Commit 461a987e authored by Manuel's avatar Manuel

added role to security token check

parent cf0da34f
from security import security_utils as security
def verifyTokenRegular(token, required_scopes): def verifyTokenRegular(token, required_scopes):
# TODO call restGateway to verify the token # TODO call restGateway to verify the token
return {} return {}
......
...@@ -11,13 +11,15 @@ class TokenStash: ...@@ -11,13 +11,15 @@ class TokenStash:
to the user-microservice to the user-microservice
''' '''
trusted_tokens = {} trusted_tokens = {}
roles = {}
@staticmethod @staticmethod
def add(token: str, username: str): def add(token: str, username: str, role: str):
''' '''
adds a verified token to the stash adds a verified token to the stash
''' '''
TokenStash.trusted_tokens[token] = username TokenStash.trusted_tokens[token] = username
TokenStash.roles[token] = role
@staticmethod @staticmethod
def is_token_cached(token: str) -> str: def is_token_cached(token: str) -> str:
...@@ -25,8 +27,8 @@ class TokenStash: ...@@ -25,8 +27,8 @@ class TokenStash:
returns the associated username to a token, None otherwise returns the associated username to a token, None otherwise
''' '''
if token in TokenStash.trusted_tokens: if token in TokenStash.trusted_tokens and token in TokenStash.roles:
return TokenStash.trusted_tokens[token] return {"sub": TokenStash.trusted_tokens[token], "role": TokenStash.roles[token]}
return None return None
...@@ -62,5 +64,5 @@ def decodeToken(token: str) -> Dict: ...@@ -62,5 +64,5 @@ def decodeToken(token: str) -> Dict:
raise ValueError( raise ValueError(
f"Validation of token failed (missing field in verification response)!") f"Validation of token failed (missing field in verification response)!")
TokenStash.add(token, data["username"]) TokenStash.add(token, data["username"], data["role"])
return {"sub": data["username"]} return {"sub": data["username"], "role": data["role"]}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment