/snf-astakos-app/astakos/api/tokens.py - Annotate - Synnefo - Greek Research and Technology Network's projects

| Branch: | Tag: | Revision:

root / snf-astakos-app / astakos / api / tokens.py @ 8cb96389

History | View | Annotate | Download (5.1 kB)

1	7ac2131c	Sofia Papagiannaki	# Copyright 2011-2013 GRNET S.A. All rights reserved.
2	7ac2131c	Sofia Papagiannaki	#
3	7ac2131c	Sofia Papagiannaki	# Redistribution and use in source and binary forms, with or
4	7ac2131c	Sofia Papagiannaki	# without modification, are permitted provided that the following
5	7ac2131c	Sofia Papagiannaki	# conditions are met:
6	7ac2131c	Sofia Papagiannaki	#
7	7ac2131c	Sofia Papagiannaki	# 1. Redistributions of source code must retain the above
8	7ac2131c	Sofia Papagiannaki	# copyright notice, this list of conditions and the following
9	7ac2131c	Sofia Papagiannaki	# disclaimer.
10	7ac2131c	Sofia Papagiannaki	#
11	7ac2131c	Sofia Papagiannaki	# 2. Redistributions in binary form must reproduce the above
12	7ac2131c	Sofia Papagiannaki	# copyright notice, this list of conditions and the following
13	7ac2131c	Sofia Papagiannaki	# disclaimer in the documentation and/or other materials
14	7ac2131c	Sofia Papagiannaki	# provided with the distribution.
15	7ac2131c	Sofia Papagiannaki	#
16	7ac2131c	Sofia Papagiannaki	# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17	7ac2131c	Sofia Papagiannaki	# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18	7ac2131c	Sofia Papagiannaki	# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19	7ac2131c	Sofia Papagiannaki	# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20	7ac2131c	Sofia Papagiannaki	# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21	7ac2131c	Sofia Papagiannaki	# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22	7ac2131c	Sofia Papagiannaki	# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23	7ac2131c	Sofia Papagiannaki	# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24	7ac2131c	Sofia Papagiannaki	# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25	7ac2131c	Sofia Papagiannaki	# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26	7ac2131c	Sofia Papagiannaki	# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27	7ac2131c	Sofia Papagiannaki	# POSSIBILITY OF SUCH DAMAGE.
28	7ac2131c	Sofia Papagiannaki	#
29	7ac2131c	Sofia Papagiannaki	# The views and conclusions contained in the software and
30	7ac2131c	Sofia Papagiannaki	# documentation are those of the authors and should not be
31	7ac2131c	Sofia Papagiannaki	# interpreted as representing official policies, either expressed
32	7ac2131c	Sofia Papagiannaki	# or implied, of GRNET S.A.
33	7ac2131c	Sofia Papagiannaki
34	7ac2131c	Sofia Papagiannaki	from urlparse import urlunsplit, urlsplit
35	8cb96389	Sofia Papagiannaki	from collections import defaultdict
36	7ac2131c	Sofia Papagiannaki
37	7ac2131c	Sofia Papagiannaki	from django.http import urlencode
38	f870efe2	Sofia Papagiannaki	from django.views.decorators.csrf import csrf_exempt
39	7ac2131c	Sofia Papagiannaki
40	bd93595d	Sofia Papagiannaki	from snf_django.lib.api import faults, utils, api_method
41	7ac2131c	Sofia Papagiannaki
42	f870efe2	Sofia Papagiannaki	from astakos.im.models import Service, AstakosUser
43	bd93595d	Sofia Papagiannaki	from .util import user_from_token, json_response, xml_response, validate_user
44	7ac2131c	Sofia Papagiannaki
45	7ac2131c	Sofia Papagiannaki	import logging
46	7ac2131c	Sofia Papagiannaki	logger = logging.getLogger(__name__)
47	7ac2131c	Sofia Papagiannaki
48	7ac2131c	Sofia Papagiannaki
49	f870efe2	Sofia Papagiannaki	@api_method(http_method="GET", token_required=True, user_required=False,
50	f870efe2	Sofia Papagiannaki	logger=logger)
51	7ac2131c	Sofia Papagiannaki	@user_from_token # Authenticate user!!
52	7ac2131c	Sofia Papagiannaki	def get_endpoints(request, token):
53	bd93595d	Sofia Papagiannaki	if token != request.user.auth_token:
54	f870efe2	Sofia Papagiannaki	raise faults.Forbidden()
55	7ac2131c	Sofia Papagiannaki
56	7ac2131c	Sofia Papagiannaki	belongsTo = request.GET.get('belongsTo')
57	7ac2131c	Sofia Papagiannaki	if belongsTo and belongsTo != request.user.uuid:
58	f870efe2	Sofia Papagiannaki	raise faults.BadRequest()
59	7ac2131c	Sofia Papagiannaki
60	7ac2131c	Sofia Papagiannaki	marker = request.GET.get('marker', 0)
61	7ac2131c	Sofia Papagiannaki	limit = request.GET.get('limit', 10000)
62	7ac2131c	Sofia Papagiannaki
63	f870efe2	Sofia Papagiannaki	endpoints = list(Service.objects.all().order_by('id').
64	f870efe2	Sofia Papagiannaki	filter(id__gt=marker)[:limit].
65	f870efe2	Sofia Papagiannaki	values('name', 'url', 'api_url', 'id', 'type'))
66	7ac2131c	Sofia Papagiannaki	for e in endpoints:
67	f870efe2	Sofia Papagiannaki	e['publicURL'] = e['admiURL'] = e['internalURL'] = e['api_url']
68	f870efe2	Sofia Papagiannaki	e['SNF:uiURL'] = e['url']
69	7ac2131c	Sofia Papagiannaki	e['region'] = e['name']
70	f870efe2	Sofia Papagiannaki	e.pop('api_url')
71	7ac2131c	Sofia Papagiannaki
72	7ac2131c	Sofia Papagiannaki	if endpoints:
73	7ac2131c	Sofia Papagiannaki	parts = list(urlsplit(request.path))
74	7ac2131c	Sofia Papagiannaki	params = {'marker': endpoints[-1]['id'], 'limit': limit}
75	7ac2131c	Sofia Papagiannaki	parts[3] = urlencode(params)
76	7ac2131c	Sofia Papagiannaki	next_page_url = urlunsplit(parts)
77	7ac2131c	Sofia Papagiannaki	endpoint_links = [{'href': next_page_url, 'rel': 'next'}]
78	7ac2131c	Sofia Papagiannaki	else:
79	7ac2131c	Sofia Papagiannaki	endpoint_links = []
80	7ac2131c	Sofia Papagiannaki
81	7ac2131c	Sofia Papagiannaki	result = {'endpoints': endpoints, 'endpoint_links': endpoint_links}
82	7ac2131c	Sofia Papagiannaki	if request.serialization == 'xml':
83	7ac2131c	Sofia Papagiannaki	return xml_response(result, 'api/endpoints.xml')
84	7ac2131c	Sofia Papagiannaki	else:
85	7ac2131c	Sofia Papagiannaki	return json_response(result)
86	f870efe2	Sofia Papagiannaki
87	f870efe2	Sofia Papagiannaki
88	f870efe2	Sofia Papagiannaki	@csrf_exempt
89	f870efe2	Sofia Papagiannaki	@api_method(http_method="POST", token_required=False, user_required=False,
90	f870efe2	Sofia Papagiannaki	logger=logger)
91	f870efe2	Sofia Papagiannaki	def authenticate(request):
92	f870efe2	Sofia Papagiannaki	req = utils.get_request_dict(request)
93	f870efe2	Sofia Papagiannaki
94	f870efe2	Sofia Papagiannaki	uuid = None
95	f870efe2	Sofia Papagiannaki	try:
96	f870efe2	Sofia Papagiannaki	token_id = req['auth']['token']['id']
97	f870efe2	Sofia Papagiannaki	except KeyError:
98	f870efe2	Sofia Papagiannaki	try:
99	f870efe2	Sofia Papagiannaki	token_id = req['auth']['passwordCredentials']['password']
100	f870efe2	Sofia Papagiannaki	uuid = req['auth']['passwordCredentials']['username']
101	f870efe2	Sofia Papagiannaki	except KeyError:
102	f870efe2	Sofia Papagiannaki	raise faults.BadRequest('Malformed request')
103	f870efe2	Sofia Papagiannaki
104	f870efe2	Sofia Papagiannaki	if token_id is None:
105	f870efe2	Sofia Papagiannaki	raise faults.BadRequest('Malformed request')
106	f870efe2	Sofia Papagiannaki
107	f870efe2	Sofia Papagiannaki	try:
108	f870efe2	Sofia Papagiannaki	user = AstakosUser.objects.get(auth_token=token_id)
109	f870efe2	Sofia Papagiannaki	except AstakosUser.DoesNotExist:
110	f870efe2	Sofia Papagiannaki	raise faults.Unauthorized('Invalid token')
111	f870efe2	Sofia Papagiannaki
112	bd93595d	Sofia Papagiannaki	validate_user(user)
113	49005665	Sofia Papagiannaki
114	f870efe2	Sofia Papagiannaki	if uuid is not None:
115	f870efe2	Sofia Papagiannaki	if user.uuid != uuid:
116	f870efe2	Sofia Papagiannaki	raise faults.Unauthorized('Invalid credentials')
117	f870efe2	Sofia Papagiannaki
118	8cb96389	Sofia Papagiannaki	d = defaultdict(dict)
119	8cb96389	Sofia Papagiannaki	d["access"]["token"] = {
120	8cb96389	Sofia Papagiannaki	"id": user.auth_token,
121	8cb96389	Sofia Papagiannaki	"expires": utils.isoformat(user.auth_token_expires),
122	8cb96389	Sofia Papagiannaki	"tenant": {"id": user.uuid, "name": user.realname}}
123	8cb96389	Sofia Papagiannaki	d["access"]["user"] = {
124	8cb96389	Sofia Papagiannaki	"id": user.uuid, 'name': user.realname,
125	8cb96389	Sofia Papagiannaki	"roles": list(user.groups.values("id", "name")),
126	8cb96389	Sofia Papagiannaki	"roles_links": []}
127	8cb96389	Sofia Papagiannaki	d["access"]["serviceCatalog"] = []
128	8cb96389	Sofia Papagiannaki	append = d["access"]["serviceCatalog"].append
129	8cb96389	Sofia Papagiannaki	for s in Service.objects.all().order_by("id"):
130	8cb96389	Sofia Papagiannaki	endpoints = []
131	8cb96389	Sofia Papagiannaki	for l in [e.data.values('key', 'value') for e in s.endpoints.all()]:
132	8cb96389	Sofia Papagiannaki	endpoint = dict((d['key'], d['value']) for d in l)
133	8cb96389	Sofia Papagiannaki	endpoints.append(endpoint)
134	8cb96389	Sofia Papagiannaki	append({"name": s.name,
135	8cb96389	Sofia Papagiannaki	"type": s.type,
136	8cb96389	Sofia Papagiannaki	"SNF:uiURL": s.component.url,
137	8cb96389	Sofia Papagiannaki	"endpoints": endpoints,
138	8cb96389	Sofia Papagiannaki	"endpoints_links": []})
139	f870efe2	Sofia Papagiannaki
140	f870efe2	Sofia Papagiannaki	if request.serialization == 'xml':
141	8cb96389	Sofia Papagiannaki	return xml_response({'d': d}, 'api/access.xml')
142	f870efe2	Sofia Papagiannaki	else:
143	8cb96389	Sofia Papagiannaki	return json_response(d)