Commit 97dc0a2e authored by Łukasz Nowak's avatar Łukasz Nowak Committed by Rafael Monnerat

Simplify.

Use volatile cache to store tokens and one key per site.
parent b2bb008e
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ActionInformation" module="Products.CMFCore.ActionInformation"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>action</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>action_type/object_list</string>
</tuple>
</value>
</item>
<item>
<key> <string>category</string> </key>
<value> <string>object_list</string> </value>
</item>
<item>
<key> <string>condition</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>description</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>icon</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>view</string> </value>
</item>
<item>
<key> <string>permissions</string> </key>
<value>
<tuple>
<string>View</string>
</tuple>
</value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Action Information</string> </value>
</item>
<item>
<key> <string>priority</string> </key>
<value> <float>1.0</float> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>View</string> </value>
</item>
<item>
<key> <string>visible</string> </key>
<value> <int>1</int> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="Expression" module="Products.CMFCore.Expression"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>text</string> </key>
<value> <string>string:${object_url}/BearerTokenModule_viewBearerTokenList</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
import hmac
from Products.ERP5Type.Cache import DEFAULT_CACHE_SCOPE
def getHMAC(self, key, body):
digest = hmac.new(key, body)
return digest.hexdigest()
def _getCacheFactory(self):
portal = self.getPortalObject()
cache_tool = portal.portal_caches
cache_factory_name = 'bearer_token_cache_factory'
cache_factory = cache_tool.getRamCacheRoot().get(cache_factory_name)
#XXX This conditional statement should be remove as soon as
#Broadcasting will be enable among all zeo clients.
#Interaction which update portal_caches should interact with all nodes.
if cache_factory is None \
and getattr(cache_tool, cache_factory_name, None) is not None:
#ram_cache_root is not up to date for current node
cache_tool.updateCache()
return cache_tool.getRamCacheRoot().get(cache_factory_name)
def setBearerToken(self, key, body):
cache_factory = _getCacheFactory(self)
cache_duration = cache_factory.cache_duration
for cache_plugin in cache_factory.getCachePluginList():
cache_plugin.set(key, DEFAULT_CACHE_SCOPE,
body, cache_duration=cache_duration)
def getBearerToken(self, key):
cache_factory = _getCacheFactory(self)
for cache_plugin in cache_factory.getCachePluginList():
cache_entry = cache_plugin.get(key, DEFAULT_CACHE_SCOPE)
if cache_entry is not None:
return cache_entry.getValue()
raise KeyError('Key %r not found' % key)
<module>
<id>bearer_token_module</id>
<permission_list>
<permission type='tuple'>
<name>Access Transient Objects</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Access contents information</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Access session data</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Add portal content</name>
<role>Assignor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Add portal folders</name>
<role>Assignor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Change local roles</name>
<role>Assignor</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Copy or Move</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Delete objects</name>
<role>Assignor</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>List folder contents</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Modify portal content</name>
<role>Assignor</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>View</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>View History</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
</permission_list>
<portal_type>Bearer Token Module</portal_type>
<title>Bearer Tokens</title>
</module>
\ No newline at end of file
......@@ -2,82 +2,73 @@
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ActionInformation" module="Products.CMFCore.ActionInformation"/>
<global name="Cache Factory" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>action</string> </key>
<key> <string>_count</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>categories</string> </key>
<key> <string>_mt_index</string> </key>
<value>
<tuple>
<string>action_type/object_view</string>
</tuple>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>category</string> </key>
<value> <string>object_view</string> </value>
<key> <string>_tree</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item>
<item>
<key> <string>condition</string> </key>
<value> <string></string> </value>
<key> <string>cache_duration</string> </key>
<value> <int>3600</int> </value>
</item>
<item>
<key> <string>description</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>icon</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>view</string> </value>
</item>
<item>
<key> <string>permissions</string> </key>
<value>
<tuple>
<string>View</string>
</tuple>
<none/>
</value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Action Information</string> </value>
<key> <string>id</string> </key>
<value> <string>bearer_token_cache_factory</string> </value>
</item>
<item>
<key> <string>priority</string> </key>
<value> <float>1.0</float> </value>
<key> <string>portal_type</string> </key>
<value> <string>Cache Factory</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>View</string> </value>
</item>
<item>
<key> <string>visible</string> </key>
<value> <int>1</int> </value>
<value> <string>bearer_token_cache_factory</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="Expression" module="Products.CMFCore.Expression"/>
<global name="Length" module="BTrees.Length"/>
</pickle>
<pickle> <int>0</int> </pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<dictionary>
<item>
<key> <string>text</string> </key>
<value> <string>string:${object_url}/BearerToken_view</string> </value>
</item>
</dictionary>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Ram Cache" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>id</string> </key>
<value> <string>volatile_cache_plugin</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Ram Cache</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<allowed_content_type_list>
<portal_type id="Bearer Token Module">
<item>Bearer Token</item>
</portal_type>
</allowed_content_type_list>
\ No newline at end of file
<base_category_list>
<portal_type id="Bearer Token Module">
<item>business_application</item>
</portal_type>
</base_category_list>
\ No newline at end of file
<property_sheet_list>
<portal_type id="Bearer Token">
<item>DublinCore</item>
<item>Reference</item>
<item>Version</item>
</portal_type>
<portal_type id="Person">
<item>BearerToken</item>
</portal_type>
</property_sheet_list>
\ No newline at end of file
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Base Type" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_property_domain_dict</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>content_icon</string> </key>
<value> <string>folder_icon.gif</string> </value>
</item>
<item>
<key> <string>factory</string> </key>
<value> <string>addFolder</string> </value>
</item>
<item>
<key> <string>group_list</string> </key>
<value>
<tuple>
<string>module</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Bearer Token Module</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Base Type</string> </value>
</item>
<item>
<key> <string>type_class</string> </key>
<value> <string>Folder</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary>
<item>
<key> <string>short_title</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>title</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="TranslationInformation" module="Products.ERP5Type.TranslationProviderBase"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>domain_name</string> </key>
<value> <string>erp5_ui</string> </value>
</item>
<item>
<key> <string>property_name</string> </key>
<value> <string>short_title</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="TranslationInformation" module="Products.ERP5Type.TranslationProviderBase"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>domain_name</string> </key>
<value> <string>erp5_ui</string> </value>
</item>
<item>
<key> <string>property_name</string> </key>
<value> <string>title</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Base Type" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>content_icon</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>factory</string> </key>
<value> <string>addXMLObject</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Bearer Token</string> </value>
</item>
<item>
<key> <string>init_script</string> </key>
<value> <string>BearerToken_init</string> </value>
</item>
<item>
<key> <string>permission</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Base Type</string> </value>
</item>
<item>
<key> <string>type_class</string> </key>
<value> <string>XMLObject</string> </value>
</item>
<item>
<key> <string>type_interface</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>type_mixin</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<workflow_chain>
<chain>
<type>Bearer Token</type>
<workflow>edit_workflow, validation_workflow</workflow>
</chain>
</workflow_chain>
\ No newline at end of file
......@@ -32,7 +32,7 @@
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerToken</string> </value>
<value> <string>BearerTokenSystemPreference</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
......
......@@ -22,12 +22,24 @@
</item>
<item>
<key> <string>id</string> </key>
<value> <string>bearer_token_key_property</string> </value>
<value> <string>preferred_bearer_token_key_property</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Standard Property</string> </value>
</item>
<item>
<key> <string>preference</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>read_permission</string> </key>
<value> <string>Manage properties</string> </value>
</item>
<item>
<key> <string>write_permission</string> </key>
<value> <string>Manage properties</string> </value>
</item>
</dictionary>
</pickle>
</record>
......
......@@ -53,31 +53,37 @@
<value> <string encoding="cdata"><![CDATA[
from DateTime import DateTime\n
if context.getPortalType() != \'Bearer Token\':\n
raise TypeError(\'Call me on token\')\n
try:\n
token_dict = context.Base_getBearerToken(token)\n
except KeyError:\n
# not found\n
return None\n
\n
person = context.getPortalObject().portal_catalog.getResultValue(portal_type=\'Person\', reference=context.getDestinationReference())\n
key = context.getPortalObject().portal_preferences.getPreferredBearerTokenKey()\n
\n
if person is None:\n
return False\n
if context.Base_getHMAC(key, str(token_dict)) != token:\n
# bizzare, not valid\n
return None\n
\n
if context.BearerToken_getHMAC(person.getBearerTokenKey(), context.getSourceReference()) == context.getReference() \\\n
and context.getExpirationDate() >= DateTime() and context.getValidationState() == \'validated\' \\\n
and context.getDestinationReference() is not None:\n
return True\n
if DateTime().timeTime() > token_dict[\'expiration_timestamp\']:\n
# expired\n
return None\n
\n
return False\n
if token_dict[\'user-agent\'] == context.REQUEST.getHeader(\'User-Agent\') and token_dict[\'remote-addr\'] == context.REQUEST.get(\'REMOTE_ADDR\'):\n
# correct\n
return token_dict[\'reference\']\n
return None\n
]]></string> </value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string></string> </value>
<value> <string>token</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerToken_isValid</string> </value>
<value> <string>Base_extractBearerTokenInformation</string> </value>
</item>
</dictionary>
</pickle>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_function</string> </key>
<value> <string>getBearerToken</string> </value>
</item>
<item>
<key> <string>_module</string> </key>
<value> <string>BearerToken</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Base_getBearerToken</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
......@@ -51,8 +51,9 @@
<item>
<key> <string>_body</string> </key>
<value> <string>if REQUEST is not None:\n
raise ValueError\n
context.updateLocalRolesOnSecurityGroups()\n
# mini security\n
return None\n
return context.getPortalObject().portal_preferences.getPreferredBearerTokenKey()\n
</string> </value>
</item>
<item>
......@@ -69,7 +70,7 @@ context.updateLocalRolesOnSecurityGroups()\n
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerToken_updateLocalRolesOnSecurityGroups</string> </value>
<value> <string>Base_getBearerTokenKey</string> </value>
</item>
</dictionary>
</pickle>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_function</string> </key>
<value> <string>setBearerToken</string> </value>
</item>
<item>
<key> <string>_module</string> </key>
<value> <string>BearerToken</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Base_setBearerToken</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>from DateTime import DateTime\n
if context.getPortalType() != \'Bearer Token Module\':\n
raise TypeError(\'Call me on module\')\n
\n
person = context.getPortalObject().portal_catalog.getResultValue(portal_type=\'Person\', reference=destination_reference)\n
\n
if person is None:\n
raise ValueError(\'Cannot find Person with reference %r\' % destination_reference)\n
\n
key = person.getBearerTokenKey()\n
if not key:\n
key = context.Person_resetBearerTokenKey()\n
\n
token = context.newContent(portal_type=\'Bearer Token\',\n
destination_reference=destination_reference,\n
expiration_date=DateTime() + (1./24) # 1 hour of validity\n
)\n
\n
# update roles fast in order to allow restricted users immediate access\n
token.BearerToken_updateLocalRolesOnSecurityGroups()\n
\n
hmac = None\n
for i in range(10):\n
fuzzy = context.Base_generateRandomString()\n
possible_hmac = token.BearerToken_getHMAC(key, fuzzy)\n
if not context.BearerTokenModule_isTokenPresent(possible_hmac) \\\n
and context.getPortalObject().portal_activities.countMessageWithTag(possible_hmac) == 0:\n
hmac = possible_hmac\n
break\n
\n
if hmac is None:\n
raise ValueError(\'It was not possible to generate valid hmac\')\n
\n
token.edit(\n
source_reference=fuzzy,\n
reference=hmac\n
)\n
token.validate()\n
token.reindexObject(activate_kw={\'tag\': hmac})\n
\n
return token\n
</string> </value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>destination_reference</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerTokenModule_addNewToken</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>if context.getPortalType() != \'Bearer Token Module\':\n
raise TypeError(\'Shall be called in Bearer Token Module\')\n
if REQUEST is not None:\n
# "protection" against being called in URL\n
raise ValueError\n
\n
if len(context.searchFolder(portal_type=\'Bearer Token\', reference=reference)) == 0:\n
return False\n
return True\n
</string> </value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>reference, REQUEST=None</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerTokenModule_isTokenPresent</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list>
<string>columns</string>
<string>selection_name</string>
<string>title</string>
</list>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>listbox</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>columns</string> </key>
<value>
<list>
<tuple>
<string>title</string>
<string>Title</string>
</tuple>
<tuple>
<string>source_reference</string>
<string>Source Reference</string>
</tuple>
<tuple>
<string>reference</string>
<string>Reference</string>
</tuple>
<tuple>
<string>destination_reference</string>
<string>Destination Reference</string>
</tuple>
<tuple>
<string>expiration_date</string>
<string>Expiration Date</string>
</tuple>
<tuple>
<string>translated_validation_state_title</string>
<string>State</string>
</tuple>
</list>
</value>
</item>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_list_mode_listbox</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value>
<list>
<tuple>
<string>Bearer Token</string>
<string>Bearer Token</string>
</tuple>
</list>
</value>
</item>
<item>
<key> <string>selection_name</string> </key>
<value> <string>bearer_token_module_selection</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Bearer Tokens</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>return context.Base_getHMAC(key,\n
"""%s\\n%s\\n%s\\n%s""" % (\n
context.REQUEST.getHeader(\'User-Agent\'),\n
context.REQUEST.get(\'REMOTE_ADDR\'),\n
context.getCreationDate().timeTime(),\n
fuzzy)\n
)\n
</string> </value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>key, fuzzy</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerToken_getHMAC</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string># in order to be catalogged in versioning table\n
context.setVersion(1)\n
</string> </value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>*args, **kwargs</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerToken_init</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ERP5Form" module="Products.ERP5Form.Form"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_objects</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>action</string> </key>
<value> <string>Base_edit</string> </value>
</item>
<item>
<key> <string>description</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>edit_order</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>encoding</string> </key>
<value> <string>UTF-8</string> </value>
</item>
<item>
<key> <string>enctype</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>group_list</string> </key>
<value>
<list>
<string>left</string>
<string>right</string>
<string>center</string>
<string>bottom</string>
<string>hidden</string>
</list>
</value>
</item>
<item>
<key> <string>groups</string> </key>
<value>
<dictionary>
<item>
<key> <string>bottom</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>center</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>hidden</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>left</string> </key>
<value>
<list>
<string>my_title</string>
<string>my_source_reference</string>
<string>my_reference</string>
<string>my_destination_reference</string>
</list>
</value>
</item>
<item>
<key> <string>right</string> </key>
<value>
<list>
<string>my_expiration_date</string>
<string>my_translated_validation_state_title</string>
</list>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerToken_view</string> </value>
</item>
<item>
<key> <string>method</string> </key>
<value> <string>POST</string> </value>
</item>
<item>
<key> <string>name</string> </key>
<value> <string>BearerToken_view</string> </value>
</item>
<item>
<key> <string>pt</string> </key>
<value> <string>form_view</string> </value>
</item>
<item>
<key> <string>row_length</string> </key>
<value> <int>4</int> </value>
</item>
<item>
<key> <string>stored_encoding</string> </key>
<value> <string>UTF-8</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Bearer Token</string> </value>
</item>
<item>
<key> <string>unicode_mode</string> </key>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>update_action</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>update_action_title</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list>
<string>title</string>
</list>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_destination_reference</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_view_mode_reference</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Destination Reference</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list>
<string>title</string>
</list>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_expiration_date</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_date_time_field</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Expiration Date</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_reference</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_view_mode_reference</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list>
<string>title</string>
</list>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_source_reference</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_view_mode_reference</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Source Reference</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_translated_validation_state_title</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_view_mode_translated_workflow_state_title</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
......@@ -51,11 +51,25 @@
<item>
<key> <string>_body</string> </key>
<value> <string>if context.getPortalType() != \'Person\':\n
raise TypeError(\'Shall be called on Person\')\n
raise TypeError(\'Person object is required\')\n
from DateTime import DateTime\n
from Products.ERP5Type.DateUtils import addToDate\n
\n
token_key = context.Base_generateRandomString()\n
person.setBearerTokenKey(token_key)\n
return token_key\n
key = context.Base_getBearerTokenKey()\n
if not key:\n
raise ValueError(\'Bearer Key Token is not defined\')\n
\n
token = {\n
\'expiration_timestamp\': addToDate(DateTime(), to_add={\'hour\': 1}).timeTime(),\n
\'reference\': context.getReference(),\n
\'user-agent\': context.REQUEST.getHeader(\'User-Agent\'),\n
\'remote-addr\': context.REQUEST.get(\'REMOTE_ADDR\')\n
}\n
\n
hmac = context.Base_getHMAC(key, str(token))\n
\n
context.Base_setBearerToken(hmac, token)\n
return hmac\n
</string> </value>
</item>
<item>
......@@ -64,7 +78,7 @@ return token_key\n
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Person_resetBearerTokenKey</string> </value>
<value> <string>Person_getBearerToken</string> </value>
</item>
</dictionary>
</pickle>
......
......@@ -35,7 +35,7 @@
</item>
<item>
<key> <string>action</string> </key>
<value> <string>Base_doSelect</string> </value>
<value> <string>Base_edit</string> </value>
</item>
<item>
<key> <string>description</string> </key>
......@@ -74,9 +74,7 @@
<item>
<key> <string>bottom</string> </key>
<value>
<list>
<string>listbox</string>
</list>
<list/>
</value>
</item>
<item>
......@@ -94,7 +92,9 @@
<item>
<key> <string>left</string> </key>
<value>
<list/>
<list>
<string>my_preferred_bearer_token_key</string>
</list>
</value>
</item>
<item>
......@@ -108,7 +108,7 @@
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerTokenModule_viewBearerTokenList</string> </value>
<value> <string>SystemPreference_viewBearerToken</string> </value>
</item>
<item>
<key> <string>method</string> </key>
......@@ -116,11 +116,11 @@
</item>
<item>
<key> <string>name</string> </key>
<value> <string>BearerTokenModule_viewBearerTokenList</string> </value>
<value> <string>SystemPreference_viewBearerToken</string> </value>
</item>
<item>
<key> <string>pt</string> </key>
<value> <string>form_list</string> </value>
<value> <string>form_view</string> </value>
</item>
<item>
<key> <string>row_length</string> </key>
......@@ -132,7 +132,7 @@
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Bearer Tokens</string> </value>
<value> <string>Bearer Token</string> </value>
</item>
<item>
<key> <string>unicode_mode</string> </key>
......
......@@ -10,13 +10,14 @@
<key> <string>delegated_list</string> </key>
<value>
<list>
<string>description</string>
<string>title</string>
</list>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_title</string> </value>
<value> <string>my_preferred_bearer_token_key</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
......@@ -71,6 +72,10 @@
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>description</string> </key>
<value> <string>Enter string random string.</string> </value>
</item>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_string_field</string> </value>
......@@ -85,7 +90,7 @@
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Title</string> </value>
<value> <string>Preferred Bearer Token Key</string> </value>
</item>
</dictionary>
</value>
......
2012/05/16 Łukasz Nowak
* use volatile memcached to store tokens, as there is not need to touch ZODB
* use global token key in order to decouple fully from ERP5 loggable objects
2012/04/25 Łukasz Nowak
* Initial version.
\ No newline at end of file
5
\ No newline at end of file
6
\ No newline at end of file
Bearer Token Module | view
Bearer Token | view
\ No newline at end of file
System Preference | bearer_token_preference_view
\ No newline at end of file
bearer_token_module
\ No newline at end of file
portal_caches/bearer_token_cache_factory
portal_caches/bearer_token_cache_factory/volatile_cache_plugin
\ No newline at end of file
Bearer Token Module | Bearer Token
\ No newline at end of file
Bearer Token Module | business_application
\ No newline at end of file
Bearer Token
Bearer Token Module
\ No newline at end of file
Bearer Token | DublinCore
Bearer Token | Reference
Bearer Token | Version
Person | BearerToken
\ No newline at end of file
Bearer Token | edit_workflow
Bearer Token | validation_workflow
\ No newline at end of file
BearerToken
\ No newline at end of file
BearerTokenSystemPreference
\ No newline at end of file
......@@ -35,24 +35,18 @@ from Products.PluggableAuthService.utils import classImplements
from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin
from Products.ERP5Security.ERP5UserManager import SUPER_USER
from Products.PluggableAuthService.PluggableAuthService import DumbHTTPExtractor
from Products.PluggableAuthService.permissions import ManageUsers
from AccessControl.SecurityManagement import getSecurityManager,\
setSecurityManager, newSecurityManager
from DateTime import DateTime
from Products.ZSQLCatalog.SQLCatalog import SimpleQuery
from zLOG import LOG, ERROR
#Form for new plugin in ZMI
manage_addERP5BearerExtractionPluginForm = PageTemplateFile(
'www/ERP5Security_addERP5BearerExtractionPlugin', globals(),
__name__='manage_addERP5BearerExtractionPluginForm')
def addERP5BearerExtractionPlugin(dispatcher, id, token_portal_type,
token_validation_method, title=None, REQUEST=None):
def addERP5BearerExtractionPlugin(dispatcher, id, title=None, REQUEST=None):
""" Add a ERP5BearerExtractionPlugin to a Pluggable Auth Service. """
plugin = ERP5BearerExtractionPlugin(id, token_portal_type,
token_validation_method, title)
plugin = ERP5BearerExtractionPlugin(id, title)
dispatcher._setObject(plugin.getId(), plugin)
if REQUEST is not None:
......@@ -69,8 +63,6 @@ class ERP5BearerExtractionPlugin(BasePlugin):
meta_type = "ERP5 Bearer Extraction Plugin"
security = ClassSecurityInfo()
token_portal_type = ''
token_validation_method = ''
manage_options = (({'label': 'Edit',
'action': 'manage_editERP5BearerExtractionPluginForm',},
......@@ -78,25 +70,10 @@ class ERP5BearerExtractionPlugin(BasePlugin):
+ BasePlugin.manage_options[:]
)
_properties = (({'id':'token_portal_type',
'type':'string',
'mode':'w',
'label':'Portal Type with tokens'
},
{'id':'token_validation_method',
'type':'string',
'mode':'w',
'label':'Method to validate found token'
}, )
+ BasePlugin._properties[:]
)
def __init__(self, id, token_portal_type, token_validation_method, title=None):
def __init__(self, id, title=None):
#Register value
self._setId(id)
self.title = title
self.token_portal_type = token_portal_type
self.token_validation_method = token_validation_method
####################################
#ILoginPasswordHostExtractionPlugin#
......@@ -124,31 +101,14 @@ class ERP5BearerExtractionPlugin(BasePlugin):
# Not implemented as considered as unsecure.
pass
if token is not None and self.token_portal_type \
and self.token_validation_method:
if token is not None:
sm = getSecurityManager()
if sm.getUser().getId() != SUPER_USER:
newSecurityManager(self, self.getUser(SUPER_USER))
try:
token_document = self.portal_catalog.getResultValue(
portal_type=self.token_portal_type,
reference=token,
query=SimpleQuery(
comparison_operator='>=', expiration_date=DateTime()
),
validation_state='validated'
)
if token_document is not None:
result = False
try:
result = getattr(token_document,
self.token_validation_method)()
except Exception:
LOG('BearerExtractionPlugin', ERROR, 'Problem while calling token '
'validation method %r on %r:' % (self.token_validation_method,
token_document.getPath()), error=True)
if result is True:
creds['external_login'] = token_document.getDestinationReference()
reference = self.Base_extractBearerTokenInformation(token)
if reference is not None:
creds['external_login'] = reference
finally:
setSecurityManager(sm)
if 'external_login' in creds:
......@@ -167,32 +127,6 @@ class ERP5BearerExtractionPlugin(BasePlugin):
globals(),
__name__='manage_editERP5BearerExtractionPluginForm')
security.declareProtected(ManageUsers,
'manage_editERP5BearerExtractionPlugin')
def manage_editERP5BearerExtractionPlugin(self, token_portal_type,
token_validation_method, RESPONSE=None):
"""Edit the object"""
error_message = ''
if token_portal_type == '' or token_portal_type is None or \
token_validation_method == '' or token_validation_method is None:
error_message += 'Token Portal Type is missing '
else:
self.token_portal_type = token_portal_type
self.token_validation_method = token_validation_method
#Redirect
if RESPONSE is not None:
if error_message != '':
self.REQUEST.form['manage_tabs_message'] = error_message
return self.manage_editERP5BearerExtractionPluginForm(RESPONSE)
else:
message = "Updated"
RESPONSE.redirect('%s/manage_editERP5BearerExtractionPluginForm'
'?manage_tabs_message=%s'
% (self.absolute_url(), message)
)
#List implementation of class
classImplements( ERP5BearerExtractionPlugin,
plugins.ILoginPasswordHostExtractionPlugin
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment