def rpt_endpoint_(self, entity, client_id, **kwargs):
"""
Registers an Authorization Description
:param entity: Who's on the other side
:param client_id: The UMA client
:return: A Response instance
"""
adb = self.get_adb(client_id)
adr = AuthorizationDataRequest().from_json(kwargs["request"])
rpt = adb.issue_rpt(adr['ticket'], {'sub': entity})
rsp = AuthorizationDataResponse(rpt=rpt)
return Response(rsp.to_json())
def rpt_endpoint_(self, entity, client_id, **kwargs):
"""
Registers an Authorization Description
:param entity: Who's on the other side
:param client_id: The UMA client
:return: A Response instance
"""
adb = self.get_adb(client_id)
adr = AuthorizationDataRequest().from_json(kwargs["request"])
rpt = adb.issue_rpt(adr['ticket'], {'sub': entity})
rsp = AuthorizationDataResponse(rpt=rpt)
return Response(rsp.to_json())
def rpt_endpoint_(self, entity, client_id, **kwargs):
"""
Registers an Authorization Description
:param entity: Who's on the other side
:param client_id: The UMA client
:return: A Response instance
"""
adr = AuthorizationDataRequest().from_json(kwargs["request"])
# Get request permission that the resource server has registered
try:
prr_list = self.permission_requests.get_request(adr["ticket"])
except KeyError:
errmsg = ErrorResponse(error="invalid_ticket")
return BadRequest(errmsg.to_json(), content="application/json")
self.permission_requests.del_request(adr["ticket"])
try:
_rpt = adr["rpt"]
except KeyError:
_rpt = rndstr(32)
for prr in prr_list:
_rsid = prr["resource_set_id"]
# Verify that the scopes are defined for the resource set
owner = self.resource_set.rsid2oid[_rsid]
rsd = self.resource_set.read(owner, _rsid)
for scope in prr["scopes"]:
try:
assert scope in rsd["scopes"]
except AssertionError:
errmsg = ErrorResponse(error="not_authorized", error_description="Undefined scopes")
return BadRequest(errmsg.to_json(), content="application/json")
# Is there any permissions registered by the owner, if so verify
# that it allows what is requested. Return what is allowed !
try:
allow_scopes, timestamp = self.permit.get_permit(owner, entity, _rsid)
except KeyError: #
errmsg = ErrorResponse(error="not_authorized", error_description="No permission given")
return BadRequest(errmsg.to_json(), content="application/json")
else:
_scopes = []
for scope in prr["scopes"]:
try:
assert scope in allow_scopes
except AssertionError:
pass
else:
_scopes.append(scope)
# bind _requester to specific RPT for this user
try:
self.eid2rpt[owner][entity] = _rpt
except KeyError:
self.eid2rpt[owner] = {entity: _rpt}
self.register_permission(owner, _rpt, _rsid, _scopes)
rsp = AuthorizationDataResponse(rpt=_rpt)
return Response(rsp.to_json())
def rpt_endpoint_(self, entity, client_id, **kwargs):
"""
Registers an Authorization Description
:param entity: Who's on the other side
:param client_id: The UMA client
:return: A Response instance
"""
adr = AuthorizationDataRequest().from_json(kwargs["request"])
# Get request permission that the resource server has registered
try:
prr_list = self.permission_requests.get_request(adr["ticket"])
except KeyError:
errmsg = ErrorResponse(error="invalid_ticket")
return BadRequest(errmsg.to_json(), content="application/json")
self.permission_requests.del_request(adr["ticket"])
try:
_rpt = adr["rpt"]
except KeyError:
_rpt = rndstr(32)
for prr in prr_list:
_rsid = prr["resource_set_id"]
# Verify that the scopes are defined for the resource set
owner = self.resource_set.rsid2oid[_rsid]
rsd = self.resource_set.read(owner, _rsid)
for scope in prr["scopes"]:
try:
assert scope in rsd["scopes"]
except AssertionError:
errmsg = ErrorResponse(
error="not_authorized",
error_description="Undefined scopes")
return BadRequest(errmsg.to_json(),
content="application/json")
# Is there any permissions registered by the owner, if so verify
# that it allows what is requested. Return what is allowed !
try:
allow_scopes, timestamp = self.permit.get_permit(
owner, entity, _rsid)
except KeyError: #
errmsg = ErrorResponse(error="not_authorized",
error_description="No permission given")
return BadRequest(errmsg.to_json(), content="application/json")
else:
_scopes = []
for scope in prr["scopes"]:
try:
assert scope in allow_scopes
except AssertionError:
pass
else:
_scopes.append(scope)
# bind _requester to specific RPT for this user
try:
self.eid2rpt[owner][entity] = _rpt
except KeyError:
self.eid2rpt[owner] = {entity: _rpt}
self.register_permission(owner, _rpt, _rsid, _scopes)
rsp = AuthorizationDataResponse(rpt=_rpt)
return Response(rsp.to_json())
