Mercurial > hg > documentViewer

changeset 521:112578de1470

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
AuthTokenGenerator works now.
author casties
date Thu, 15 Mar 2012 20:37:14 +0100
parents 8c5aae9bdbbb
children 198b3ae3ea7e
files AuthTokenGenerator.py __init__.py zpt/manage_addAuthTokenGenerator.zpt
diffstat 3 files changed, 75 insertions(+), 10 deletions(-) [+]
line wrap: on
line diff
--- a/AuthTokenGenerator.py	Thu Mar 15 10:20:24 2012 +0100
+++ b/AuthTokenGenerator.py	Thu Mar 15 20:37:14 2012 +0100
@@ -1,7 +1,10 @@
 from OFS.SimpleItem import SimpleItem
+from Products.PageTemplates.PageTemplateFile import PageTemplateFile
+from OFS.PropertyManager import PropertyManager
 
 import datetime
 import hashlib
+import json
 
 
 ZERO = datetime.timedelta(0)
@@ -17,23 +20,65 @@
 UTC = Utc()
 
 
-class AuthTokenGenerator(SimpleItem):
-    """Generator of auth tokens for OKFN Annotator""" 
-    # Replace these with your details
-    consumerKey = 'yourconsumerkey'
-    consumerSecret = 'yourconsumersecret'
+class AuthTokenGenerator(SimpleItem, PropertyManager):
+    """Generator of auth tokens for OKFN Annotator"""
+    
+    meta_type = 'AuthTokenGenerator'
+    _properties=({'id':'consumer_key', 'type': 'string', 'mode': 'w'},
+                 {'id':'consumer_secret', 'type': 'string', 'mode': 'w'},
+                )
     
+    manage_options = PropertyManager.manage_options + SimpleItem.manage_options
+
     # Only change this if you're sure you know what you're doing
-    CONSUMER_TTL = 86400
+    consumerTtl = 86400
+
+    def __init__(self, id, consumerKey=None, consumerSecret=None):
+        """init document viewer"""
+        self.id=id
+        self.consumer_key = consumerKey
+        self.consumer_secret = consumerSecret
 
-    def generate_token(self, user_id):
+    def index_html(self, user='anonymous', password=None):
+        """returns authentication token for user"""
+        if self._token_allowed():
+            token = self._generate_token(user)
+            self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json")
+            origin = self.REQUEST.getHeader("Origin", None)
+            if origin is not None:
+                self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", origin)
+            else:
+                self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", "*")
+
+            self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true")
+            json.dump(token, self.REQUEST.RESPONSE)
+        else:
+            self.REQUEST.RESPONSE.setStatus('Forbidden')
+            return "SORRY, NOT ALLOWED!" 
+
+    def _token_allowed(self, user=None, password=None):
+        # here we should check the login
+        return True
+
+    def _generate_token(self, user_id):
+        #return JSON-token
         issue_time = datetime.datetime.now(UTC).isoformat()
-        token = hashlib.sha256(self.consumerSecret + user_id + issue_time).hexdigest()
+        token = hashlib.sha256(self.consumer_secret + user_id + issue_time).hexdigest()
     
         return dict(
-            consumerKey=self.consumerKey,
+            consumerKey=self.consumer_key,
             authToken=token,
             authTokenIssueTime=issue_time,
-            authTokenTTL=CONSUMER_TTL,
+            authTokenTTL=self.consumerTtl,
             userId=user_id
         )
+
+def manage_addAuthTokenGeneratorForm(self):
+    """form for adding AuthTokenGenerator"""
+    pt = PageTemplateFile("zpt/manage_addAuthTokenGenerator", globals()).__of__(self)
+    return pt()
+
+def manage_addAuthTokenGenerator(context, id, consumerKey=None, consumerSecret=None):
+    """ """
+    context._setObject(id, AuthTokenGenerator(id, consumerKey=consumerKey, consumerSecret=consumerSecret))
+    return "AuthTokenGenerator Installed: %s" % id
--- a/__init__.py	Thu Mar 15 10:20:24 2012 +0100
+++ b/__init__.py	Thu Mar 15 20:37:14 2012 +0100
@@ -1,5 +1,6 @@
 import documentViewer
 import MpdlXmlTextServer
+import AuthTokenGenerator
 
 def initialize(context):
     """initialize ImageCollection"""
@@ -18,4 +19,13 @@
           MpdlXmlTextServer.manage_addMpdlXmlTextServer
           )
         )
+
+    context.registerClass(
+        AuthTokenGenerator.AuthTokenGenerator,
+        constructors = (
+          AuthTokenGenerator.manage_addAuthTokenGeneratorForm,
+          AuthTokenGenerator.manage_addAuthTokenGenerator
+          )
+        )
+        
     
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/zpt/manage_addAuthTokenGenerator.zpt	Thu Mar 15 20:37:14 2012 +0100
@@ -0,0 +1,10 @@
+<h1 tal:replace="structure here/manage_page_header">Header</h1>
+	<h2>Add an AuthTokenGenerator</h2>
+		<form action="manage_addAuthTokenGenerator">
+		<p class="form-label">Id<input name="id"></p>
+		<p class="form-optional">consumer key<input size="80" name="consumerKey" value=""></p>
+        <p class="form-optional">consumer secret<input size="80" name="consumerSecret" value=""></p>
+		<p><input type="submit" value="add"></p>
+		</form>
+			
+<h1 tal:replace="structure here/manage_page_footer">Footer</h1>