StackStorm /
st2
| Conditions | 12 |
| Total Lines | 76 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 1 | ||
| Bugs | 0 | Features | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
Complex classes like TokenController._handle_standalone_auth() often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
| 1 | # Licensed to the StackStorm, Inc ('StackStorm') under one or more |
||
| 91 | def _handle_standalone_auth(self, request, **kwargs): |
||
| 92 | authorization = pecan.request.authorization |
||
| 93 | |||
| 94 | auth_backend = self._auth_backend.__class__.__name__ |
||
| 95 | remote_addr = pecan.request.remote_addr |
||
| 96 | extra = {'auth_backend': auth_backend, 'remote_addr': remote_addr} |
||
| 97 | |||
| 98 | if not authorization: |
||
| 99 | LOG.audit('Authorization header not provided', extra=extra) |
||
| 100 | self._abort_request() |
||
| 101 | return |
||
| 102 | |||
| 103 | auth_type, auth_value = authorization |
||
| 104 | if auth_type.lower() not in ['basic']: |
||
| 105 | extra['auth_type'] = auth_type |
||
| 106 | LOG.audit('Unsupported authorization type: %s' % (auth_type), extra=extra) |
||
| 107 | self._abort_request() |
||
| 108 | return |
||
| 109 | |||
| 110 | try: |
||
| 111 | auth_value = base64.b64decode(auth_value) |
||
| 112 | except Exception: |
||
| 113 | LOG.audit('Invalid authorization header', extra=extra) |
||
| 114 | self._abort_request() |
||
| 115 | return |
||
| 116 | |||
| 117 | split = auth_value.split(':') |
||
| 118 | if len(split) != 2: |
||
| 119 | LOG.audit('Invalid authorization header', extra=extra) |
||
| 120 | self._abort_request() |
||
| 121 | return |
||
| 122 | |||
| 123 | username, password = split |
||
| 124 | result = self._auth_backend |
||
| 125 | |||
| 126 | result = self._auth_backend.authenticate(username=username, password=password) |
||
| 127 | if result is True: |
||
| 128 | ttl = getattr(request, 'ttl', None) |
||
| 129 | impersonate_user = getattr(request, 'user', None) |
||
| 130 | |||
| 131 | if impersonate_user is not None: |
||
| 132 | username = impersonate_user |
||
| 133 | else: |
||
| 134 | impersonate_user = getattr(request, 'impersonate_user', None) |
||
| 135 | nickname_origin = getattr(request, 'nickname_origin', None) |
||
| 136 | if impersonate_user is not None: |
||
| 137 | try: |
||
| 138 | username = User.get_by_nickname(impersonate_user, nickname_origin).username |
||
| 139 | except UserNotFoundError: |
||
| 140 | message = "Could not locate user %s@%s" % \ |
||
| 141 | (impersonate_user, nickname_origin) |
||
| 142 | self._abort_request(status_code=http_client.BAD_REQUEST, |
||
| 143 | message=message) |
||
| 144 | return |
||
| 145 | except NoNicknameOriginProvidedError: |
||
| 146 | message = "Nickname origin is not provided for nickname '%s'" % \ |
||
| 147 | impersonate_user |
||
| 148 | self._abort_request(status_code=http_client.BAD_REQUEST, |
||
| 149 | message=message) |
||
| 150 | return |
||
| 151 | except AmbiguousUserError: |
||
| 152 | message = "%s@%s matched more than one username" % \ |
||
| 153 | (impersonate_user, nickname_origin) |
||
| 154 | self._abort_request(status_code=http_client.BAD_REQUEST, |
||
| 155 | message=message) |
||
| 156 | return |
||
| 157 | try: |
||
| 158 | token = self._create_token_for_user(username=username, ttl=ttl) |
||
| 159 | return self._process_successful_response(token=token) |
||
| 160 | except TTLTooLargeException as e: |
||
| 161 | self._abort_request(status_code=http_client.BAD_REQUEST, |
||
| 162 | message=e.message) |
||
| 163 | return |
||
| 164 | |||
| 165 | LOG.audit('Invalid credentials provided', extra=extra) |
||
| 166 | self._abort_request() |
||
| 167 | |||
| 180 |
