Completed
Pull Request — master (#2920)
by Anthony
04:40
created

TokenController._handle_standalone_auth()   C

Complexity

Conditions 7

Size

Total Lines 48

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 7
dl 0
loc 48
rs 5.5
c 0
b 0
f 0
1
# Licensed to the StackStorm, Inc ('StackStorm') under one or more
2
# contributor license agreements.  See the NOTICE file distributed with
3
# this work for additional information regarding copyright ownership.
4
# The ASF licenses this file to You under the Apache License, Version 2.0
5
# (the "License"); you may not use this file except in compliance with
6
# the License.  You may obtain a copy of the License at
7
#
8
#     http://www.apache.org/licenses/LICENSE-2.0
9
#
10
# Unless required by applicable law or agreed to in writing, software
11
# distributed under the License is distributed on an "AS IS" BASIS,
12
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
# See the License for the specific language governing permissions and
14
# limitations under the License.
15
16
17
import pecan
18
from pecan import rest
19
from six.moves import http_client
20
from oslo_config import cfg
21
22
from st2common.exceptions.auth import TokenNotFoundError, TokenExpiredError
23
from st2common.exceptions.param import ParamException
24
from st2common.models.api.base import jsexpose
25
26
27
from st2common.util import auth as auth_utils
28
from st2common import log as logging
29
from st2common.models.api.auth import TokenAPI
30
import st2auth.handlers as handlers
31
32
33
HANDLER_MAPPINGS = {
34
    'proxy': handlers.ProxyAuthHandler,
35
    'standalone': handlers.StandaloneAuthHandler
36
}
37
38
LOG = logging.getLogger(__name__)
39
40
41
class TokenValidationController(rest.RestController):
42
    @jsexpose(body_cls=TokenAPI, status_code=http_client.OK)
43
    def post(self, request, **kwargs):
44
        token = getattr(request, 'token', None)
45
46
        if not token:
47
            pecan.abort(http_client.BAD_REQUEST, 'Token is not provided.')
48
49
        try:
50
            return {'valid': auth_utils.validate_token(token) is not None}
51
        except (TokenNotFoundError, TokenExpiredError):
52
            return {'valid': False}
53
        except Exception:
54
            msg = 'Unexpected error occurred while verifying token.'
55
            LOG.exception(msg)
56
            pecan.abort(http_client.INTERNAL_SERVER_ERROR, msg)
57
58
59
class TokenController(rest.RestController):
60
    validate = TokenValidationController()
61
62
    def __init__(self, *args, **kwargs):
63
        super(TokenController, self).__init__(*args, **kwargs)
64
65
        try:
66
            self.handler = HANDLER_MAPPINGS[cfg.CONF.auth.mode]()
67
        except KeyError:
68
            raise ParamException("%s is not a valid auth mode" %
69
                                 cfg.CONF.auth.mode)
70
71
    @jsexpose(body_cls=TokenAPI, status_code=http_client.CREATED)
72
    def post(self, request, **kwargs):
73
        token = self.handler.handle_auth(request=request, headers=pecan.request.headers,
74
                                         remote_addr=pecan.request.remote_addr,
75
                                         remote_user=pecan.request.remote_user,
76
                                         authorization=pecan.request.authorization,
77
                                         **kwargs)
78
        return process_successful_response(token=token)
79
80
81
def process_successful_response(token):
82
    api_url = cfg.CONF.auth.api_url
83
    pecan.response.headers['X-API-URL'] = api_url
84
    return token
85