def default_authentication_behavior(core, http_request, credentials):
"""
Default behavior in response to a server creation. This will create
a session for the tenant if one does not already exist, and return
the auth token for that session. In the case of
:class:`PasswordCredentials`, :class:`ApiKeyCredentials`, or
:class:`TokenCredentials`, also returns the service catalog.
:param core: An instance of :class:`mimic.core.MimicCore`
:param http_request: A twisted http request/response object
:param credentials: An `mimic.model.identity.ICredentials` provider
Handles setting the response code and also
:return: The response body for a default authentication request.
"""
try:
session = credentials.get_session(core.sessions)
except NonMatchingTenantError as e:
http_request.setResponseCode(401)
if type(credentials) == TokenCredentials:
message = ("Token doesn't belong to Tenant with Id/Name: "
"'{0}'".format(e.desired_tenant))
else:
message = ("Tenant with Name/Id: '{0}' is not valid for "
"User '{1}' (id: '{2}')".format(e.desired_tenant,
e.session.username,
e.session.user_id))
return json.dumps({"unauthorized": {"code": 401, "message": message}})
else:
if type(credentials) == ImpersonationCredentials:
return json.dumps({
"access": {
"token": {
"id": credentials.impersonated_token,
"expires": format_timestamp(session.expires)
}
}
})
http_request.setResponseCode(200)
prefix_map = {
# map of entry to URI prefix for that entry
}
def lookup(entry):
return prefix_map[entry]
result = get_token(
session.tenant_id,
entry_generator=lambda tenant_id: list(
core.entries_for_tenant(session.tenant_id, prefix_map,
base_uri_from_request(http_request))),
prefix_for_endpoint=lookup,
response_token=session.token,
response_user_id=session.user_id,
response_user_name=session.username,
)
return json.dumps(result)
def default_authentication_behavior(core, http_request, credentials):
"""
Default behavior in response to a server creation. This will create
a session for the tenant if one does not already exist, and return
the auth token for that session. In the case of
:class:`PasswordCredentials`, :class:`ApiKeyCredentials`, or
:class:`TokenCredentials`, also returns the service catalog.
:param core: An instance of :class:`mimic.core.MimicCore`
:param http_request: A twisted http request/response object
:param credentials: An `mimic.model.identity.ICredentials` provider
Handles setting the response code and also
:return: The response body for a default authentication request.
"""
try:
session = credentials.get_session(core.sessions)
except NonMatchingTenantError as e:
http_request.setResponseCode(401)
if type(credentials) == TokenCredentials:
message = "Token doesn't belong to Tenant with Id/Name: " "'{0}'".format(e.desired_tenant)
else:
message = "Tenant with Name/Id: '{0}' is not valid for " "User '{1}' (id: '{2}')".format(
e.desired_tenant, e.session.username, e.session.user_id
)
return json.dumps({"unauthorized": {"code": 401, "message": message}})
else:
if type(credentials) == ImpersonationCredentials:
return json.dumps(
{
"access": {
"token": {"id": credentials.impersonated_token, "expires": format_timestamp(session.expires)}
}
}
)
http_request.setResponseCode(200)
prefix_map = {
# map of entry to URI prefix for that entry
}
def lookup(entry):
return prefix_map[entry]
result = get_token(
session.tenant_id,
entry_generator=lambda tenant_id: list(
core.entries_for_tenant(session.tenant_id, prefix_map, base_uri_from_request(http_request))
),
prefix_for_endpoint=lookup,
response_token=session.token,
response_user_id=session.user_id,
response_user_name=session.username,
)
return json.dumps(result)
def get_impersonation_token(self, request):
"""
Return a token id with expiration.
"""
# FIXME: TEST
request.setResponseCode(200)
content = json.loads(request.content.read())
expires_in = content["RAX-AUTH:impersonation"]["expire-in-seconds"]
username = content["RAX-AUTH:impersonation"]["user"]["username"]
session = self.core.sessions.session_for_impersonation(username, expires_in)
return json.dumps({"access": {"token": {"id": session.token, "expires": format_timestamp(session.expires)}}})
def get_impersonation_token(self, request):
"""
Return a token id with expiration.
"""
# FIXME: TEST
request.setResponseCode(200)
content = json.loads(request.content.read())
expires_in = content['RAX-AUTH:impersonation']['expire-in-seconds']
username = content['RAX-AUTH:impersonation']['user']['username']
session = self.core.session_for_impersonation(username, expires_in)
return json.dumps({
"access": {
"token": {
"id": session.token,
"expires": format_timestamp(session.expires)
}
}
})
def get_impersonation_token(self, request):
"""
Return a token id with expiration.
"""
request.setResponseCode(200)
try:
content = json.loads(request.content.read())
except ValueError:
request.setResponseCode(400)
return json.dumps(invalid_resource("Invalid JSON request body"))
expires_in = content['RAX-AUTH:impersonation']['expire-in-seconds']
username = content['RAX-AUTH:impersonation']['user']['username']
session = self.core.sessions.session_for_impersonation(username,
expires_in)
return json.dumps({"access": {
"token": {"id": session.token,
"expires": format_timestamp(session.expires)}
}})
def get_impersonation_token(self, request):
"""
Return a token id with expiration.
"""
request.setResponseCode(200)
try:
content = json.loads(request.content.read())
except ValueError:
request.setResponseCode(400)
return json.dumps(invalid_resource("Invalid JSON request body"))
expires_in = content['RAX-AUTH:impersonation']['expire-in-seconds']
username = content['RAX-AUTH:impersonation']['user']['username']
session = self.core.sessions.session_for_impersonation(
username, expires_in)
return json.dumps({
"access": {
"token": {
"id": session.token,
"expires": format_timestamp(session.expires)
}
}
})