/snf-astakos-app/astakos/api/tokens.py - Annotate - Synnefo - Greek Research and Technology Network's projects

| Branch: | Tag: | Revision:

root / snf-astakos-app / astakos / api / tokens.py @ f6ff3033

History | View | Annotate | Download (4.5 kB)

1	7ac2131c	Sofia Papagiannaki	# Copyright 2011-2013 GRNET S.A. All rights reserved.
2	7ac2131c	Sofia Papagiannaki	#
3	7ac2131c	Sofia Papagiannaki	# Redistribution and use in source and binary forms, with or
4	7ac2131c	Sofia Papagiannaki	# without modification, are permitted provided that the following
5	7ac2131c	Sofia Papagiannaki	# conditions are met:
6	7ac2131c	Sofia Papagiannaki	#
7	7ac2131c	Sofia Papagiannaki	# 1. Redistributions of source code must retain the above
8	7ac2131c	Sofia Papagiannaki	# copyright notice, this list of conditions and the following
9	7ac2131c	Sofia Papagiannaki	# disclaimer.
10	7ac2131c	Sofia Papagiannaki	#
11	7ac2131c	Sofia Papagiannaki	# 2. Redistributions in binary form must reproduce the above
12	7ac2131c	Sofia Papagiannaki	# copyright notice, this list of conditions and the following
13	7ac2131c	Sofia Papagiannaki	# disclaimer in the documentation and/or other materials
14	7ac2131c	Sofia Papagiannaki	# provided with the distribution.
15	7ac2131c	Sofia Papagiannaki	#
16	7ac2131c	Sofia Papagiannaki	# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17	7ac2131c	Sofia Papagiannaki	# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18	7ac2131c	Sofia Papagiannaki	# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19	7ac2131c	Sofia Papagiannaki	# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20	7ac2131c	Sofia Papagiannaki	# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21	7ac2131c	Sofia Papagiannaki	# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22	7ac2131c	Sofia Papagiannaki	# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23	7ac2131c	Sofia Papagiannaki	# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24	7ac2131c	Sofia Papagiannaki	# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25	7ac2131c	Sofia Papagiannaki	# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26	7ac2131c	Sofia Papagiannaki	# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27	7ac2131c	Sofia Papagiannaki	# POSSIBILITY OF SUCH DAMAGE.
28	7ac2131c	Sofia Papagiannaki	#
29	7ac2131c	Sofia Papagiannaki	# The views and conclusions contained in the software and
30	7ac2131c	Sofia Papagiannaki	# documentation are those of the authors and should not be
31	7ac2131c	Sofia Papagiannaki	# interpreted as representing official policies, either expressed
32	7ac2131c	Sofia Papagiannaki	# or implied, of GRNET S.A.
33	7ac2131c	Sofia Papagiannaki
34	8cb96389	Sofia Papagiannaki	from collections import defaultdict
35	7ac2131c	Sofia Papagiannaki
36	f870efe2	Sofia Papagiannaki	from django.views.decorators.csrf import csrf_exempt
37	7ac2131c	Sofia Papagiannaki
38	bd93595d	Sofia Papagiannaki	from snf_django.lib.api import faults, utils, api_method
39	7ac2131c	Sofia Papagiannaki
40	f870efe2	Sofia Papagiannaki	from astakos.im.models import Service, AstakosUser
41	d29f0371	Sofia Papagiannaki	from .util import json_response, xml_response, validate_user,\
42	d29f0371	Sofia Papagiannaki	get_content_length
43	7ac2131c	Sofia Papagiannaki
44	7ac2131c	Sofia Papagiannaki	import logging
45	7ac2131c	Sofia Papagiannaki	logger = logging.getLogger(__name__)
46	7ac2131c	Sofia Papagiannaki
47	7ac2131c	Sofia Papagiannaki
48	f870efe2	Sofia Papagiannaki	@csrf_exempt
49	f870efe2	Sofia Papagiannaki	@api_method(http_method="POST", token_required=False, user_required=False,
50	f870efe2	Sofia Papagiannaki	logger=logger)
51	f870efe2	Sofia Papagiannaki	def authenticate(request):
52	336fb8fb	Sofia Papagiannaki	try:
53	336fb8fb	Sofia Papagiannaki	content_length = get_content_length(request)
54	336fb8fb	Sofia Papagiannaki	except faults.LengthRequired:
55	336fb8fb	Sofia Papagiannaki	content_length = None
56	336fb8fb	Sofia Papagiannaki
57	d29f0371	Sofia Papagiannaki	public_mode = True if not content_length else False
58	f870efe2	Sofia Papagiannaki
59	d29f0371	Sofia Papagiannaki	d = defaultdict(dict)
60	d29f0371	Sofia Papagiannaki	if not public_mode:
61	d29f0371	Sofia Papagiannaki	req = utils.get_request_dict(request)
62	d29f0371	Sofia Papagiannaki
63	d29f0371	Sofia Papagiannaki	uuid = None
64	f870efe2	Sofia Papagiannaki	try:
65	d29f0371	Sofia Papagiannaki	token_id = req['auth']['token']['id']
66	f870efe2	Sofia Papagiannaki	except KeyError:
67	d29f0371	Sofia Papagiannaki	try:
68	d29f0371	Sofia Papagiannaki	token_id = req['auth']['passwordCredentials']['password']
69	d29f0371	Sofia Papagiannaki	uuid = req['auth']['passwordCredentials']['username']
70	d29f0371	Sofia Papagiannaki	except KeyError:
71	11366070	Sofia Papagiannaki	raise faults.BadRequest(
72	11366070	Sofia Papagiannaki	'Malformed request: missing credentials')
73	11366070	Sofia Papagiannaki
74	11366070	Sofia Papagiannaki	tenant = req['auth'].get('tenantName')
75	d29f0371	Sofia Papagiannaki
76	d29f0371	Sofia Papagiannaki	if token_id is None:
77	11366070	Sofia Papagiannaki	raise faults.BadRequest('Malformed request: missing token')
78	f870efe2	Sofia Papagiannaki
79	d29f0371	Sofia Papagiannaki	try:
80	d29f0371	Sofia Papagiannaki	user = AstakosUser.objects.get(auth_token=token_id)
81	d29f0371	Sofia Papagiannaki	except AstakosUser.DoesNotExist:
82	d29f0371	Sofia Papagiannaki	raise faults.Unauthorized('Invalid token')
83	f870efe2	Sofia Papagiannaki
84	d29f0371	Sofia Papagiannaki	validate_user(user)
85	f870efe2	Sofia Papagiannaki
86	d29f0371	Sofia Papagiannaki	if uuid is not None:
87	d29f0371	Sofia Papagiannaki	if user.uuid != uuid:
88	d29f0371	Sofia Papagiannaki	raise faults.Unauthorized('Invalid credentials')
89	49005665	Sofia Papagiannaki
90	a01eb018	Sofia Papagiannaki	if tenant:
91	11366070	Sofia Papagiannaki	if user.uuid != tenant:
92	11366070	Sofia Papagiannaki	raise faults.BadRequest('Not conforming tenantName')
93	11366070	Sofia Papagiannaki
94	d29f0371	Sofia Papagiannaki	d["access"]["token"] = {
95	d29f0371	Sofia Papagiannaki	"id": user.auth_token,
96	d29f0371	Sofia Papagiannaki	"expires": utils.isoformat(user.auth_token_expires),
97	d29f0371	Sofia Papagiannaki	"tenant": {"id": user.uuid, "name": user.realname}}
98	d29f0371	Sofia Papagiannaki	d["access"]["user"] = {
99	d29f0371	Sofia Papagiannaki	"id": user.uuid, 'name': user.realname,
100	d29f0371	Sofia Papagiannaki	"roles": list(user.groups.values("id", "name")),
101	d29f0371	Sofia Papagiannaki	"roles_links": []}
102	f870efe2	Sofia Papagiannaki
103	8cb96389	Sofia Papagiannaki	d["access"]["serviceCatalog"] = []
104	8cb96389	Sofia Papagiannaki	append = d["access"]["serviceCatalog"].append
105	67ef560b	Giorgos Korfiatis	for s in Service.objects.all().order_by("id").\
106	67ef560b	Giorgos Korfiatis	prefetch_related('endpoints__data').select_related('component'):
107	8cb96389	Sofia Papagiannaki	endpoints = []
108	67ef560b	Giorgos Korfiatis	for e in s.endpoints.all():
109	67ef560b	Giorgos Korfiatis	endpoint = dict((ed.key, ed.value) for ed in e.data.all())
110	07860de2	Sofia Papagiannaki	endpoint["SNF:uiURL"] = s.component.url
111	a50f99a3	Sofia Papagiannaki	endpoint["region"] = "default"
112	7f8af0e9	Sofia Papagiannaki	if s.name == 'astakos_weblogin':
113	7f8af0e9	Sofia Papagiannaki	endpoint["SNF:webloginURL"] = endpoint["publicURL"]
114	8cb96389	Sofia Papagiannaki	endpoints.append(endpoint)
115	8cb96389	Sofia Papagiannaki	append({"name": s.name,
116	8cb96389	Sofia Papagiannaki	"type": s.type,
117	8cb96389	Sofia Papagiannaki	"endpoints": endpoints,
118	8cb96389	Sofia Papagiannaki	"endpoints_links": []})
119	f870efe2	Sofia Papagiannaki
120	f870efe2	Sofia Papagiannaki	if request.serialization == 'xml':
121	8cb96389	Sofia Papagiannaki	return xml_response({'d': d}, 'api/access.xml')
122	f870efe2	Sofia Papagiannaki	else:
123	8cb96389	Sofia Papagiannaki	return json_response(d)