Mercurial > hg > OKFNAnnotator

view AuthTokenGenerator.py @ 0:c33668e282fa

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
first checkin.
author casties
date Fri, 23 Mar 2012 16:33:53 +0100
parents
children 4c6c8835fc5c
line wrap: on
line source

from OFS.SimpleItem import SimpleItem
from Products.PageTemplates.PageTemplateFile import PageTemplateFile
from OFS.PropertyManager import PropertyManager

import datetime
import hashlib
import json


ZERO = datetime.timedelta(0)
class Utc(datetime.tzinfo):
    def utcoffset(self, dt):
        return ZERO

    def tzname(self, dt):
        return "UTC"

    def dst(self, dt):
        return ZERO
UTC = Utc()


class AuthTokenGenerator(SimpleItem, PropertyManager):
    """Generator of auth tokens for OKFN Annotator"""
    
    meta_type = 'AuthTokenGenerator'
    _properties=({'id':'consumer_key', 'type': 'string', 'mode': 'w'},
                 {'id':'consumer_secret', 'type': 'string', 'mode': 'w'},
                )
    
    manage_options = PropertyManager.manage_options + SimpleItem.manage_options

    # Only change this if you're sure you know what you're doing
    consumerTtl = 86400

    def __init__(self, id, consumerKey=None, consumerSecret=None):
        """init document viewer"""
        self.id=id
        self.consumer_key = consumerKey
        self.consumer_secret = consumerSecret

    def index_html(self, user='anonymous', password=None):
        """returns authentication token for user"""
        if self._token_allowed():
            token = self._generate_token(user)
            self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json")
            origin = self.REQUEST.getHeader("Origin", None)
            if origin is not None:
                self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", origin)
            else:
                self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", "*")

            self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true")
            json.dump(token, self.REQUEST.RESPONSE)
        else:
            self.REQUEST.RESPONSE.setStatus('Forbidden')
            return "SORRY, NOT ALLOWED!" 

    def _token_allowed(self, user=None, password=None):
        # here we should check the login
        return True

    def _generate_token(self, user_id):
        #return JSON-token
        issue_time = datetime.datetime.now(UTC).isoformat()
        token = hashlib.sha256(self.consumer_secret + user_id + issue_time).hexdigest()
    
        return dict(
            consumerKey=self.consumer_key,
            authToken=token,
            authTokenIssueTime=issue_time,
            authTokenTTL=self.consumerTtl,
            userId=user_id
        )

def manage_addAuthTokenGeneratorForm(self):
    """form for adding AuthTokenGenerator"""
    pt = PageTemplateFile("zpt/manage_addAuthTokenGenerator", globals()).__of__(self)
    return pt()

def manage_addAuthTokenGenerator(context, id, consumerKey=None, consumerSecret=None):
    """ """
    context._setObject(id, AuthTokenGenerator(id, consumerKey=consumerKey, consumerSecret=consumerSecret))
    return "AuthTokenGenerator Installed: %s" % id