"] = self.client_id
req["client_secret"] = self.client_secret
for prop in req.parameters():
if prop in ["type", "client_id", "client_secret"]:
continue
try:
val = getattr(self, prop)
if val:
req[prop] = val
except Exception:
val = None
if not val:
try:
req[prop] = kwargs[prop]
except KeyError:
pass
headers = {"content-type": "application/x-www-form-urlencoded"}
rsp = self.http_request(server, "POST", data=req.to_urlencoded(),
headers=headers)
if rsp.status_code == 200:
if type == "client_associate" or type == "rotate_secret":
rr = RegistrationResponseCARS()
else:
rr = RegistrationResponseCU()
resp = rr.deserialize(rsp.text, "json")
self.client_secret = resp["client_secret"]
self.client_id = resp["client_id"]
self.registration_expires = resp["expires_at"]
else:
err = ErrorResponse().deserialize(rsp.text, "json")
raise Exception("Registration failed: %s" % err.get_json())
return resp
if _cinfo["client_secret"] != request["client_secret"]:
logger.info("Wrong secret")
resp = BadRequest()
return resp(environ, start_response)
if request["type"] == "rotate_secret":
# update secret
client_secret = secret(self.seed, client_id)
_cinfo["client_secret"] = client_secret
old_key = request["client_secret"]
_keystore.remove_key(old_key, client_id, type="hmac",
usage="sig")
_keystore.remove_key(old_key, client_id, type="hmac",
usage="ver")
response = RegistrationResponseCARS(client_id=client_id)
else: # client_update
client_secret = None
for key,val in request.items():
if key in ["client_id", "client_secret"]:
continue
_cinfo[key] = val
response = RegistrationResponseCU(client_id=client_id)
self.keystore.load_keys(request, client_id, replace=True)
else:
resp = BadRequest("Unknown request type: %s" % request.type)
return resp(environ, start_response)
