Commit 2e8cf1c2 authored by Łukasz Nowak's avatar Łukasz Nowak

Simplify.

Use volatile cache to store tokens and one key per site.
parent 534b2e77
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ActionInformation" module="Products.CMFCore.ActionInformation"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>action</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>action_type/object_list</string>
</tuple>
</value>
</item>
<item>
<key> <string>category</string> </key>
<value> <string>object_list</string> </value>
</item>
<item>
<key> <string>condition</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>description</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>icon</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>view</string> </value>
</item>
<item>
<key> <string>permissions</string> </key>
<value>
<tuple>
<string>View</string>
</tuple>
</value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Action Information</string> </value>
</item>
<item>
<key> <string>priority</string> </key>
<value> <float>1.0</float> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>View</string> </value>
</item>
<item>
<key> <string>visible</string> </key>
<value> <int>1</int> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="Expression" module="Products.CMFCore.Expression"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>text</string> </key>
<value> <string>string:${object_url}/BearerTokenModule_viewBearerTokenList</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
import hmac import hmac
from Products.ERP5Type.Cache import DEFAULT_CACHE_SCOPE
def getHMAC(self, key, body): def getHMAC(self, key, body):
digest = hmac.new(key, body) digest = hmac.new(key, body)
return digest.hexdigest() return digest.hexdigest()
def _getCacheFactory(self):
portal = self.getPortalObject()
cache_tool = portal.portal_caches
cache_factory_name = 'bearer_token_cache_factory'
cache_factory = cache_tool.getRamCacheRoot().get(cache_factory_name)
#XXX This conditional statement should be remove as soon as
#Broadcasting will be enable among all zeo clients.
#Interaction which update portal_caches should interact with all nodes.
if cache_factory is None \
and getattr(cache_tool, cache_factory_name, None) is not None:
#ram_cache_root is not up to date for current node
cache_tool.updateCache()
return cache_tool.getRamCacheRoot().get(cache_factory_name)
def setBearerToken(self, key, body):
cache_factory = _getCacheFactory(self)
cache_duration = cache_factory.cache_duration
for cache_plugin in cache_factory.getCachePluginList():
cache_plugin.set(key, DEFAULT_CACHE_SCOPE,
body, cache_duration=cache_duration)
def getBearerToken(self, key):
cache_factory = _getCacheFactory(self)
for cache_plugin in cache_factory.getCachePluginList():
cache_entry = cache_plugin.get(key, DEFAULT_CACHE_SCOPE)
if cache_entry is not None:
return cache_entry.getValue()
raise KeyError('Key %r not found' % key)
<module>
<id>bearer_token_module</id>
<permission_list>
<permission type='tuple'>
<name>Access Transient Objects</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Access contents information</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Access session data</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Add portal content</name>
<role>Assignor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Add portal folders</name>
<role>Assignor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Change local roles</name>
<role>Assignor</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Copy or Move</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Delete objects</name>
<role>Assignor</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>List folder contents</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>Modify portal content</name>
<role>Assignor</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>View</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Manager</role>
</permission>
<permission type='tuple'>
<name>View History</name>
<role>Assignee</role>
<role>Assignor</role>
<role>Associate</role>
<role>Auditor</role>
<role>Author</role>
<role>Manager</role>
</permission>
</permission_list>
<portal_type>Bearer Token Module</portal_type>
<title>Bearer Tokens</title>
</module>
\ No newline at end of file
...@@ -2,82 +2,73 @@ ...@@ -2,82 +2,73 @@
<ZopeData> <ZopeData>
<record id="1" aka="AAAAAAAAAAE="> <record id="1" aka="AAAAAAAAAAE=">
<pickle> <pickle>
<global name="ActionInformation" module="Products.CMFCore.ActionInformation"/> <global name="Cache Factory" module="erp5.portal_type"/>
</pickle> </pickle>
<pickle> <pickle>
<dictionary> <dictionary>
<item> <item>
<key> <string>action</string> </key> <key> <string>_count</string> </key>
<value> <value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent> <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value> </value>
</item> </item>
<item> <item>
<key> <string>categories</string> </key> <key> <string>_mt_index</string> </key>
<value> <value>
<tuple> <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
<string>action_type/object_view</string>
</tuple>
</value> </value>
</item> </item>
<item> <item>
<key> <string>category</string> </key> <key> <string>_tree</string> </key>
<value> <string>object_view</string> </value> <value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item> </item>
<item> <item>
<key> <string>condition</string> </key> <key> <string>cache_duration</string> </key>
<value> <string></string> </value> <value> <int>3600</int> </value>
</item> </item>
<item> <item>
<key> <string>description</string> </key> <key> <string>description</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>icon</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>view</string> </value>
</item>
<item>
<key> <string>permissions</string> </key>
<value> <value>
<tuple> <none/>
<string>View</string>
</tuple>
</value> </value>
</item> </item>
<item> <item>
<key> <string>portal_type</string> </key> <key> <string>id</string> </key>
<value> <string>Action Information</string> </value> <value> <string>bearer_token_cache_factory</string> </value>
</item> </item>
<item> <item>
<key> <string>priority</string> </key> <key> <string>portal_type</string> </key>
<value> <float>1.0</float> </value> <value> <string>Cache Factory</string> </value>
</item> </item>
<item> <item>
<key> <string>title</string> </key> <key> <string>title</string> </key>
<value> <string>View</string> </value> <value> <string>bearer_token_cache_factory</string> </value>
</item>
<item>
<key> <string>visible</string> </key>
<value> <int>1</int> </value>
</item> </item>
</dictionary> </dictionary>
</pickle> </pickle>
</record> </record>
<record id="2" aka="AAAAAAAAAAI="> <record id="2" aka="AAAAAAAAAAI=">
<pickle> <pickle>
<global name="Expression" module="Products.CMFCore.Expression"/> <global name="Length" module="BTrees.Length"/>
</pickle> </pickle>
<pickle> <int>0</int> </pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle> <pickle>
<dictionary> <global name="OOBTree" module="BTrees.OOBTree"/>
<item> </pickle>
<key> <string>text</string> </key> <pickle>
<value> <string>string:${object_url}/BearerToken_view</string> </value> <none/>
</item> </pickle>
</dictionary> </record>
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle> </pickle>
</record> </record>
</ZopeData> </ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Ram Cache" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>id</string> </key>
<value> <string>volatile_cache_plugin</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Ram Cache</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<allowed_content_type_list>
<portal_type id="Bearer Token Module">
<item>Bearer Token</item>
</portal_type>
</allowed_content_type_list>
\ No newline at end of file
<base_category_list>
<portal_type id="Bearer Token Module">
<item>business_application</item>
</portal_type>
</base_category_list>
\ No newline at end of file
<property_sheet_list>
<portal_type id="Bearer Token">
<item>DublinCore</item>
<item>Reference</item>
<item>Version</item>
</portal_type>
<portal_type id="Person">
<item>BearerToken</item>
</portal_type>
</property_sheet_list>
\ No newline at end of file
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Base Type" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_property_domain_dict</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>content_icon</string> </key>
<value> <string>folder_icon.gif</string> </value>
</item>
<item>
<key> <string>factory</string> </key>
<value> <string>addFolder</string> </value>
</item>
<item>
<key> <string>group_list</string> </key>
<value>
<tuple>
<string>module</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Bearer Token Module</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Base Type</string> </value>
</item>
<item>
<key> <string>type_class</string> </key>
<value> <string>Folder</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary>
<item>
<key> <string>short_title</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>title</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="TranslationInformation" module="Products.ERP5Type.TranslationProviderBase"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>domain_name</string> </key>
<value> <string>erp5_ui</string> </value>
</item>
<item>
<key> <string>property_name</string> </key>
<value> <string>short_title</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="TranslationInformation" module="Products.ERP5Type.TranslationProviderBase"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>domain_name</string> </key>
<value> <string>erp5_ui</string> </value>
</item>
<item>
<key> <string>property_name</string> </key>
<value> <string>title</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Base Type" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>content_icon</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>factory</string> </key>
<value> <string>addXMLObject</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Bearer Token</string> </value>
</item>
<item>
<key> <string>init_script</string> </key>
<value> <string>BearerToken_init</string> </value>
</item>
<item>
<key> <string>permission</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Base Type</string> </value>
</item>
<item>
<key> <string>type_class</string> </key>
<value> <string>XMLObject</string> </value>
</item>
<item>
<key> <string>type_interface</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>type_mixin</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<workflow_chain>
<chain>
<type>Bearer Token</type>
<workflow>edit_workflow, validation_workflow</workflow>
</chain>
</workflow_chain>
\ No newline at end of file
...@@ -32,7 +32,7 @@ ...@@ -32,7 +32,7 @@
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>BearerToken</string> </value> <value> <string>BearerTokenSystemPreference</string> </value>
</item> </item>
<item> <item>
<key> <string>portal_type</string> </key> <key> <string>portal_type</string> </key>
......
...@@ -22,12 +22,24 @@ ...@@ -22,12 +22,24 @@
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>bearer_token_key_property</string> </value> <value> <string>preferred_bearer_token_key_property</string> </value>
</item> </item>
<item> <item>
<key> <string>portal_type</string> </key> <key> <string>portal_type</string> </key>
<value> <string>Standard Property</string> </value> <value> <string>Standard Property</string> </value>
</item> </item>
<item>
<key> <string>preference</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>read_permission</string> </key>
<value> <string>Manage properties</string> </value>
</item>
<item>
<key> <string>write_permission</string> </key>
<value> <string>Manage properties</string> </value>
</item>
</dictionary> </dictionary>
</pickle> </pickle>
</record> </record>
......
...@@ -53,31 +53,37 @@ ...@@ -53,31 +53,37 @@
<value> <string encoding="cdata"><![CDATA[ <value> <string encoding="cdata"><![CDATA[
from DateTime import DateTime\n from DateTime import DateTime\n
if context.getPortalType() != \'Bearer Token\':\n try:\n
raise TypeError(\'Call me on token\')\n token_dict = context.Base_getBearerToken(token)\n
except KeyError:\n
# not found\n
return None\n
\n \n
person = context.getPortalObject().portal_catalog.getResultValue(portal_type=\'Person\', reference=context.getDestinationReference())\n key = context.getPortalObject().portal_preferences.getPreferredBearerTokenKey()\n
\n \n
if person is None:\n if context.Base_getHMAC(key, str(token_dict)) != token:\n
return False\n # bizzare, not valid\n
return None\n
\n \n
if context.BearerToken_getHMAC(person.getBearerTokenKey(), context.getSourceReference()) == context.getReference() \\\n if DateTime().timeTime() > token_dict[\'expiration_timestamp\']:\n
and context.getExpirationDate() >= DateTime() and context.getValidationState() == \'validated\' \\\n # expired\n
and context.getDestinationReference() is not None:\n return None\n
return True\n
\n \n
return False\n if token_dict[\'user-agent\'] == context.REQUEST.getHeader(\'User-Agent\') and token_dict[\'remote-addr\'] == context.REQUEST.get(\'REMOTE_ADDR\'):\n
# correct\n
return token_dict[\'reference\']\n
return None\n
]]></string> </value> ]]></string> </value>
</item> </item>
<item> <item>
<key> <string>_params</string> </key> <key> <string>_params</string> </key>
<value> <string></string> </value> <value> <string>token</string> </value>
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>BearerToken_isValid</string> </value> <value> <string>Base_extractBearerTokenInformation</string> </value>
</item> </item>
</dictionary> </dictionary>
</pickle> </pickle>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_function</string> </key>
<value> <string>getBearerToken</string> </value>
</item>
<item>
<key> <string>_module</string> </key>
<value> <string>BearerToken</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Base_getBearerToken</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -51,8 +51,9 @@ ...@@ -51,8 +51,9 @@
<item> <item>
<key> <string>_body</string> </key> <key> <string>_body</string> </key>
<value> <string>if REQUEST is not None:\n <value> <string>if REQUEST is not None:\n
raise ValueError\n # mini security\n
context.updateLocalRolesOnSecurityGroups()\n return None\n
return context.getPortalObject().portal_preferences.getPreferredBearerTokenKey()\n
</string> </value> </string> </value>
</item> </item>
<item> <item>
...@@ -69,7 +70,7 @@ context.updateLocalRolesOnSecurityGroups()\n ...@@ -69,7 +70,7 @@ context.updateLocalRolesOnSecurityGroups()\n
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>BearerToken_updateLocalRolesOnSecurityGroups</string> </value> <value> <string>Base_getBearerTokenKey</string> </value>
</item> </item>
</dictionary> </dictionary>
</pickle> </pickle>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_function</string> </key>
<value> <string>setBearerToken</string> </value>
</item>
<item>
<key> <string>_module</string> </key>
<value> <string>BearerToken</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Base_setBearerToken</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>from DateTime import DateTime\n
if context.getPortalType() != \'Bearer Token Module\':\n
raise TypeError(\'Call me on module\')\n
\n
person = context.getPortalObject().portal_catalog.getResultValue(portal_type=\'Person\', reference=destination_reference)\n
\n
if person is None:\n
raise ValueError(\'Cannot find Person with reference %r\' % destination_reference)\n
\n
key = person.getBearerTokenKey()\n
if not key:\n
key = context.Person_resetBearerTokenKey()\n
\n
token = context.newContent(portal_type=\'Bearer Token\',\n
destination_reference=destination_reference,\n
expiration_date=DateTime() + (1./24) # 1 hour of validity\n
)\n
\n
# update roles fast in order to allow restricted users immediate access\n
token.BearerToken_updateLocalRolesOnSecurityGroups()\n
\n
hmac = None\n
for i in range(10):\n
fuzzy = context.Base_generateRandomString()\n
possible_hmac = token.BearerToken_getHMAC(key, fuzzy)\n
if not context.BearerTokenModule_isTokenPresent(possible_hmac) \\\n
and context.getPortalObject().portal_activities.countMessageWithTag(possible_hmac) == 0:\n
hmac = possible_hmac\n
break\n
\n
if hmac is None:\n
raise ValueError(\'It was not possible to generate valid hmac\')\n
\n
token.edit(\n
source_reference=fuzzy,\n
reference=hmac\n
)\n
token.validate()\n
token.reindexObject(activate_kw={\'tag\': hmac})\n
\n
return token\n
</string> </value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>destination_reference</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerTokenModule_addNewToken</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>if context.getPortalType() != \'Bearer Token Module\':\n
raise TypeError(\'Shall be called in Bearer Token Module\')\n
if REQUEST is not None:\n
# "protection" against being called in URL\n
raise ValueError\n
\n
if len(context.searchFolder(portal_type=\'Bearer Token\', reference=reference)) == 0:\n
return False\n
return True\n
</string> </value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>reference, REQUEST=None</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerTokenModule_isTokenPresent</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list>
<string>columns</string>
<string>selection_name</string>
<string>title</string>
</list>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>listbox</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>columns</string> </key>
<value>
<list>
<tuple>
<string>title</string>
<string>Title</string>
</tuple>
<tuple>
<string>source_reference</string>
<string>Source Reference</string>
</tuple>
<tuple>
<string>reference</string>
<string>Reference</string>
</tuple>
<tuple>
<string>destination_reference</string>
<string>Destination Reference</string>
</tuple>
<tuple>
<string>expiration_date</string>
<string>Expiration Date</string>
</tuple>
<tuple>
<string>translated_validation_state_title</string>
<string>State</string>
</tuple>
</list>
</value>
</item>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_list_mode_listbox</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value>
<list>
<tuple>
<string>Bearer Token</string>
<string>Bearer Token</string>
</tuple>
</list>
</value>
</item>
<item>
<key> <string>selection_name</string> </key>
<value> <string>bearer_token_module_selection</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Bearer Tokens</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>return context.Base_getHMAC(key,\n
"""%s\\n%s\\n%s\\n%s""" % (\n
context.REQUEST.getHeader(\'User-Agent\'),\n
context.REQUEST.get(\'REMOTE_ADDR\'),\n
context.getCreationDate().timeTime(),\n
fuzzy)\n
)\n
</string> </value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>key, fuzzy</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerToken_getHMAC</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string># in order to be catalogged in versioning table\n
context.setVersion(1)\n
</string> </value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>*args, **kwargs</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerToken_init</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ERP5Form" module="Products.ERP5Form.Form"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_objects</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>action</string> </key>
<value> <string>Base_edit</string> </value>
</item>
<item>
<key> <string>description</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>edit_order</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>encoding</string> </key>
<value> <string>UTF-8</string> </value>
</item>
<item>
<key> <string>enctype</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>group_list</string> </key>
<value>
<list>
<string>left</string>
<string>right</string>
<string>center</string>
<string>bottom</string>
<string>hidden</string>
</list>
</value>
</item>
<item>
<key> <string>groups</string> </key>
<value>
<dictionary>
<item>
<key> <string>bottom</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>center</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>hidden</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>left</string> </key>
<value>
<list>
<string>my_title</string>
<string>my_source_reference</string>
<string>my_reference</string>
<string>my_destination_reference</string>
</list>
</value>
</item>
<item>
<key> <string>right</string> </key>
<value>
<list>
<string>my_expiration_date</string>
<string>my_translated_validation_state_title</string>
</list>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>BearerToken_view</string> </value>
</item>
<item>
<key> <string>method</string> </key>
<value> <string>POST</string> </value>
</item>
<item>
<key> <string>name</string> </key>
<value> <string>BearerToken_view</string> </value>
</item>
<item>
<key> <string>pt</string> </key>
<value> <string>form_view</string> </value>
</item>
<item>
<key> <string>row_length</string> </key>
<value> <int>4</int> </value>
</item>
<item>
<key> <string>stored_encoding</string> </key>
<value> <string>UTF-8</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Bearer Token</string> </value>
</item>
<item>
<key> <string>unicode_mode</string> </key>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>update_action</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>update_action_title</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list>
<string>title</string>
</list>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_destination_reference</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_view_mode_reference</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Destination Reference</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list>
<string>title</string>
</list>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_expiration_date</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_date_time_field</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Expiration Date</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_reference</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_view_mode_reference</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list>
<string>title</string>
</list>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_source_reference</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_view_mode_reference</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Source Reference</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_translated_validation_state_title</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_view_mode_translated_workflow_state_title</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -51,11 +51,25 @@ ...@@ -51,11 +51,25 @@
<item> <item>
<key> <string>_body</string> </key> <key> <string>_body</string> </key>
<value> <string>if context.getPortalType() != \'Person\':\n <value> <string>if context.getPortalType() != \'Person\':\n
raise TypeError(\'Shall be called on Person\')\n raise TypeError(\'Person object is required\')\n
from DateTime import DateTime\n
from Products.ERP5Type.DateUtils import addToDate\n
\n \n
token_key = context.Base_generateRandomString()\n key = context.Base_getBearerTokenKey()\n
person.setBearerTokenKey(token_key)\n if not key:\n
return token_key\n raise ValueError(\'Bearer Key Token is not defined\')\n
\n
token = {\n
\'expiration_timestamp\': addToDate(DateTime(), to_add={\'hour\': 1}).timeTime(),\n
\'reference\': context.getReference(),\n
\'user-agent\': context.REQUEST.getHeader(\'User-Agent\'),\n
\'remote-addr\': context.REQUEST.get(\'REMOTE_ADDR\')\n
}\n
\n
hmac = context.Base_getHMAC(key, str(token))\n
\n
context.Base_setBearerToken(hmac, token)\n
return hmac\n
</string> </value> </string> </value>
</item> </item>
<item> <item>
...@@ -64,7 +78,7 @@ return token_key\n ...@@ -64,7 +78,7 @@ return token_key\n
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>Person_resetBearerTokenKey</string> </value> <value> <string>Person_getBearerToken</string> </value>
</item> </item>
</dictionary> </dictionary>
</pickle> </pickle>
......
...@@ -35,7 +35,7 @@ ...@@ -35,7 +35,7 @@
</item> </item>
<item> <item>
<key> <string>action</string> </key> <key> <string>action</string> </key>
<value> <string>Base_doSelect</string> </value> <value> <string>Base_edit</string> </value>
</item> </item>
<item> <item>
<key> <string>description</string> </key> <key> <string>description</string> </key>
...@@ -74,9 +74,7 @@ ...@@ -74,9 +74,7 @@
<item> <item>
<key> <string>bottom</string> </key> <key> <string>bottom</string> </key>
<value> <value>
<list> <list/>
<string>listbox</string>
</list>
</value> </value>
</item> </item>
<item> <item>
...@@ -94,7 +92,9 @@ ...@@ -94,7 +92,9 @@
<item> <item>
<key> <string>left</string> </key> <key> <string>left</string> </key>
<value> <value>
<list/> <list>
<string>my_preferred_bearer_token_key</string>
</list>
</value> </value>
</item> </item>
<item> <item>
...@@ -108,7 +108,7 @@ ...@@ -108,7 +108,7 @@
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>BearerTokenModule_viewBearerTokenList</string> </value> <value> <string>SystemPreference_viewBearerToken</string> </value>
</item> </item>
<item> <item>
<key> <string>method</string> </key> <key> <string>method</string> </key>
...@@ -116,11 +116,11 @@ ...@@ -116,11 +116,11 @@
</item> </item>
<item> <item>
<key> <string>name</string> </key> <key> <string>name</string> </key>
<value> <string>BearerTokenModule_viewBearerTokenList</string> </value> <value> <string>SystemPreference_viewBearerToken</string> </value>
</item> </item>
<item> <item>
<key> <string>pt</string> </key> <key> <string>pt</string> </key>
<value> <string>form_list</string> </value> <value> <string>form_view</string> </value>
</item> </item>
<item> <item>
<key> <string>row_length</string> </key> <key> <string>row_length</string> </key>
...@@ -132,7 +132,7 @@ ...@@ -132,7 +132,7 @@
</item> </item>
<item> <item>
<key> <string>title</string> </key> <key> <string>title</string> </key>
<value> <string>Bearer Tokens</string> </value> <value> <string>Bearer Token</string> </value>
</item> </item>
<item> <item>
<key> <string>unicode_mode</string> </key> <key> <string>unicode_mode</string> </key>
......
...@@ -10,13 +10,14 @@ ...@@ -10,13 +10,14 @@
<key> <string>delegated_list</string> </key> <key> <string>delegated_list</string> </key>
<value> <value>
<list> <list>
<string>description</string>
<string>title</string> <string>title</string>
</list> </list>
</value> </value>
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>my_title</string> </value> <value> <string>my_preferred_bearer_token_key</string> </value>
</item> </item>
<item> <item>
<key> <string>message_values</string> </key> <key> <string>message_values</string> </key>
...@@ -71,6 +72,10 @@ ...@@ -71,6 +72,10 @@
<key> <string>values</string> </key> <key> <string>values</string> </key>
<value> <value>
<dictionary> <dictionary>
<item>
<key> <string>description</string> </key>
<value> <string>Enter string random string.</string> </value>
</item>
<item> <item>
<key> <string>field_id</string> </key> <key> <string>field_id</string> </key>
<value> <string>my_string_field</string> </value> <value> <string>my_string_field</string> </value>
...@@ -85,7 +90,7 @@ ...@@ -85,7 +90,7 @@
</item> </item>
<item> <item>
<key> <string>title</string> </key> <key> <string>title</string> </key>
<value> <string>Title</string> </value> <value> <string>Preferred Bearer Token Key</string> </value>
</item> </item>
</dictionary> </dictionary>
</value> </value>
......
2012/05/16 Łukasz Nowak
* use volatile memcached to store tokens, as there is not need to touch ZODB
* use global token key in order to decouple fully from ERP5 loggable objects
2012/04/25 Łukasz Nowak 2012/04/25 Łukasz Nowak
* Initial version. * Initial version.
\ No newline at end of file
5 6
\ No newline at end of file \ No newline at end of file
Bearer Token Module | view System Preference | bearer_token_preference_view
Bearer Token | view \ No newline at end of file
\ No newline at end of file
bearer_token_module
\ No newline at end of file
portal_caches/bearer_token_cache_factory
portal_caches/bearer_token_cache_factory/volatile_cache_plugin
\ No newline at end of file
Bearer Token Module | Bearer Token
\ No newline at end of file
Bearer Token Module | business_application
\ No newline at end of file
Bearer Token
Bearer Token Module
\ No newline at end of file
Bearer Token | DublinCore
Bearer Token | Reference
Bearer Token | Version
Person | BearerToken
\ No newline at end of file
Bearer Token | edit_workflow
Bearer Token | validation_workflow
\ No newline at end of file
BearerToken BearerTokenSystemPreference
\ No newline at end of file \ No newline at end of file
...@@ -35,24 +35,18 @@ from Products.PluggableAuthService.utils import classImplements ...@@ -35,24 +35,18 @@ from Products.PluggableAuthService.utils import classImplements
from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin
from Products.ERP5Security.ERP5UserManager import SUPER_USER from Products.ERP5Security.ERP5UserManager import SUPER_USER
from Products.PluggableAuthService.PluggableAuthService import DumbHTTPExtractor from Products.PluggableAuthService.PluggableAuthService import DumbHTTPExtractor
from Products.PluggableAuthService.permissions import ManageUsers
from AccessControl.SecurityManagement import getSecurityManager,\ from AccessControl.SecurityManagement import getSecurityManager,\
setSecurityManager, newSecurityManager setSecurityManager, newSecurityManager
from DateTime import DateTime
from Products.ZSQLCatalog.SQLCatalog import SimpleQuery
from zLOG import LOG, ERROR
#Form for new plugin in ZMI #Form for new plugin in ZMI
manage_addERP5BearerExtractionPluginForm = PageTemplateFile( manage_addERP5BearerExtractionPluginForm = PageTemplateFile(
'www/ERP5Security_addERP5BearerExtractionPlugin', globals(), 'www/ERP5Security_addERP5BearerExtractionPlugin', globals(),
__name__='manage_addERP5BearerExtractionPluginForm') __name__='manage_addERP5BearerExtractionPluginForm')
def addERP5BearerExtractionPlugin(dispatcher, id, token_portal_type, def addERP5BearerExtractionPlugin(dispatcher, id, title=None, REQUEST=None):
token_validation_method, title=None, REQUEST=None):
""" Add a ERP5BearerExtractionPlugin to a Pluggable Auth Service. """ """ Add a ERP5BearerExtractionPlugin to a Pluggable Auth Service. """
plugin = ERP5BearerExtractionPlugin(id, token_portal_type, plugin = ERP5BearerExtractionPlugin(id, title)
token_validation_method, title)
dispatcher._setObject(plugin.getId(), plugin) dispatcher._setObject(plugin.getId(), plugin)
if REQUEST is not None: if REQUEST is not None:
...@@ -69,8 +63,6 @@ class ERP5BearerExtractionPlugin(BasePlugin): ...@@ -69,8 +63,6 @@ class ERP5BearerExtractionPlugin(BasePlugin):
meta_type = "ERP5 Bearer Extraction Plugin" meta_type = "ERP5 Bearer Extraction Plugin"
security = ClassSecurityInfo() security = ClassSecurityInfo()
token_portal_type = ''
token_validation_method = ''
manage_options = (({'label': 'Edit', manage_options = (({'label': 'Edit',
'action': 'manage_editERP5BearerExtractionPluginForm',}, 'action': 'manage_editERP5BearerExtractionPluginForm',},
...@@ -78,25 +70,10 @@ class ERP5BearerExtractionPlugin(BasePlugin): ...@@ -78,25 +70,10 @@ class ERP5BearerExtractionPlugin(BasePlugin):
+ BasePlugin.manage_options[:] + BasePlugin.manage_options[:]
) )
_properties = (({'id':'token_portal_type', def __init__(self, id, title=None):
'type':'string',
'mode':'w',
'label':'Portal Type with tokens'
},
{'id':'token_validation_method',
'type':'string',
'mode':'w',
'label':'Method to validate found token'
}, )
+ BasePlugin._properties[:]
)
def __init__(self, id, token_portal_type, token_validation_method, title=None):
#Register value #Register value
self._setId(id) self._setId(id)
self.title = title self.title = title
self.token_portal_type = token_portal_type
self.token_validation_method = token_validation_method
#################################### ####################################
#ILoginPasswordHostExtractionPlugin# #ILoginPasswordHostExtractionPlugin#
...@@ -124,31 +101,14 @@ class ERP5BearerExtractionPlugin(BasePlugin): ...@@ -124,31 +101,14 @@ class ERP5BearerExtractionPlugin(BasePlugin):
# Not implemented as considered as unsecure. # Not implemented as considered as unsecure.
pass pass
if token is not None and self.token_portal_type \ if token is not None:
and self.token_validation_method:
sm = getSecurityManager() sm = getSecurityManager()
if sm.getUser().getId() != SUPER_USER: if sm.getUser().getId() != SUPER_USER:
newSecurityManager(self, self.getUser(SUPER_USER)) newSecurityManager(self, self.getUser(SUPER_USER))
try: try:
token_document = self.portal_catalog.getResultValue( reference = self.Base_extractBearerTokenInformation(token)
portal_type=self.token_portal_type, if reference is not None:
reference=token, creds['external_login'] = reference
query=SimpleQuery(
comparison_operator='>=', expiration_date=DateTime()
),
validation_state='validated'
)
if token_document is not None:
result = False
try:
result = getattr(token_document,
self.token_validation_method)()
except Exception:
LOG('BearerExtractionPlugin', ERROR, 'Problem while calling token '
'validation method %r on %r:' % (self.token_validation_method,
token_document.getPath()), error=True)
if result is True:
creds['external_login'] = token_document.getDestinationReference()
finally: finally:
setSecurityManager(sm) setSecurityManager(sm)
if 'external_login' in creds: if 'external_login' in creds:
...@@ -167,32 +127,6 @@ class ERP5BearerExtractionPlugin(BasePlugin): ...@@ -167,32 +127,6 @@ class ERP5BearerExtractionPlugin(BasePlugin):
globals(), globals(),
__name__='manage_editERP5BearerExtractionPluginForm') __name__='manage_editERP5BearerExtractionPluginForm')
security.declareProtected(ManageUsers,
'manage_editERP5BearerExtractionPlugin')
def manage_editERP5BearerExtractionPlugin(self, token_portal_type,
token_validation_method, RESPONSE=None):
"""Edit the object"""
error_message = ''
if token_portal_type == '' or token_portal_type is None or \
token_validation_method == '' or token_validation_method is None:
error_message += 'Token Portal Type is missing '
else:
self.token_portal_type = token_portal_type
self.token_validation_method = token_validation_method
#Redirect
if RESPONSE is not None:
if error_message != '':
self.REQUEST.form['manage_tabs_message'] = error_message
return self.manage_editERP5BearerExtractionPluginForm(RESPONSE)
else:
message = "Updated"
RESPONSE.redirect('%s/manage_editERP5BearerExtractionPluginForm'
'?manage_tabs_message=%s'
% (self.absolute_url(), message)
)
#List implementation of class #List implementation of class
classImplements( ERP5BearerExtractionPlugin, classImplements( ERP5BearerExtractionPlugin,
plugins.ILoginPasswordHostExtractionPlugin plugins.ILoginPasswordHostExtractionPlugin
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment