0
|
1 from OFS.SimpleItem import SimpleItem
|
|
2 from Products.PageTemplates.PageTemplateFile import PageTemplateFile
|
|
3 from OFS.PropertyManager import PropertyManager
|
|
4
|
2
|
5 import logging
|
0
|
6 import datetime
|
2
|
7 import jwt
|
0
|
8
|
|
9
|
|
10 ZERO = datetime.timedelta(0)
|
|
11 class Utc(datetime.tzinfo):
|
|
12 def utcoffset(self, dt):
|
|
13 return ZERO
|
|
14
|
|
15 def tzname(self, dt):
|
|
16 return "UTC"
|
|
17
|
|
18 def dst(self, dt):
|
|
19 return ZERO
|
|
20 UTC = Utc()
|
|
21
|
|
22
|
|
23 class AuthTokenGenerator(SimpleItem, PropertyManager):
|
|
24 """Generator of auth tokens for OKFN Annotator"""
|
|
25
|
|
26 meta_type = 'AuthTokenGenerator'
|
2
|
27 _properties = ({'id':'consumer_key', 'type': 'string', 'mode': 'w'},
|
0
|
28 {'id':'consumer_secret', 'type': 'string', 'mode': 'w'},
|
|
29 )
|
|
30
|
|
31 manage_options = PropertyManager.manage_options + SimpleItem.manage_options
|
|
32
|
|
33 # Only change this if you're sure you know what you're doing
|
2
|
34 tokenTtl = 86400
|
0
|
35
|
|
36 def __init__(self, id, consumerKey=None, consumerSecret=None):
|
|
37 """init document viewer"""
|
2
|
38 self.id = id
|
0
|
39 self.consumer_key = consumerKey
|
|
40 self.consumer_secret = consumerSecret
|
|
41
|
|
42 def index_html(self, user='anonymous', password=None):
|
|
43 """returns authentication token for user"""
|
|
44 if self._token_allowed():
|
|
45 token = self._generate_token(user)
|
2
|
46 # set CORS headers
|
0
|
47 origin = self.REQUEST.getHeader("Origin", None)
|
|
48 if origin is not None:
|
|
49 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", origin)
|
|
50 else:
|
|
51 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", "*")
|
|
52
|
|
53 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true")
|
2
|
54 logging.debug("token=%s"%token)
|
|
55 self.REQUEST.RESPONSE.setHeader("Content-Type", "text/plain")
|
|
56 return token
|
|
57 # send as JSON
|
|
58 #self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json")
|
|
59 #json.dump(token, self.REQUEST.RESPONSE)
|
0
|
60 else:
|
|
61 self.REQUEST.RESPONSE.setStatus('Forbidden')
|
|
62 return "SORRY, NOT ALLOWED!"
|
|
63
|
|
64 def _token_allowed(self, user=None, password=None):
|
|
65 # here we should check the login
|
|
66 return True
|
|
67
|
|
68 def _generate_token(self, user_id):
|
|
69 #return JSON-token
|
2
|
70 issue_time = datetime.datetime.now(UTC).replace(microsecond=0)
|
|
71
|
|
72 return jwt.encode({
|
|
73 'consumerKey': self.consumer_key,
|
|
74 'userId': user_id,
|
|
75 'issuedAt': issue_time.isoformat(),
|
|
76 'ttl': self.tokenTtl
|
|
77 }, self.consumer_secret)
|
|
78
|
0
|
79
|
|
80 def manage_addAuthTokenGeneratorForm(self):
|
|
81 """form for adding AuthTokenGenerator"""
|
|
82 pt = PageTemplateFile("zpt/manage_addAuthTokenGenerator", globals()).__of__(self)
|
|
83 return pt()
|
|
84
|
|
85 def manage_addAuthTokenGenerator(context, id, consumerKey=None, consumerSecret=None):
|
|
86 """ """
|
|
87 context._setObject(id, AuthTokenGenerator(id, consumerKey=consumerKey, consumerSecret=consumerSecret))
|
|
88 return "AuthTokenGenerator Installed: %s" % id
|