def token_from_id(self, token_id):
try:
tokens = identity.token_driver()
if (identity.auth_driver().__class__.__name__ != "NoAuthDriver"):
raise exceptions.InvalidTokenError(
'Auth-driver must be NoAuthDriver')
auth = identity.auth_driver().authenticate(None)
if auth is None:
raise exceptions.Unauthorized('Unauthorized credentials')
token = tokens.create_token(None, auth)
return token
except (TypeError, ValueError):
raise exceptions.InvalidTokenError('Malformed token')
def validate_token(self, token, user_id=None, username=None,
tenant_id=None):
if time.time() > token['expires']:
raise exceptions.InvalidTokenError("Expired token")
if user_id and str(token['user_id']) != user_id:
raise exceptions.InvalidTokenError("Invalid user ID")
if username and str(token['username']) != username:
raise exceptions.InvalidTokenError("Invalid username")
if tenant_id and str(token['tenant_id']) != tenant_id:
raise exceptions.InvalidTokenError("Invalid tenant ID")
def validate_access(self,
token,
user_id=None,
username=None,
tenant_id=None):
self.validate_token(token, user_id, username, tenant_id)
auth = auth_driver().authenticate(self.create_credentials(token))
if auth is None:
raise exceptions.InvalidTokenError("Token is no longer valid")
def token_from_id(self, token_id):
try:
return json.loads(aes.decode_aes(base64.b64decode(token_id)))
except (TypeError, ValueError):
raise exceptions.InvalidTokenError('Malformed token')