def validateSessionWithToken(self, sid, clientSecret, token): valSessionStore = ThreePidValSessionStore(self.sydent) s = valSessionStore.getTokenSessionById(sid) if not s: logger.info("Session ID %s not found", (sid)) return False if not clientSecret == s.clientSecret: logger.info("Incorrect client secret", (sid)) raise IncorrectClientSecretException() if s.mtime + ValidationSession.THREEPID_SESSION_VALIDATION_TIMEOUT < time_msec(): logger.info("Session expired") raise SessionExpiredException() # TODO once we can validate the token oob #if tokenObj.validated and clientSecret == tokenObj.clientSecret: # return True if s.token == token: logger.info("Setting session %s as validated", (s.id)) valSessionStore.setValidated(s.id, True) return {'success': True} else: logger.info("Incorrect token submitted") return False
def validateSessionWithToken(self, sid, clientSecret, token): valSessionStore = ThreePidValSessionStore(self.sydent) s = valSessionStore.getTokenSessionById(sid) if not s: logger.info("Session ID %s not found", (sid)) return False if not clientSecret == s.clientSecret: logger.info("Incorrect client secret", (sid)) raise IncorrectClientSecretException() if s.mtime + ValidationSession.THREEPID_SESSION_VALIDATION_TIMEOUT_MS < time_msec( ): logger.info("Session expired") raise SessionExpiredException() # TODO once we can validate the token oob #if tokenObj.validated and clientSecret == tokenObj.clientSecret: # return True if s.token == token: logger.info("Setting session %s as validated", (s.id)) valSessionStore.setValidated(s.id, True) return {'success': True} else: logger.info("Incorrect token submitted") return False
def validateSessionWithToken(sydent, sid, clientSecret, token): """ Attempt to validate a session, identified by the sid, using the token from out-of-band. The client secret is given to prevent attempts to guess the token for a sid. If the session was sucessfully validated, return a dict with 'success': True that can be sent to the client, otherwise return False. """ valSessionStore = ThreePidValSessionStore(sydent) s = valSessionStore.getTokenSessionById(sid) if not s: logger.info("Session ID %s not found", (sid)) return False if not clientSecret == s.clientSecret: logger.info("Incorrect client secret", (sid)) raise IncorrectClientSecretException() if s.mtime + ValidationSession.THREEPID_SESSION_VALIDATION_TIMEOUT_MS < time_msec(): logger.info("Session expired") raise SessionExpiredException() # TODO once we can validate the token oob #if tokenObj.validated and clientSecret == tokenObj.clientSecret: # return True if s.token == token: logger.info("Setting session %s as validated", (s.id)) valSessionStore.setValidated(s.id, True) return {'success': True} else: logger.info("Incorrect token submitted") return False
def validateSessionWithToken(sydent, sid, clientSecret, token): """ Attempt to validate a session, identified by the sid, using the token from out-of-band. The client secret is given to prevent attempts to guess the token for a sid. :param sid: The ID of the session to validate. :type sid: unicode :param clientSecret: The client secret to validate. :type clientSecret: unicode :param token: The token to validate. :type token: unicode :return: A dict with a "success" key which is True if the session was successfully validated, False otherwise. :rtype: dict[str, bool] :raise IncorrectClientSecretException: The provided client_secret is incorrect. :raise SessionExpiredException: The session has expired. :raise InvalidSessionIdException: The session ID couldn't be matched with an existing session. :raise IncorrectSessionTokenException: The provided token is incorrect """ valSessionStore = ThreePidValSessionStore(sydent) s = valSessionStore.getTokenSessionById(sid) if not s: logger.info("Session ID %s not found", sid) raise InvalidSessionIdException() if not clientSecret == s.clientSecret: logger.info("Incorrect client secret", sid) raise IncorrectClientSecretException() if s.mtime + ValidationSession.THREEPID_SESSION_VALIDATION_TIMEOUT_MS < time_msec( ): logger.info("Session expired") raise SessionExpiredException() # TODO once we can validate the token oob #if tokenObj.validated and clientSecret == tokenObj.clientSecret: # return True if s.token == token: logger.info("Setting session %s as validated", s.id) valSessionStore.setValidated(s.id, True) return {'success': True} else: logger.info("Incorrect token submitted") raise IncorrectSessionTokenException()
def validateSessionWithToken(sydent, sid, clientSecret, token): """ Attempt to validate a session, identified by the sid, using the token from out-of-band. The client secret is given to prevent attempts to guess the token for a sid. If the session was sucessfully validated, return a dict with 'success': True that can be sent to the client, otherwise return False. """ valSessionStore = ThreePidValSessionStore(sydent) s = valSessionStore.getTokenSessionById(sid) if not s: logger.info("Session ID %s not found", (sid)) return False if not clientSecret == s.clientSecret: logger.info("Incorrect client secret", (sid)) raise IncorrectClientSecretException() if s.mtime + ValidationSession.THREEPID_SESSION_VALIDATION_TIMEOUT_MS < time_msec( ): logger.info("Session expired") raise SessionExpiredException() # TODO once we can validate the token oob #if tokenObj.validated and clientSecret == tokenObj.clientSecret: # return True if s.token == token: logger.info("Setting session %s as validated", (s.id)) valSessionStore.setValidated(s.id, True) return {'success': True} else: logger.info("Incorrect token submitted") return False