def policy(**kwargs):
"""Policy helper function
Spawns a Policy() object with the rule set specified in the policy.json
file.
"""
global _cached_compiled
if _cached_compiled is None:
override_file = g.app.path + '/policy.json'
luxon = Module('luxon')
policy = luxon.read('policy.json')
try:
policy = js.loads(policy)
except JSONDecodeError as exception:
raise JSONDecodeError("Invalid Luxon 'policy.json' %s" % exception)
if is_file(override_file):
with open(override_file, 'r') as override:
override = override.read()
try:
override = js.loads(override)
except JSONDecodeError as exception:
raise JSONDecodeError("Invalid Override 'policy.json' %s" %
exception)
else:
override = {}
policy.update(override)
_cached_compiled = compiler(policy)
return Policy(_cached_compiled, **kwargs)
def getjson(self, section, option, fallback=None):
"""Load JSON object from value.
Args:
section (str): section name.
option (str): option name.
Kwargs:
fallback: Dict or List.
Returns dict or list.
"""
try:
val = self.get(section, option)
if val.strip() == '' and fallback is not None:
return fallback
elif val.strip() == '':
raise configparser.NoSectionError(section) from None
except configparser.NoSectionError as e:
if fallback is not None:
return fallback
else:
raise configparser.NoSectionError(section) from None
except configparser.NoOptionError as e:
if fallback is not None:
return fallback
else:
raise configparser.NoOptionError(section, option) from None
try:
return js.loads(val)
except json.decoder.JSONDecodeError as e:
raise configparser.ParsingError("section '%s'" % section +
" option '%s'" % option +
" (JSON %s)" % e) from None
def jwt_cookie(self):
if not self.is_ajax and not self.get_header('X-Auth-Token'):
if self._cached_jwt_cookie is None:
if 'photonicLogin' in self.cookies:
try:
self._cached_jwt_cookie = js.loads(
base64.b64decode(self.cookies['photonicLogin']))
except Exception:
log.error('JWT Cookie corrupt: %s' %
self.cookies['photomicLogin'])
return self._cached_jwt_cookie
def parse_token(self, token):
self._initial()
token = if_unicode_to_bytes(token)
signature, token = token.split(b'!!!!')
self._token_sig = self._check_token(signature, token)
self._token = js.loads(base64.b64decode(token))
self._token_sig = signature
utc_now = now()
utc_expire = utc(self._token['expire'])
if utc_now > utc_expire:
raise AccessDenied('Token Expired')
def __init__(self):
app_root = g.app.app_root
# Compile the policies if policy.json found.
if os.path.isfile(app_root + '/policy.json'):
policy_file = open(app_root + '/policy.json', 'r')
rule_set = js.loads(policy_file.read())
self._compiled = compiler(rule_set)
else:
log.warning("No 'policy.json' found in '" + app_root + "/policy.json'" +
" compiling empty rule set")
self._compiled = compiler({})
def policy(**kwargs):
"""Policy helper function
Spawns a Policy() object with the rule set specified in the policy.json
file.
"""
global _cached_compiled
if _cached_compiled is None:
policy_file = g.app.path + '/policy.json'
if is_file(policy_file):
with open(policy_file, 'r') as rule_set:
_cached_compiled = compiler(js.loads(rule_set.read()))
else:
raise FileNotFoundError(policy_file)
return Policy(_cached_compiled, **kwargs)
def token(self, token):
# Load exisiting token
token = if_unicode_to_bytes(token)
signature, b64_token = token.split(b'!!!!')
try:
self._rsakey.verify(signature, b64_token)
except ValueError as e:
raise AccessDeniedError('Invalid Auth Token. %s' % e)
decoded = js.loads(base64.b64decode(b64_token))
utc_expire = utc(decoded['expire'])
if now() > utc_expire:
raise AccessDeniedError('Auth Token Expired')
self._credentials = decoded
def json(self):
if self._cached_json is None:
self._cached_json = js.loads(self.stream.read())
return self._cached_json
def load(self):
req = g.current_request
cookie = self._session_id
session = req.cookies.get(cookie)
if session:
self._session.update(js.loads(base64.b64decode(session)))