40 |
40 |
|
41 |
41 |
from astakos.im import settings
|
42 |
42 |
from astakos.im.models import Service, AstakosUser
|
|
43 |
from astakos.oa2.backends.djangobackend import DjangoBackend
|
43 |
44 |
from .util import json_response, xml_response, validate_user,\
|
44 |
45 |
get_content_length
|
45 |
46 |
|
... | ... | |
137 |
138 |
return xml_response({'d': d}, 'api/access.xml')
|
138 |
139 |
else:
|
139 |
140 |
return json_response(d)
|
|
141 |
|
|
142 |
|
|
143 |
@api_method(http_method="GET", token_required=False, user_required=False,
|
|
144 |
logger=logger)
|
|
145 |
def validate_token(request, token_id):
|
|
146 |
oa2_backend = DjangoBackend()
|
|
147 |
try:
|
|
148 |
token = oa2_backend.consume_token(token_id)
|
|
149 |
except Exception, e:
|
|
150 |
raise faults.ItemNotFound(e.message)
|
|
151 |
|
|
152 |
belongsTo = request.GET.get('belongsTo')
|
|
153 |
if belongsTo is not None:
|
|
154 |
if not belongsTo.startswith(token.scope):
|
|
155 |
raise faults.ItemNotFound(
|
|
156 |
"The specified tenant is outside the token's scope")
|
|
157 |
|
|
158 |
d = defaultdict(dict)
|
|
159 |
d["access"]["token"] = {"id": token.code,
|
|
160 |
"expires": token.expires_at,
|
|
161 |
"tenant": {"id": token.user.uuid,
|
|
162 |
"name": token.user.realname}}
|
|
163 |
d["access"]["user"] = {"id": token.user.uuid,
|
|
164 |
'name': token.user.realname,
|
|
165 |
"roles": list(token.user.groups.values("id",
|
|
166 |
"name")),
|
|
167 |
"roles_links": []}
|
|
168 |
|
|
169 |
if request.serialization == 'xml':
|
|
170 |
return xml_response({'d': d}, 'api/access.xml')
|
|
171 |
else:
|
|
172 |
return json_response(d)
|