diff options
author | RHE <rebirthmonkey@gmail.com> | 2017-11-24 13:54:26 +0100 |
---|---|---|
committer | RHE <rebirthmonkey@gmail.com> | 2017-11-24 13:54:26 +0100 |
commit | 920a49cfa055733d575282973e23558c33087a4a (patch) | |
tree | d371dab34efa5028600dad2e7ca58063626e7ba4 /keystone-moon/keystone/auth/plugins/oauth1.py | |
parent | ef3eefca70d8abb4a00dafb9419ad32738e934b2 (diff) |
remove keystone-moon
Change-Id: I80d7c9b669f19d5f6607e162de8e0e55c2f80fdd
Signed-off-by: RHE <rebirthmonkey@gmail.com>
Diffstat (limited to 'keystone-moon/keystone/auth/plugins/oauth1.py')
-rw-r--r-- | keystone-moon/keystone/auth/plugins/oauth1.py | 64 |
1 files changed, 0 insertions, 64 deletions
diff --git a/keystone-moon/keystone/auth/plugins/oauth1.py b/keystone-moon/keystone/auth/plugins/oauth1.py deleted file mode 100644 index bf60f91c..00000000 --- a/keystone-moon/keystone/auth/plugins/oauth1.py +++ /dev/null @@ -1,64 +0,0 @@ -# Copyright 2013 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -from oslo_utils import timeutils - -from keystone import auth -from keystone.common import controller -from keystone.common import dependency -from keystone import exception -from keystone.i18n import _ -from keystone.oauth1 import core as oauth -from keystone.oauth1 import validator - - -@dependency.requires('oauth_api') -class OAuth(auth.AuthMethodHandler): - def authenticate(self, context, auth_info, auth_context): - """Turn a signed request with an access key into a keystone token.""" - headers = context['headers'] - oauth_headers = oauth.get_oauth_headers(headers) - access_token_id = oauth_headers.get('oauth_token') - - if not access_token_id: - raise exception.ValidationError( - attribute='oauth_token', target='request') - - acc_token = self.oauth_api.get_access_token(access_token_id) - - expires_at = acc_token['expires_at'] - if expires_at: - now = timeutils.utcnow() - expires = timeutils.normalize_time( - timeutils.parse_isotime(expires_at)) - if now > expires: - raise exception.Unauthorized(_('Access token is expired')) - - url = controller.V3Controller.base_url(context, context['path']) - access_verifier = oauth.ResourceEndpoint( - request_validator=validator.OAuthValidator(), - token_generator=oauth.token_generator) - result, request = access_verifier.validate_protected_resource_request( - url, - http_method='POST', - body=context['query_string'], - headers=headers, - realms=None - ) - if not result: - msg = _('Could not validate the access token') - raise exception.Unauthorized(msg) - auth_context['user_id'] = acc_token['authorizing_user_id'] - auth_context['access_token_id'] = access_token_id - auth_context['project_id'] = acc_token['project_id'] |