示例#1
0
def default_authentication_behavior(core, http_request, credentials):
    """
    Default behavior in response to a server creation.  This will create
    a session for the tenant if one does not already exist, and return
    the auth token for that session.  In the case of
    :class:`PasswordCredentials`, :class:`ApiKeyCredentials`, or
    :class:`TokenCredentials`, also returns the service catalog.

    :param core: An instance of :class:`mimic.core.MimicCore`
    :param http_request: A twisted http request/response object
    :param credentials: An `mimic.model.identity.ICredentials` provider

    Handles setting the response code and also
    :return: The response body for a default authentication request.
    """
    try:
        session = credentials.get_session(core.sessions)
    except NonMatchingTenantError as e:
        http_request.setResponseCode(401)
        if type(credentials) == TokenCredentials:
            message = ("Token doesn't belong to Tenant with Id/Name: "
                       "'{0}'".format(e.desired_tenant))
        else:
            message = ("Tenant with Name/Id: '{0}' is not valid for "
                       "User '{1}' (id: '{2}')".format(e.desired_tenant,
                                                       e.session.username,
                                                       e.session.user_id))

        return json.dumps({"unauthorized": {"code": 401, "message": message}})
    else:
        if type(credentials) == ImpersonationCredentials:
            return json.dumps({
                "access": {
                    "token": {
                        "id": credentials.impersonated_token,
                        "expires": format_timestamp(session.expires)
                    }
                }
            })

        http_request.setResponseCode(200)
        prefix_map = {
            # map of entry to URI prefix for that entry
        }

        def lookup(entry):
            return prefix_map[entry]

        result = get_token(
            session.tenant_id,
            entry_generator=lambda tenant_id: list(
                core.entries_for_tenant(session.tenant_id, prefix_map,
                                        base_uri_from_request(http_request))),
            prefix_for_endpoint=lookup,
            response_token=session.token,
            response_user_id=session.user_id,
            response_user_name=session.username,
        )
        return json.dumps(result)
示例#2
0
def default_authentication_behavior(core, http_request, credentials):
    """
    Default behavior in response to a server creation.  This will create
    a session for the tenant if one does not already exist, and return
    the auth token for that session.  In the case of
    :class:`PasswordCredentials`, :class:`ApiKeyCredentials`, or
    :class:`TokenCredentials`, also returns the service catalog.

    :param core: An instance of :class:`mimic.core.MimicCore`
    :param http_request: A twisted http request/response object
    :param credentials: An `mimic.model.identity.ICredentials` provider

    Handles setting the response code and also
    :return: The response body for a default authentication request.
    """
    try:
        session = credentials.get_session(core.sessions)
    except NonMatchingTenantError as e:
        http_request.setResponseCode(401)
        if type(credentials) == TokenCredentials:
            message = "Token doesn't belong to Tenant with Id/Name: " "'{0}'".format(e.desired_tenant)
        else:
            message = "Tenant with Name/Id: '{0}' is not valid for " "User '{1}' (id: '{2}')".format(
                e.desired_tenant, e.session.username, e.session.user_id
            )

        return json.dumps({"unauthorized": {"code": 401, "message": message}})
    else:
        if type(credentials) == ImpersonationCredentials:
            return json.dumps(
                {
                    "access": {
                        "token": {"id": credentials.impersonated_token, "expires": format_timestamp(session.expires)}
                    }
                }
            )

        http_request.setResponseCode(200)
        prefix_map = {
            # map of entry to URI prefix for that entry
        }

        def lookup(entry):
            return prefix_map[entry]

        result = get_token(
            session.tenant_id,
            entry_generator=lambda tenant_id: list(
                core.entries_for_tenant(session.tenant_id, prefix_map, base_uri_from_request(http_request))
            ),
            prefix_for_endpoint=lookup,
            response_token=session.token,
            response_user_id=session.user_id,
            response_user_name=session.username,
        )
        return json.dumps(result)
示例#3
0
    def get_impersonation_token(self, request):
        """
        Return a token id with expiration.
        """
        # FIXME: TEST
        request.setResponseCode(200)
        content = json.loads(request.content.read())
        expires_in = content["RAX-AUTH:impersonation"]["expire-in-seconds"]
        username = content["RAX-AUTH:impersonation"]["user"]["username"]

        session = self.core.sessions.session_for_impersonation(username, expires_in)
        return json.dumps({"access": {"token": {"id": session.token, "expires": format_timestamp(session.expires)}}})
示例#4
0
    def get_impersonation_token(self, request):
        """
        Return a token id with expiration.
        """
        # FIXME: TEST
        request.setResponseCode(200)
        content = json.loads(request.content.read())
        expires_in = content['RAX-AUTH:impersonation']['expire-in-seconds']
        username = content['RAX-AUTH:impersonation']['user']['username']

        session = self.core.session_for_impersonation(username, expires_in)
        return json.dumps({
            "access": {
                "token": {
                    "id": session.token,
                    "expires": format_timestamp(session.expires)
                }
            }
        })
示例#5
0
文件: auth_api.py 项目: isaacm/mimic
    def get_impersonation_token(self, request):
        """
        Return a token id with expiration.
        """
        request.setResponseCode(200)
        try:
            content = json.loads(request.content.read())
        except ValueError:
            request.setResponseCode(400)
            return json.dumps(invalid_resource("Invalid JSON request body"))

        expires_in = content['RAX-AUTH:impersonation']['expire-in-seconds']
        username = content['RAX-AUTH:impersonation']['user']['username']

        session = self.core.sessions.session_for_impersonation(username,
                                                               expires_in)
        return json.dumps({"access": {
            "token": {"id": session.token,
                      "expires": format_timestamp(session.expires)}
        }})
示例#6
0
    def get_impersonation_token(self, request):
        """
        Return a token id with expiration.
        """
        request.setResponseCode(200)
        try:
            content = json.loads(request.content.read())
        except ValueError:
            request.setResponseCode(400)
            return json.dumps(invalid_resource("Invalid JSON request body"))

        expires_in = content['RAX-AUTH:impersonation']['expire-in-seconds']
        username = content['RAX-AUTH:impersonation']['user']['username']

        session = self.core.sessions.session_for_impersonation(
            username, expires_in)
        return json.dumps({
            "access": {
                "token": {
                    "id": session.token,
                    "expires": format_timestamp(session.expires)
                }
            }
        })