Revision c06de383
b/aai/middleware.py | ||
---|---|---|
4 | 4 |
from synnefo.db.models import SynnefoUser |
5 | 5 |
from synnefo.aai.shibboleth import Tokens, register_shibboleth_user |
6 | 6 |
import time |
7 |
import datetime |
|
7 | 8 |
|
8 | 9 |
class SynnefoAuthMiddleware(object): |
9 | 10 |
|
... | ... | |
16 | 17 |
#print time.strftime("[%d/%b/%Y %H:%M:%S]"), " Path", \ |
17 | 18 |
# request.path , ": Not authenticated" |
18 | 19 |
return |
19 |
token = request.META.get('HTTP_X_AUTH_TOKEN', None) |
|
20 |
|
|
21 |
token = None |
|
22 |
#Try to find token in a cookie |
|
23 |
try: |
|
24 |
token = request.COOKIES['X-Auth-Token'] |
|
25 |
except Exception: |
|
26 |
pass |
|
27 |
|
|
28 |
#Try to find token in request header |
|
29 |
if not token: |
|
30 |
token = request.META.get('HTTP_X_AUTH_TOKEN', None) |
|
31 |
|
|
20 | 32 |
if token: |
21 | 33 |
user = None |
22 | 34 |
#Retrieve user from DB or other caching mechanism |
... | ... | |
97 | 109 |
response['Vary'] = self.auth_token |
98 | 110 |
return response |
99 | 111 |
|
100 |
|
|
101 | 112 |
def _redirect_shib_auth_user(self, user): |
113 |
expire = user.auth_token_created + datetime.timedelta(hours=settings.AUTH_TOKEN_DURATION) |
|
114 |
expire_fmt = expire.strftime('%a, %d-%b-%Y %H:%M:%S %Z') |
|
115 |
|
|
102 | 116 |
response = HttpResponse() |
117 |
|
|
118 |
response.set_cookie('X-Auth-Token', value=user.auth_token, expires = expire_fmt, path='/api') |
|
103 | 119 |
response[self.auth_token] = user.auth_token |
104 | 120 |
response['Location'] = settings.APP_INSTALL_URL |
105 | 121 |
response.status_code = 302 |
b/aai/tests.py | ||
---|---|---|
5 | 5 |
# |
6 | 6 |
# Copyright 2011 Greek Research and Technology Network |
7 | 7 |
# |
8 |
from Cookie import Cookie |
|
8 | 9 |
|
9 | 10 |
from django.test import TestCase |
10 | 11 |
from django.test.client import Client |
... | ... | |
41 | 42 |
self.assertEquals(response['Location'], settings.APP_INSTALL_URL) |
42 | 43 |
self.assertTrue('X-Auth-Token' in response) |
43 | 44 |
self.assertEquals(response['X-Auth-Token'], user.auth_token) |
45 |
#self.assertNotEquals(response.cookies['X-Auth-Token'].find(user.auth_token), -1) |
|
44 | 46 |
|
45 | 47 |
response = self.client.get(self.apibase + '/servers', {}, |
46 | 48 |
**{Tokens.SIB_NAME: 'Jimmy', |
... | ... | |
58 | 60 |
self.assertEquals(user1.auth_token , user.auth_token) |
59 | 61 |
self.assertTrue(response['Location'].endswith, '/servers') |
60 | 62 |
|
63 |
def test_auth_cookie(self): |
|
64 |
user = SynnefoUser.objects.get(uniq = "test@synnefo.gr") |
|
65 |
self.client.cookies['X-Auth-Token'] = user.auth_token |
|
66 |
response = self.client.get(self.apibase + '/servers', {}, |
|
67 |
**{'X-Auth-Token': user.auth_token, |
|
68 |
'TEST-AAI' : 'true'}) |
|
69 |
self.assertTrue(response.status_code, 200) |
|
70 |
self.assertTrue('Vary' in response) |
|
71 |
self.assertTrue('X-Auth-Token' in response['Vary']) |
|
72 |
|
|
61 | 73 |
def test_shibboleth_no_uniq_request(self): |
62 | 74 |
"""test a request with no unique field |
63 | 75 |
""" |
Also available in: Unified diff