OKFNAnnotator: AuthTokenGenerator.py annotate

annotate AuthTokenGenerator.py @ 0:c33668e282fa

first checkin.

author	casties
date	Fri, 23 Mar 2012 16:33:53 +0100
parents
children	4c6c8835fc5c

rev	line source
0 c33668e282fa first checkin. casties parents: diff changeset	1 from OFS.SimpleItem import SimpleItem
c33668e282fa first checkin. casties parents: diff changeset	2 from Products.PageTemplates.PageTemplateFile import PageTemplateFile
c33668e282fa first checkin. casties parents: diff changeset	3 from OFS.PropertyManager import PropertyManager
c33668e282fa first checkin. casties parents: diff changeset	4
c33668e282fa first checkin. casties parents: diff changeset	5 import datetime
c33668e282fa first checkin. casties parents: diff changeset	6 import hashlib
c33668e282fa first checkin. casties parents: diff changeset	7 import json
c33668e282fa first checkin. casties parents: diff changeset	8
c33668e282fa first checkin. casties parents: diff changeset	9
c33668e282fa first checkin. casties parents: diff changeset	10 ZERO = datetime.timedelta(0)
c33668e282fa first checkin. casties parents: diff changeset	11 class Utc(datetime.tzinfo):
c33668e282fa first checkin. casties parents: diff changeset	12 def utcoffset(self, dt):
c33668e282fa first checkin. casties parents: diff changeset	13 return ZERO
c33668e282fa first checkin. casties parents: diff changeset	14
c33668e282fa first checkin. casties parents: diff changeset	15 def tzname(self, dt):
c33668e282fa first checkin. casties parents: diff changeset	16 return "UTC"
c33668e282fa first checkin. casties parents: diff changeset	17
c33668e282fa first checkin. casties parents: diff changeset	18 def dst(self, dt):
c33668e282fa first checkin. casties parents: diff changeset	19 return ZERO
c33668e282fa first checkin. casties parents: diff changeset	20 UTC = Utc()
c33668e282fa first checkin. casties parents: diff changeset	21
c33668e282fa first checkin. casties parents: diff changeset	22
c33668e282fa first checkin. casties parents: diff changeset	23 class AuthTokenGenerator(SimpleItem, PropertyManager):
c33668e282fa first checkin. casties parents: diff changeset	24 """Generator of auth tokens for OKFN Annotator"""
c33668e282fa first checkin. casties parents: diff changeset	25
c33668e282fa first checkin. casties parents: diff changeset	26 meta_type = 'AuthTokenGenerator'
c33668e282fa first checkin. casties parents: diff changeset	27 _properties=({'id':'consumer_key', 'type': 'string', 'mode': 'w'},
c33668e282fa first checkin. casties parents: diff changeset	28 {'id':'consumer_secret', 'type': 'string', 'mode': 'w'},
c33668e282fa first checkin. casties parents: diff changeset	29 )
c33668e282fa first checkin. casties parents: diff changeset	30
c33668e282fa first checkin. casties parents: diff changeset	31 manage_options = PropertyManager.manage_options + SimpleItem.manage_options
c33668e282fa first checkin. casties parents: diff changeset	32
c33668e282fa first checkin. casties parents: diff changeset	33 # Only change this if you're sure you know what you're doing
c33668e282fa first checkin. casties parents: diff changeset	34 consumerTtl = 86400
c33668e282fa first checkin. casties parents: diff changeset	35
c33668e282fa first checkin. casties parents: diff changeset	36 def __init__(self, id, consumerKey=None, consumerSecret=None):
c33668e282fa first checkin. casties parents: diff changeset	37 """init document viewer"""
c33668e282fa first checkin. casties parents: diff changeset	38 self.id=id
c33668e282fa first checkin. casties parents: diff changeset	39 self.consumer_key = consumerKey
c33668e282fa first checkin. casties parents: diff changeset	40 self.consumer_secret = consumerSecret
c33668e282fa first checkin. casties parents: diff changeset	41
c33668e282fa first checkin. casties parents: diff changeset	42 def index_html(self, user='anonymous', password=None):
c33668e282fa first checkin. casties parents: diff changeset	43 """returns authentication token for user"""
c33668e282fa first checkin. casties parents: diff changeset	44 if self._token_allowed():
c33668e282fa first checkin. casties parents: diff changeset	45 token = self._generate_token(user)
c33668e282fa first checkin. casties parents: diff changeset	46 self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json")
c33668e282fa first checkin. casties parents: diff changeset	47 origin = self.REQUEST.getHeader("Origin", None)
c33668e282fa first checkin. casties parents: diff changeset	48 if origin is not None:
c33668e282fa first checkin. casties parents: diff changeset	49 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", origin)
c33668e282fa first checkin. casties parents: diff changeset	50 else:
c33668e282fa first checkin. casties parents: diff changeset	51 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", "*")
c33668e282fa first checkin. casties parents: diff changeset	52
c33668e282fa first checkin. casties parents: diff changeset	53 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true")
c33668e282fa first checkin. casties parents: diff changeset	54 json.dump(token, self.REQUEST.RESPONSE)
c33668e282fa first checkin. casties parents: diff changeset	55 else:
c33668e282fa first checkin. casties parents: diff changeset	56 self.REQUEST.RESPONSE.setStatus('Forbidden')
c33668e282fa first checkin. casties parents: diff changeset	57 return "SORRY, NOT ALLOWED!"
c33668e282fa first checkin. casties parents: diff changeset	58
c33668e282fa first checkin. casties parents: diff changeset	59 def _token_allowed(self, user=None, password=None):
c33668e282fa first checkin. casties parents: diff changeset	60 # here we should check the login
c33668e282fa first checkin. casties parents: diff changeset	61 return True
c33668e282fa first checkin. casties parents: diff changeset	62
c33668e282fa first checkin. casties parents: diff changeset	63 def _generate_token(self, user_id):
c33668e282fa first checkin. casties parents: diff changeset	64 #return JSON-token
c33668e282fa first checkin. casties parents: diff changeset	65 issue_time = datetime.datetime.now(UTC).isoformat()
c33668e282fa first checkin. casties parents: diff changeset	66 token = hashlib.sha256(self.consumer_secret + user_id + issue_time).hexdigest()
c33668e282fa first checkin. casties parents: diff changeset	67
c33668e282fa first checkin. casties parents: diff changeset	68 return dict(
c33668e282fa first checkin. casties parents: diff changeset	69 consumerKey=self.consumer_key,
c33668e282fa first checkin. casties parents: diff changeset	70 authToken=token,
c33668e282fa first checkin. casties parents: diff changeset	71 authTokenIssueTime=issue_time,
c33668e282fa first checkin. casties parents: diff changeset	72 authTokenTTL=self.consumerTtl,
c33668e282fa first checkin. casties parents: diff changeset	73 userId=user_id
c33668e282fa first checkin. casties parents: diff changeset	74 )
c33668e282fa first checkin. casties parents: diff changeset	75
c33668e282fa first checkin. casties parents: diff changeset	76 def manage_addAuthTokenGeneratorForm(self):
c33668e282fa first checkin. casties parents: diff changeset	77 """form for adding AuthTokenGenerator"""
c33668e282fa first checkin. casties parents: diff changeset	78 pt = PageTemplateFile("zpt/manage_addAuthTokenGenerator", globals()).__of__(self)
c33668e282fa first checkin. casties parents: diff changeset	79 return pt()
c33668e282fa first checkin. casties parents: diff changeset	80
c33668e282fa first checkin. casties parents: diff changeset	81 def manage_addAuthTokenGenerator(context, id, consumerKey=None, consumerSecret=None):
c33668e282fa first checkin. casties parents: diff changeset	82 """ """
c33668e282fa first checkin. casties parents: diff changeset	83 context._setObject(id, AuthTokenGenerator(id, consumerKey=consumerKey, consumerSecret=consumerSecret))
c33668e282fa first checkin. casties parents: diff changeset	84 return "AuthTokenGenerator Installed: %s" % id

Mercurial > hg > OKFNAnnotator

annotate AuthTokenGenerator.py @ 0:c33668e282fa