def request_client_credential_sshagent(self, client_id=None, agent_keyname = None): """ This is designed to support section 4.4 of the OAuth 2.0 spec: "The client can request an access token using only its client credentials (or other supported means of authentication) when the client is requesting access to the protected resources under its control" """ body = 'grant_type=client_credentials' path = '/goauth/token' method = 'POST' url_parts = ('https', self.server, path, None, None) url = urlparse.urlunsplit(url_parts) # Handle options based on explicitly parameters - ignore implicit options based # on instance attributes if client_id is None: client_id = self.client if agent_keyname is None: agent_keyname = self.agent_keyname if agent_keyname and client_id: headers = sign_with_sshagent(self.agent_keys[agent_keyname], path, method, client_id, body=body) response = requests.post(url, data={'grant_type': 'client_credentials'}, headers=headers, verify=self.verify_ssl) else: raise Exception('Requires client_id and ssh agent_keyname as parameters or as part of initial config to authenticate credential request') return response.json()
def sshagent_get_request_token(self, username, client_id, keyname): query_params = {"response_type": "code", "client_id": client_id} query_params = urllib.urlencode(query_params) path = '/goauth/authorize' method = 'GET' headers = sign_with_sshagent(self.agent_keys[keyname], path, method, username, query=query_params) url_parts = ('https', self.server, '/goauth/authorize', query_params, None) url = urlparse.urlunsplit(url_parts) response = requests.get(url, headers=headers, verify=self.verify_ssl) return response.json()
def sshagent_get_request_token(self, username, client_id, keyname): query_params = { "response_type": "code", "client_id": client_id } query_params = urllib.urlencode(query_params) path = '/goauth/authorize' method = 'GET' headers = sign_with_sshagent(self.agent_keys[keyname], path, method, username, query=query_params) url_parts = ('https', self.server, '/goauth/authorize', query_params, None) url = urlparse.urlunsplit(url_parts) response = requests.get(url, headers=headers, verify=self.verify_ssl) return response.json()
def request_client_credential_sshagent(self, client_id=None, agent_keyname=None): """ This is designed to support section 4.4 of the OAuth 2.0 spec: "The client can request an access token using only its client credentials (or other supported means of authentication) when the client is requesting access to the protected resources under its control" """ body = 'grant_type=client_credentials' path = '/goauth/token' method = 'POST' url_parts = ('https', self.server, path, None, None) url = urlparse.urlunsplit(url_parts) # Handle options based on explicitly parameters - ignore implicit options based # on instance attributes if client_id is None: client_id = self.client if agent_keyname is None: agent_keyname = self.agent_keyname if agent_keyname and client_id: headers = sign_with_sshagent(self.agent_keys[agent_keyname], path, method, client_id, body=body) response = requests.post(url, data={'grant_type': 'client_credentials'}, headers=headers, verify=self.verify_ssl) else: raise Exception( 'Requires client_id and ssh agent_keyname as parameters or as part of initial config to authenticate credential request' ) return response.json()