Changeset 2:4c6c8835fc5c in OKFNAnnotator (for Zope) for AuthTokenGenerator.py


Ignore:
Timestamp:
Mar 23, 2012, 4:50:06 PM (12 years ago)
Author:
casties
Branch:
default
Message:

new version for new Annotator Auth API using PyJWT.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • AuthTokenGenerator.py

    r0 r2  
    33from OFS.PropertyManager import PropertyManager
    44
     5import logging
    56import datetime
    6 import hashlib
    7 import json
     7import jwt
    88
    99
     
    2525   
    2626    meta_type = 'AuthTokenGenerator'
    27     _properties=({'id':'consumer_key', 'type': 'string', 'mode': 'w'},
     27    _properties = ({'id':'consumer_key', 'type': 'string', 'mode': 'w'},
    2828                 {'id':'consumer_secret', 'type': 'string', 'mode': 'w'},
    2929                )
     
    3232
    3333    # Only change this if you're sure you know what you're doing
    34     consumerTtl = 86400
     34    tokenTtl = 86400
    3535
    3636    def __init__(self, id, consumerKey=None, consumerSecret=None):
    3737        """init document viewer"""
    38         self.id=id
     38        self.id = id
    3939        self.consumer_key = consumerKey
    4040        self.consumer_secret = consumerSecret
     
    4444        if self._token_allowed():
    4545            token = self._generate_token(user)
    46             self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json")
     46            # set CORS headers
    4747            origin = self.REQUEST.getHeader("Origin", None)
    4848            if origin is not None:
     
    5252
    5353            self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true")
    54             json.dump(token, self.REQUEST.RESPONSE)
     54            logging.debug("token=%s"%token)
     55            self.REQUEST.RESPONSE.setHeader("Content-Type", "text/plain")
     56            return token
     57            # send as JSON
     58            #self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json")
     59            #json.dump(token, self.REQUEST.RESPONSE)
    5560        else:
    5661            self.REQUEST.RESPONSE.setStatus('Forbidden')
     
    6368    def _generate_token(self, user_id):
    6469        #return JSON-token
    65         issue_time = datetime.datetime.now(UTC).isoformat()
    66         token = hashlib.sha256(self.consumer_secret + user_id + issue_time).hexdigest()
    67    
    68         return dict(
    69             consumerKey=self.consumer_key,
    70             authToken=token,
    71             authTokenIssueTime=issue_time,
    72             authTokenTTL=self.consumerTtl,
    73             userId=user_id
    74         )
     70        issue_time = datetime.datetime.now(UTC).replace(microsecond=0)
     71       
     72        return jwt.encode({
     73           'consumerKey': self.consumer_key,
     74           'userId': user_id,
     75           'issuedAt': issue_time.isoformat(),
     76           'ttl': self.tokenTtl
     77           }, self.consumer_secret)
     78       
    7579
    7680def manage_addAuthTokenGeneratorForm(self):
Note: See TracChangeset for help on using the changeset viewer.