Exemplo n.º 1
0
    def _authorize_user(self, username, key, req):
        """Generates a new token and assigns it to a user.

        username - string
        key - string API key
        req - wsgi.Request object
        """
        ctxt = context.get_admin_context()

        project_id = req.headers.get('X-Auth-Project-Id')
        if project_id is None:
            # If the project_id is not provided in the headers, be forgiving to
            # the user and set project_id based on a valid project of theirs.
            user = self.auth.get_user_from_access_key(key)
            projects = self.auth.get_projects(user.id)
            if not projects:
                raise webob.exc.HTTPUnauthorized()
            project_id = projects[0].id

        try:
            user = self.auth.get_user_from_access_key(key)
        except exception.NotFound:
            LOG.warn(_("User not found with provided API key."))
            user = None

        if user and user.name == username:
            token_hash = hashlib.sha1(
                '%s%s%f' % (username, key, time.time())).hexdigest()
            token_dict = {}
            token_dict['token_hash'] = token_hash
            token_dict['cdn_management_url'] = ''
            os_url = req.url
            token_dict['server_management_url'] = os_url.strip('/')
            version = common.get_version_from_href(os_url)
            if version in ('1.1', '2'):
                token_dict['server_management_url'] += '/' + project_id
            token_dict['storage_url'] = ''
            token_dict['user_id'] = user.id
            token = self.db.auth_token_create(ctxt, token_dict)
            return token, user
        elif user and user.name != username:
            msg = _("Provided API key is valid, but not for user "
                    "'%(username)s'") % locals()
            LOG.warn(msg)

        return None, None
Exemplo n.º 2
0
    def _authorize_user(self, username, key, req):
        """Generates a new token and assigns it to a user.

        username - string
        key - string API key
        req - wsgi.Request object
        """
        ctxt = context.get_admin_context()

        project_id = req.headers.get('X-Auth-Project-Id')
        if project_id is None:
            # If the project_id is not provided in the headers, be forgiving to
            # the user and set project_id based on a valid project of theirs.
            user = self.auth.get_user_from_access_key(key)
            projects = self.auth.get_projects(user.id)
            if not projects:
                raise webob.exc.HTTPUnauthorized()
            project_id = projects[0].id

        try:
            user = self.auth.get_user_from_access_key(key)
        except exception.NotFound:
            LOG.warn(_("User not found with provided API key."))
            user = None

        if user and user.name == username:
            token_hash = hashlib.sha1('%s%s%f' % (username, key,
                time.time())).hexdigest()
            token_dict = {}
            token_dict['token_hash'] = token_hash
            token_dict['cdn_management_url'] = ''
            os_url = req.url
            token_dict['server_management_url'] = os_url.strip('/')
            version = common.get_version_from_href(os_url)
            if version in ('1.1', '2'):
                token_dict['server_management_url'] += '/' + project_id
            token_dict['storage_url'] = ''
            token_dict['user_id'] = user.id
            token = self.db.auth_token_create(ctxt, token_dict)
            return token, user
        elif user and user.name != username:
            msg = _("Provided API key is valid, but not for user "
                    "'%(username)s'") % locals()
            LOG.warn(msg)

        return None, None
Exemplo n.º 3
0
 def test_get_version_from_href_default(self):
     fixture = 'http://www.testsite.com/images'
     expected = '2'
     actual = common.get_version_from_href(fixture)
     self.assertEqual(actual, expected)
Exemplo n.º 4
0
 def test_get_version_from_href_2(self):
     fixture = 'http://www.testsite.com/v1.1'
     expected = '1.1'
     actual = common.get_version_from_href(fixture)
     self.assertEqual(actual, expected)
Exemplo n.º 5
0
 def test_get_version_from_href_default(self):
     fixture = "http://www.testsite.com/images"
     expected = "2"
     actual = common.get_version_from_href(fixture)
     self.assertEqual(actual, expected)
Exemplo n.º 6
0
 def test_get_version_from_href_2(self):
     fixture = "http://www.testsite.com/v1.1"
     expected = "1.1"
     actual = common.get_version_from_href(fixture)
     self.assertEqual(actual, expected)