def introspection_endpoint_(self, request="", requestor="", **kwargs): """ The endpoint URI at which the resource server introspects an RPT presented to it by a client. """ logger.debug("requestor: %s, request: %s" % (requestor, request)) ir = IntrospectionRequest().from_json(request) try: _info = self.session.get(ir["token"]) irep = IntrospectionResponse( valid=True, expires_at=_info["expires_at"], ) try: #requestor = self.rpt[ir["token"]]["requestor"] perms = self.permit.get_accepted(requestor, ir["token"]) except KeyError: pass else: if perms: irep["permissions"] = perms else: logger.info("No permissions bound to this RPT") logger.debug("response: %s" % irep.to_json()) response = Response(irep.to_json(), content="application/json") except ToOld: logger.info("RPT expired") irep = IntrospectionResponse(valid=False) response = Response(irep.to_json(), content="application/json") except KeyError: response = BadRequest() return response
def introspection_endpoint_(self, user, **kwargs): """ The endpoint URI at which the resource server introspects an RPT presented to it by a client. """ request = kwargs["request"] logger.debug("requestor: %s, request: %s" % (user, request)) ir = IntrospectionRequest().from_json(request) adb = self.get_adb(kwargs["client_id"]) try: try: # requestor = self.rpt[ir["token"]]["requestor"] perms = adb.permit.get_accepted_by_rpt(user, ir["token"]) except KeyError: response = BadRequest() else: if perms: irep = IntrospectionResponse(active=True, exp=perms[0]["exp"], permissions=perms) logger.debug("response: %s" % irep.to_json()) response = Response(irep.to_json(), content="application/json") else: logger.info("No permissions bound to this RPT") response = BadRequest() except ToOld: logger.info("RPT expired") irep = IntrospectionResponse(valid=False) response = Response(irep.to_json(), content="application/json") except KeyError: response = BadRequest() return response
def introspection_endpoint_(self, entity, **kwargs): """ The endpoint URI at which the resource server introspects an RPT presented to it by a client. """ request = kwargs["request"] logger.debug("requestor: %s, request: %s" % (entity, request)) ir = IntrospectionRequest().from_json(request) owner = safe_name(entity, kwargs["client_id"]) try: try: # requestor = self.rpt[ir["token"]]["requestor"] perms = self.permit.get_accepted(owner, ir["token"]) except KeyError: response = BadRequest() else: if perms: irep = IntrospectionResponse(active=True, exp=perms[0]["exp"], permissions=perms) logger.debug("response: %s" % irep.to_json()) response = Response(irep.to_json(), content="application/json") else: logger.info("No permissions bound to this RPT") response = BadRequest() except ToOld: logger.info("RPT expired") irep = IntrospectionResponse(valid=False) response = Response(irep.to_json(), content="application/json") except KeyError: response = BadRequest() return response
def test_introspection_response(): msg = """{ "valid": true, "expires_at": 1256953732, "issued_at": 1256912345, "permissions": [ { "resource_set_id": "112210f47de98100", "scopes": [ "http://photoz.example.com/dev/actions/view", "http://photoz.example.com/dev/actions/all" ], "expires_at" : 1256923456 } ] }""" ir = IntrospectionResponse().from_json(msg) print(ir) assert ir["valid"] is True assert ir["expires_at"] == 1256953732 perm = ir["permissions"] assert len(perm) == 1 assert perm[0]["resource_set_id"] == "112210f47de98100" resp = ir.to_json() print(resp) assert resp ir2 = IntrospectionResponse(**ir.to_dict()) assert ir2["valid"] is True assert ir2["expires_at"] == 1256953732 perm = ir2["permissions"] assert len(perm) == 1 assert perm[0]["resource_set_id"] == "112210f47de98100"