Mercurial > hg > OKFNAnnotator
comparison AuthTokenGenerator.py @ 0:c33668e282fa
first checkin.
| author | casties |
|---|---|
| date | Fri, 23 Mar 2012 16:33:53 +0100 |
| parents | |
| children | 4c6c8835fc5c |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:c33668e282fa |
|---|---|
| 1 from OFS.SimpleItem import SimpleItem | |
| 2 from Products.PageTemplates.PageTemplateFile import PageTemplateFile | |
| 3 from OFS.PropertyManager import PropertyManager | |
| 4 | |
| 5 import datetime | |
| 6 import hashlib | |
| 7 import json | |
| 8 | |
| 9 | |
| 10 ZERO = datetime.timedelta(0) | |
| 11 class Utc(datetime.tzinfo): | |
| 12 def utcoffset(self, dt): | |
| 13 return ZERO | |
| 14 | |
| 15 def tzname(self, dt): | |
| 16 return "UTC" | |
| 17 | |
| 18 def dst(self, dt): | |
| 19 return ZERO | |
| 20 UTC = Utc() | |
| 21 | |
| 22 | |
| 23 class AuthTokenGenerator(SimpleItem, PropertyManager): | |
| 24 """Generator of auth tokens for OKFN Annotator""" | |
| 25 | |
| 26 meta_type = 'AuthTokenGenerator' | |
| 27 _properties=({'id':'consumer_key', 'type': 'string', 'mode': 'w'}, | |
| 28 {'id':'consumer_secret', 'type': 'string', 'mode': 'w'}, | |
| 29 ) | |
| 30 | |
| 31 manage_options = PropertyManager.manage_options + SimpleItem.manage_options | |
| 32 | |
| 33 # Only change this if you're sure you know what you're doing | |
| 34 consumerTtl = 86400 | |
| 35 | |
| 36 def __init__(self, id, consumerKey=None, consumerSecret=None): | |
| 37 """init document viewer""" | |
| 38 self.id=id | |
| 39 self.consumer_key = consumerKey | |
| 40 self.consumer_secret = consumerSecret | |
| 41 | |
| 42 def index_html(self, user='anonymous', password=None): | |
| 43 """returns authentication token for user""" | |
| 44 if self._token_allowed(): | |
| 45 token = self._generate_token(user) | |
| 46 self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json") | |
| 47 origin = self.REQUEST.getHeader("Origin", None) | |
| 48 if origin is not None: | |
| 49 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", origin) | |
| 50 else: | |
| 51 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", "*") | |
| 52 | |
| 53 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true") | |
| 54 json.dump(token, self.REQUEST.RESPONSE) | |
| 55 else: | |
| 56 self.REQUEST.RESPONSE.setStatus('Forbidden') | |
| 57 return "SORRY, NOT ALLOWED!" | |
| 58 | |
| 59 def _token_allowed(self, user=None, password=None): | |
| 60 # here we should check the login | |
| 61 return True | |
| 62 | |
| 63 def _generate_token(self, user_id): | |
| 64 #return JSON-token | |
| 65 issue_time = datetime.datetime.now(UTC).isoformat() | |
| 66 token = hashlib.sha256(self.consumer_secret + user_id + issue_time).hexdigest() | |
| 67 | |
| 68 return dict( | |
| 69 consumerKey=self.consumer_key, | |
| 70 authToken=token, | |
| 71 authTokenIssueTime=issue_time, | |
| 72 authTokenTTL=self.consumerTtl, | |
| 73 userId=user_id | |
| 74 ) | |
| 75 | |
| 76 def manage_addAuthTokenGeneratorForm(self): | |
| 77 """form for adding AuthTokenGenerator""" | |
| 78 pt = PageTemplateFile("zpt/manage_addAuthTokenGenerator", globals()).__of__(self) | |
| 79 return pt() | |
| 80 | |
| 81 def manage_addAuthTokenGenerator(context, id, consumerKey=None, consumerSecret=None): | |
| 82 """ """ | |
| 83 context._setObject(id, AuthTokenGenerator(id, consumerKey=consumerKey, consumerSecret=consumerSecret)) | |
| 84 return "AuthTokenGenerator Installed: %s" % id |