def parse_authorization_header(value): if not value: return value = wsgi_to_bytes(value) try: auth_type, auth_info = value.split(None, 1) auth_type = auth_type.lower() except ValueError: return if auth_type == b'session': try: username, userid, session = base64.b64decode(auth_info).split( b':', 3) userid = int(userid) except Exception: return return Authorization( 'session', { 'username': bytes_to_wsgi(username), 'userid': userid, 'session': bytes_to_wsgi(session), }) # JMO: the initial implementation used 'token', # but the IETF specifies 'Bearer' # (cf https://datatracker.ietf.org/doc/html/rfc6750#section-2.1 ). # So, we allow both to maintain compatibility with previous uses, # and be compatible with standard HTTP clients. elif auth_type in (b'token', b'bearer'): return Authorization('token', {'token': bytes_to_wsgi(auth_info)})
def wrapper(request, *args, **kwargs): pool = Pool() UserApplication = pool.get('res.user.application') authorization = wsgi_to_bytes(request.headers['Authorization']) try: auth_type, auth_info = authorization.split(None, 1) auth_type = auth_type.lower() except ValueError: abort(HTTPStatus.UNAUTHORIZED) if auth_type != b'bearer': abort(HTTPStatus.FORBIDDEN) application = UserApplication.check(bytes_to_wsgi(auth_info), name) if not application: abort(HTTPStatus.FORBIDDEN) transaction = Transaction() # TODO language with transaction.set_user(application.user.id), \ transaction.set_context(_check_access=True): try: response = func(request, *args, **kwargs) except Exception as e: if isinstance(e, HTTPException): raise logger.error('%s', request, exc_info=True) abort(HTTPStatus.INTERNAL_SERVER_ERROR, e) if not isinstance(response, Response) and json: response = Response(json_.dumps(response, cls=JSONEncoder), content_type='application/json') return response
def get_authorization(self): """ Get the username and password for Basic authentication header. :return Authentication: The authentication data or None if it is not present or invalid. """ auth = get_authorization_header() if not auth: return None auth_type, auth_info = auth if auth_type != b'basic': return None try: username, password = base64.b64decode(auth_info).split(b':', 1) except Exception: return None return Authorization('basic', username=bytes_to_wsgi(username), password=bytes_to_wsgi(password))
def parse_authorization_header(value): if not value: return value = wsgi_to_bytes(value) try: auth_type, auth_info = value.split(None, 1) auth_type = auth_type.lower() except ValueError: return if auth_type == b'session': try: username, userid, session = base64.b64decode(auth_info).split( b':', 3) userid = int(userid) except Exception: return return Authorization('session', { 'username': bytes_to_wsgi(username), 'userid': userid, 'session': bytes_to_wsgi(session), })