Commit 461a987e authored by Manuel's avatar Manuel

added role to security token check

parent cf0da34f
from security import security_utils as security
def verifyTokenRegular(token, required_scopes):
# TODO call restGateway to verify the token
return {}
......
......@@ -11,13 +11,15 @@ class TokenStash:
to the user-microservice
'''
trusted_tokens = {}
roles = {}
@staticmethod
def add(token: str, username: str):
def add(token: str, username: str, role: str):
'''
adds a verified token to the stash
'''
TokenStash.trusted_tokens[token] = username
TokenStash.roles[token] = role
@staticmethod
def is_token_cached(token: str) -> str:
......@@ -25,8 +27,8 @@ class TokenStash:
returns the associated username to a token, None otherwise
'''
if token in TokenStash.trusted_tokens:
return TokenStash.trusted_tokens[token]
if token in TokenStash.trusted_tokens and token in TokenStash.roles:
return {"sub": TokenStash.trusted_tokens[token], "role": TokenStash.roles[token]}
return None
......@@ -62,5 +64,5 @@ def decodeToken(token: str) -> Dict:
raise ValueError(
f"Validation of token failed (missing field in verification response)!")
TokenStash.add(token, data["username"])
return {"sub": data["username"]}
TokenStash.add(token, data["username"], data["role"])
return {"sub": data["username"], "role": data["role"]}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment