示例#1
0
    def _client_credentials(self, _request):
        _api_key = _request.get("client_id")
        _api_secret = _request.get("client_secret")
        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _api_key
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _api_key)
            self.send_error(400)
            return

        _api = json.loads(_api)
        _app_uuid = _api[0]
        _api_uuid = _api[1]
        _api_level = _api[2]
        # _api[3] is api_secret

        if _api_level != API_LEVEL.PPCOM and _api_level != API_LEVEL.PPCONSOLE and _api_level != API_LEVEL.THIRD_PARTY_CONSOLE:
            self.send_error(400)
            return

        if _api_level == API_LEVEL.PPCONSOLE:
            _api_level = API_LEVEL.PPCONSOLE_BEFORE_LOGIN

        if _api_secret != _api[3]:
            logging.error(
                "client_secret not match client_id:%s, client_secret:%s, api_scecret:%s"
                % (_api_key, _api_secret, _api[3]))
            self.send_error(400)
            return

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)

        _row = ApiTokenData(uuid=str(uuid.uuid1()),
                            api_code=_api_code,
                            api_token=_api_token,
                            app_uuid=_app_uuid,
                            api_uuid=_api_uuid,
                            api_level=_api_level)
        _row.async_add(_redis)
        _row.create_redis_keys(_redis)

        self.set_header("Content-Type", "application/json")
        self._header()
        _return = {
            "access_token": _api_token,
            "token_type": "Bearer",
        }
        self.write(json.dumps(_return))
        return
示例#2
0
    def _client_credentials(self, _request):
        _api_key = _request.get("client_id")
        _api_secret = _request.get("client_secret")
        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _api_key
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _api_key)
            self.send_error(400)
            return

        _api = json.loads(_api)
        _api_uuid = _api[0]
        _api_level = _api[1]

        if _api_level != API_LEVEL.PPCOM and _api_level != API_LEVEL.PPCONSOLE and _api_level != API_LEVEL.THIRD_PARTY_CONSOLE:
            self.send_error(400)
            return
        
        if _api_level == API_LEVEL.PPCONSOLE:
            _api_level = API_LEVEL.PPCONSOLE_BEFORE_LOGIN

        if _api_secret != _api[3]:
            logging.error("client_secret not match client_id:%s, client_secret:%s, api_scecret:%s" % (_api_key, _api_secret, _api[3]))
            self.send_error(400)
            return

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)
        
        _row = ApiTokenData(uuid=str(uuid.uuid1()),
                            api_code=_api_code,
                            api_token=_api_token,
                            api_uuid=_api_uuid,
                            api_level=_api_level)
        _row.async_add(_redis)
        _row.create_redis_keys(_redis)

        self.set_header("Content-Type", "application/json")
        self._header()
        _return = {
            "access_token": _api_token,
            "token_type": "Bearer",
        }
        self.write(json.dumps(_return))
        return
示例#3
0
    def get(self, *args, **kwargs):
        _fields = ["client_id", "redirect_uri", "state", "scope", "response_type"]
        _request_dict = {}
        for _field in _fields:
            _request_dict[_field] = self.get_query_argument(_field, default=None)

        if _request_dict.get("response_type") != "code":
            logging.error("response_type not code")
            self.send_error(501)
            return

        if _request_dict.get("client_id") == None:
            logging.error("no client_id")
            self.send_error(400)
            return

        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _request_dict.get("client_id")
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _request_dict.get("client_id"))
            self.send_error(404)
            return

        _api = json.loads(_api)
        _app_uuid = _api[0]
        _api_uuid = _api[1]
        _api_level = _api[2]

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)
        
        _row = ApiTokenData(uuid=str(uuid.uuid1()), api_code=_api_code, api_token=_api_token,
                            app_uuid=_app_uuid, api_uuid=_api_uuid, api_level=_api_level)
        _row.async_add(_redis)
        _row.create_redis_keys(_redis)

        if _request_dict.get("redirect_uri") != None:
            loader = Loader(os.path.abspath(os.path.dirname(__file__)) + "/static/templates")
            login_form = loader.load("login_form.html").generate(**{
                "state": _request_dict.get("state"),
                "redirect_uri": _request_dict.get("redirect_uri"),
                "token_data_uuid": _row.uuid
            })
            self.write(login_form)
            return

        if _request_dict.get("redirect_uri") == None:
            self.set_header("Content-Type", "application/json")
            self._header()
            _return = {
                "state": _request_dict.get("state"),
                "code": _row.api_code,
            }
            self.write(json.dumps(_return))
            return
        
        return
示例#4
0
    def _password(self, _request):
        _api_key = _request.get("client_id")
        _user_email = _request.get("user_email")
        _user_password = _request.get("user_password")

        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _api_key
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _api_key)
            self._write_error()
            return

        _api = json.loads(_api)
        _app_uuid = _api[0]
        _api_uuid = _api[1]
        _api_level = _api[2]
        # _api[3] is api_secret

        if _api_level != API_LEVEL.PPKEFU and _api_level != API_LEVEL.PPCONSOLE:
            logging.error("only PPKEFU / PPCONSOLE use password mode")
            self._write_error()
            return

        _key = DeviceUser.__tablename__ + ".user_email." + _user_email
        _user_uuid = _redis.get(_key)
        if _user_uuid == None:
            logging.error("no such user %s" % _user_email)
            self._write_error()
            return

        _key = DeviceUser.__tablename__ + ".uuid." + _user_uuid
        _password = _redis.hget(_key, "user_password")
        if _user_password != _password:
            logging.error("password not match in:%s, real:%s" % (_user_password, _password))
            self._write_error()
            return

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)
        
        _row = ApiTokenData(uuid=str(uuid.uuid1()), api_code=_api_code, api_token=_api_token,
                            app_uuid=_app_uuid, api_uuid=_api_uuid, api_level=_api_level)
        _row.async_add(_redis)
        _row.create_redis_keys(_redis)

        self.set_header("Content-Type", "application/json")
        self._header()
        _return = {
            "error_code": 0,
            "access_token": _api_token,
            "user_uuid": _user_uuid,
            "token_type": "Bearer",
        }
        self.write(json.dumps(_return))
        return
示例#5
0
    def get(self, *args, **kwargs):
        _fields = [
            "client_id", "redirect_uri", "state", "scope", "response_type"
        ]
        _request_dict = {}
        for _field in _fields:
            _request_dict[_field] = self.get_query_argument(_field,
                                                            default=None)

        if _request_dict.get("response_type") != "code":
            logging.error("response_type not code")
            self.send_error(501)
            return

        if _request_dict.get("client_id") == None:
            logging.error("no client_id")
            self.send_error(400)
            return

        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _request_dict.get(
            "client_id")
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _request_dict.get("client_id"))
            self.send_error(404)
            return

        _api = json.loads(_api)
        _app_uuid = _api[0]
        _api_uuid = _api[1]
        _api_level = _api[2]

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)

        _row = ApiTokenData(uuid=str(uuid.uuid1()),
                            api_code=_api_code,
                            api_token=_api_token,
                            app_uuid=_app_uuid,
                            api_uuid=_api_uuid,
                            api_level=_api_level)
        _row.async_add()
        _row.create_redis_keys(_redis)

        if _request_dict.get("redirect_uri") != None:
            loader = Loader(
                os.path.abspath(os.path.dirname(__file__)) +
                "/static/templates")
            login_form = loader.load("login_form.html").generate(
                **{
                    "state": _request_dict.get("state"),
                    "redirect_uri": _request_dict.get("redirect_uri"),
                    "token_data_uuid": _row.uuid
                })
            self.write(login_form)
            return

        if _request_dict.get("redirect_uri") == None:
            self.set_header("Content-Type", "application/json")
            self._header()
            _return = {
                "state": _request_dict.get("state"),
                "code": _row.api_code,
            }
            self.write(json.dumps(_return))
            return

        return
示例#6
0
    def _password(self, _request):
        _api_key = _request.get("client_id")
        _user_email = _request.get("user_email")
        _user_password = _request.get("user_password")

        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _api_key
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _api_key)
            self._write_error()
            return

        _api = json.loads(_api)
        _app_uuid = _api[0]
        _api_uuid = _api[1]
        _api_level = _api[2]
        # _api[3] is api_secret

        if _api_level != API_LEVEL.PPKEFU and _api_level != API_LEVEL.PPCONSOLE:
            logging.error("only PPKEFU / PPCONSOLE use password mode")
            self._write_error()
            return

        _key = DeviceUser.__tablename__ + ".user_email." + _user_email
        _user_uuid = _redis.get(_key)
        if _user_uuid == None:
            logging.error("no such user %s" % _user_email)
            self._write_error()
            return

        _key = DeviceUser.__tablename__ + ".uuid." + _user_uuid
        _password = _redis.hget(_key, "user_password")
        if _user_password != _password:
            logging.error("password not match in:%s, real:%s" %
                          (_user_password, _password))
            self._write_error()
            return

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)

        _row = ApiTokenData(uuid=str(uuid.uuid1()),
                            api_code=_api_code,
                            api_token=_api_token,
                            app_uuid=_app_uuid,
                            api_uuid=_api_uuid,
                            api_level=_api_level)
        _row.async_add(_redis)
        _row.create_redis_keys(_redis)

        self.set_header("Content-Type", "application/json")
        self._header()
        _return = {
            "error_code": 0,
            "access_token": _api_token,
            "user_uuid": _user_uuid,
            "token_type": "Bearer",
        }
        self.write(json.dumps(_return))
        return