async def make_request(self, params, headers, cookies):
try:
response = await aiohttp.request(
'get',
settings.API_URL,
params=params,
headers=headers,
cookies=cookies,
)
except aiohttp.errors.ClientError:
raise exceptions.AuthError('Unable to connect to auth sever',
code=503)
if response.status != 200:
try:
data = await response.json()
except ValueError:
data = await response.read()
raise exceptions.AuthError(data, code=response.status)
try:
raw = await response.json()
signed_jwt = jwe.decrypt(raw['payload'].encode(), JWE_KEY)
data = jwt.decode(signed_jwt,
settings.JWT_SECRET,
algorithm=settings.JWT_ALGORITHM,
options={'require_exp': True})
return data['data']
except (jwt.InvalidTokenError, KeyError):
raise exceptions.AuthError(data, code=response.status)
async def make_request(self, params, headers, cookies):
try:
# Note: with simple request whose response is handled right afterwards without "being passed
# further along", use the context manager so WB doesn't need to handle the sessions.
async with aiohttp.request(
'get',
settings.API_URL,
params=params,
headers=headers,
cookies=cookies,
) as response:
if response.status != 200:
try:
data = await response.json()
except (ValueError, ContentTypeError):
data = await response.read()
raise exceptions.AuthError(data, code=response.status)
try:
raw = await response.json()
signed_jwt = jwe.decrypt(raw['payload'].encode(), JWE_KEY)
data = jwt.decode(signed_jwt,
settings.JWT_SECRET,
algorithm=settings.JWT_ALGORITHM,
options={'require_exp': True})
return data['data']
except (jwt.InvalidTokenError, KeyError):
raise exceptions.AuthError(data, code=response.status)
except ClientError:
raise exceptions.AuthError('Unable to connect to auth sever',
code=503)
def fetch(self, request, bundle):
"""Used for v0"""
headers = {'Content-Type': 'application/json'}
if 'Authorization' in request.headers:
headers['Authorization'] = request.headers['Authorization']
cookie = request.query_arguments.get('cookie')
if cookie:
bundle['cookie'] = cookie[0].decode()
view_only = request.query_arguments.get('view_only')
if view_only:
bundle['view_only'] = view_only[0].decode()
response = yield from aiohttp.request(
'get',
settings.API_URL,
params=bundle,
headers=headers,
cookies=dict(request.cookies),
)
if response.status != 200:
try:
data = yield from response.json()
except ValueError:
data = yield from response.read()
raise exceptions.AuthError(data, code=response.status)
return (yield from response.json())
def fetch(self, request, bundle):
headers = {
'Content-Type': 'application/json',
}
authorization = request.headers.get('Authorization')
if authorization and authorization.startswith('Bearer '):
headers['Authorization'] = authorization
elif 'token' in bundle:
headers['Authorization'] = 'Bearer ' + bundle['token']
response = yield from aiohttp.request(
'get',
settings.API_URL,
params=bundle,
headers=headers
)
if response.status != 200:
try:
data = yield from response.json()
except ValueError:
data = yield from response.read()
raise exceptions.AuthError(data, code=response.status)
return (yield from response.json())
def get(self, resource, provider, request):
"""Used for v1"""
headers = {'Content-Type': 'application/json'}
if 'Authorization' in request.headers:
headers['Authorization'] = request.headers['Authorization']
params = {
'nid': resource,
'provider': provider,
'action': self.ACTION_MAP[request.method.lower()]
}
cookie = request.query_arguments.get('cookie')
if cookie:
params['cookie'] = cookie[0].decode()
view_only = request.query_arguments.get('view_only')
if view_only:
params['view_only'] = view_only[0].decode()
try:
response = yield from aiohttp.request(
'get',
settings.API_URL,
params=params,
headers=headers,
cookies=dict(request.cookies),
)
except aiohttp.errors.ClientError:
raise exceptions.AuthError('Unable to connect to auth sever',
code=503)
if response.status != 200:
try:
data = yield from response.json()
except ValueError:
data = yield from response.read()
raise exceptions.AuthError(data, code=response.status)
return (yield from response.json())