changeset 0:c33668e282fa

first checkin.
author casties
date Fri, 23 Mar 2012 16:33:53 +0100
parents
children 7f0324b249d3
files .hgignore AuthTokenGenerator.py __init__.py zpt/manage_addAuthTokenGenerator.zpt
diffstat 4 files changed, 112 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/.hgignore	Fri Mar 23 16:33:53 2012 +0100
@@ -0,0 +1,5 @@
+
+syntax: regexp
+^\.project$
+syntax: regexp
+^\.pydevproject$
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/AuthTokenGenerator.py	Fri Mar 23 16:33:53 2012 +0100
@@ -0,0 +1,84 @@
+from OFS.SimpleItem import SimpleItem
+from Products.PageTemplates.PageTemplateFile import PageTemplateFile
+from OFS.PropertyManager import PropertyManager
+
+import datetime
+import hashlib
+import json
+
+
+ZERO = datetime.timedelta(0)
+class Utc(datetime.tzinfo):
+    def utcoffset(self, dt):
+        return ZERO
+
+    def tzname(self, dt):
+        return "UTC"
+
+    def dst(self, dt):
+        return ZERO
+UTC = Utc()
+
+
+class AuthTokenGenerator(SimpleItem, PropertyManager):
+    """Generator of auth tokens for OKFN Annotator"""
+    
+    meta_type = 'AuthTokenGenerator'
+    _properties=({'id':'consumer_key', 'type': 'string', 'mode': 'w'},
+                 {'id':'consumer_secret', 'type': 'string', 'mode': 'w'},
+                )
+    
+    manage_options = PropertyManager.manage_options + SimpleItem.manage_options
+
+    # Only change this if you're sure you know what you're doing
+    consumerTtl = 86400
+
+    def __init__(self, id, consumerKey=None, consumerSecret=None):
+        """init document viewer"""
+        self.id=id
+        self.consumer_key = consumerKey
+        self.consumer_secret = consumerSecret
+
+    def index_html(self, user='anonymous', password=None):
+        """returns authentication token for user"""
+        if self._token_allowed():
+            token = self._generate_token(user)
+            self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json")
+            origin = self.REQUEST.getHeader("Origin", None)
+            if origin is not None:
+                self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", origin)
+            else:
+                self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", "*")
+
+            self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true")
+            json.dump(token, self.REQUEST.RESPONSE)
+        else:
+            self.REQUEST.RESPONSE.setStatus('Forbidden')
+            return "SORRY, NOT ALLOWED!" 
+
+    def _token_allowed(self, user=None, password=None):
+        # here we should check the login
+        return True
+
+    def _generate_token(self, user_id):
+        #return JSON-token
+        issue_time = datetime.datetime.now(UTC).isoformat()
+        token = hashlib.sha256(self.consumer_secret + user_id + issue_time).hexdigest()
+    
+        return dict(
+            consumerKey=self.consumer_key,
+            authToken=token,
+            authTokenIssueTime=issue_time,
+            authTokenTTL=self.consumerTtl,
+            userId=user_id
+        )
+
+def manage_addAuthTokenGeneratorForm(self):
+    """form for adding AuthTokenGenerator"""
+    pt = PageTemplateFile("zpt/manage_addAuthTokenGenerator", globals()).__of__(self)
+    return pt()
+
+def manage_addAuthTokenGenerator(context, id, consumerKey=None, consumerSecret=None):
+    """ """
+    context._setObject(id, AuthTokenGenerator(id, consumerKey=consumerKey, consumerSecret=consumerSecret))
+    return "AuthTokenGenerator Installed: %s" % id
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/__init__.py	Fri Mar 23 16:33:53 2012 +0100
@@ -0,0 +1,13 @@
+import AuthTokenGenerator
+
+def initialize(context):
+    """initialize Annotator"""
+    context.registerClass(
+        AuthTokenGenerator.AuthTokenGenerator,
+        constructors = (
+          AuthTokenGenerator.manage_addAuthTokenGeneratorForm,
+          AuthTokenGenerator.manage_addAuthTokenGenerator
+          )
+        )
+        
+    
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/zpt/manage_addAuthTokenGenerator.zpt	Fri Mar 23 16:33:53 2012 +0100
@@ -0,0 +1,10 @@
+<h1 tal:replace="structure here/manage_page_header">Header</h1>
+	<h2>Add an AuthTokenGenerator</h2>
+		<form action="manage_addAuthTokenGenerator">
+		<p class="form-label">Id<input name="id"></p>
+		<p class="form-optional">consumer key<input size="80" name="consumerKey" value=""></p>
+        <p class="form-optional">consumer secret<input size="80" name="consumerSecret" value=""></p>
+		<p><input type="submit" value="add"></p>
+		</form>
+			
+<h1 tal:replace="structure here/manage_page_footer">Footer</h1>