# HG changeset patch
# User casties
# Date 1332516833 -3600
# Node ID c33668e282fa153aae2cd85a075e0dae49fba175
first checkin.
diff -r 000000000000 -r c33668e282fa .hgignore
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/.hgignore Fri Mar 23 16:33:53 2012 +0100
@@ -0,0 +1,5 @@
+
+syntax: regexp
+^\.project$
+syntax: regexp
+^\.pydevproject$
\ No newline at end of file
diff -r 000000000000 -r c33668e282fa AuthTokenGenerator.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/AuthTokenGenerator.py Fri Mar 23 16:33:53 2012 +0100
@@ -0,0 +1,84 @@
+from OFS.SimpleItem import SimpleItem
+from Products.PageTemplates.PageTemplateFile import PageTemplateFile
+from OFS.PropertyManager import PropertyManager
+
+import datetime
+import hashlib
+import json
+
+
+ZERO = datetime.timedelta(0)
+class Utc(datetime.tzinfo):
+ def utcoffset(self, dt):
+ return ZERO
+
+ def tzname(self, dt):
+ return "UTC"
+
+ def dst(self, dt):
+ return ZERO
+UTC = Utc()
+
+
+class AuthTokenGenerator(SimpleItem, PropertyManager):
+ """Generator of auth tokens for OKFN Annotator"""
+
+ meta_type = 'AuthTokenGenerator'
+ _properties=({'id':'consumer_key', 'type': 'string', 'mode': 'w'},
+ {'id':'consumer_secret', 'type': 'string', 'mode': 'w'},
+ )
+
+ manage_options = PropertyManager.manage_options + SimpleItem.manage_options
+
+ # Only change this if you're sure you know what you're doing
+ consumerTtl = 86400
+
+ def __init__(self, id, consumerKey=None, consumerSecret=None):
+ """init document viewer"""
+ self.id=id
+ self.consumer_key = consumerKey
+ self.consumer_secret = consumerSecret
+
+ def index_html(self, user='anonymous', password=None):
+ """returns authentication token for user"""
+ if self._token_allowed():
+ token = self._generate_token(user)
+ self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json")
+ origin = self.REQUEST.getHeader("Origin", None)
+ if origin is not None:
+ self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", origin)
+ else:
+ self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", "*")
+
+ self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true")
+ json.dump(token, self.REQUEST.RESPONSE)
+ else:
+ self.REQUEST.RESPONSE.setStatus('Forbidden')
+ return "SORRY, NOT ALLOWED!"
+
+ def _token_allowed(self, user=None, password=None):
+ # here we should check the login
+ return True
+
+ def _generate_token(self, user_id):
+ #return JSON-token
+ issue_time = datetime.datetime.now(UTC).isoformat()
+ token = hashlib.sha256(self.consumer_secret + user_id + issue_time).hexdigest()
+
+ return dict(
+ consumerKey=self.consumer_key,
+ authToken=token,
+ authTokenIssueTime=issue_time,
+ authTokenTTL=self.consumerTtl,
+ userId=user_id
+ )
+
+def manage_addAuthTokenGeneratorForm(self):
+ """form for adding AuthTokenGenerator"""
+ pt = PageTemplateFile("zpt/manage_addAuthTokenGenerator", globals()).__of__(self)
+ return pt()
+
+def manage_addAuthTokenGenerator(context, id, consumerKey=None, consumerSecret=None):
+ """ """
+ context._setObject(id, AuthTokenGenerator(id, consumerKey=consumerKey, consumerSecret=consumerSecret))
+ return "AuthTokenGenerator Installed: %s" % id
diff -r 000000000000 -r c33668e282fa __init__.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/__init__.py Fri Mar 23 16:33:53 2012 +0100
@@ -0,0 +1,13 @@
+import AuthTokenGenerator
+
+def initialize(context):
+ """initialize Annotator"""
+ context.registerClass(
+ AuthTokenGenerator.AuthTokenGenerator,
+ constructors = (
+ AuthTokenGenerator.manage_addAuthTokenGeneratorForm,
+ AuthTokenGenerator.manage_addAuthTokenGenerator
+ )
+ )
+
+
\ No newline at end of file
diff -r 000000000000 -r c33668e282fa zpt/manage_addAuthTokenGenerator.zpt
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/zpt/manage_addAuthTokenGenerator.zpt Fri Mar 23 16:33:53 2012 +0100
@@ -0,0 +1,10 @@
+Header
+ Add an AuthTokenGenerator
+
+
+Footer