Changeset 521:112578de1470 in documentViewer

Timestamp:

Mar 15, 2012, 7:37:14 PM (12 years ago)

Author:

casties

Branch:

default

Message:

AuthTokenGenerator? works now.

Files:

• AuthTokenGenerator.py (modified) (2 diffs)
• __init__.py (modified) (2 diffs)
• zpt/manage_addAuthTokenGenerator.zpt (added)

AuthTokenGenerator.py

@@ -1 +1 @@
 from OFS.SimpleItem import SimpleItem
+from Products.PageTemplates.PageTemplateFile import PageTemplateFile
+from OFS.PropertyManager import PropertyManager
 
 import datetime
 import hashlib
+import json
 
 
@@ -18 +21 @@
 
 
-class AuthTokenGenerator(SimpleItem):
-    """Generator of auth tokens for OKFN Annotator""" 
-    # Replace these with your details
-    consumerKey = 'yourconsumerkey'
-    consumerSecret = 'yourconsumersecret'
+class AuthTokenGenerator(SimpleItem, PropertyManager):
+    """Generator of auth tokens for OKFN Annotator"""
     
+    meta_type = 'AuthTokenGenerator'
+    _properties=({'id':'consumer_key', 'type': 'string', 'mode': 'w'},
+                 {'id':'consumer_secret', 'type': 'string', 'mode': 'w'},
+                )
+    
+    manage_options = PropertyManager.manage_options + SimpleItem.manage_options
+
     # Only change this if you're sure you know what you're doing
-    CONSUMER_TTL = 86400
+    consumerTtl = 86400
 
-    def generate_token(self, user_id):
+    def __init__(self, id, consumerKey=None, consumerSecret=None):
+        """init document viewer"""
+        self.id=id
+        self.consumer_key = consumerKey
+        self.consumer_secret = consumerSecret
+
+    def index_html(self, user='anonymous', password=None):
+        """returns authentication token for user"""
+        if self._token_allowed():
+            token = self._generate_token(user)
+            self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json")
+            origin = self.REQUEST.getHeader("Origin", None)
+            if origin is not None:
+                self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", origin)
+            else:
+                self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", "*")
+
+            self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true")
+            json.dump(token, self.REQUEST.RESPONSE)
+        else:
+            self.REQUEST.RESPONSE.setStatus('Forbidden')
+            return "SORRY, NOT ALLOWED!" 
+
+    def _token_allowed(self, user=None, password=None):
+        # here we should check the login
+        return True
+
+    def _generate_token(self, user_id):
+        #return JSON-token
         issue_time = datetime.datetime.now(UTC).isoformat()
-        token = hashlib.sha256(self.consumerSecret + user_id + issue_time).hexdigest()
+        token = hashlib.sha256(self.consumer_secret + user_id + issue_time).hexdigest()
     
         return dict(
-            consumerKey=self.consumerKey,
+            consumerKey=self.consumer_key,
             authToken=token,
             authTokenIssueTime=issue_time,
-            authTokenTTL=CONSUMER_TTL,
+            authTokenTTL=self.consumerTtl,
             userId=user_id
         )
+
+def manage_addAuthTokenGeneratorForm(self):
+    """form for adding AuthTokenGenerator"""
+    pt = PageTemplateFile("zpt/manage_addAuthTokenGenerator", globals()).__of__(self)
+    return pt()
+
+def manage_addAuthTokenGenerator(context, id, consumerKey=None, consumerSecret=None):
+    """ """
+    context._setObject(id, AuthTokenGenerator(id, consumerKey=consumerKey, consumerSecret=consumerSecret))
+    return "AuthTokenGenerator Installed: %s" % id

__init__.py

@@ -1 +1 @@
 import documentViewer
 import MpdlXmlTextServer
+import AuthTokenGenerator
 
 def initialize(context):
@@ -19 +20 @@
           )
         )
+
+    context.registerClass(
+        AuthTokenGenerator.AuthTokenGenerator,
+        constructors = (
+          AuthTokenGenerator.manage_addAuthTokenGeneratorForm,
+          AuthTokenGenerator.manage_addAuthTokenGenerator
+          )
+        )
+