Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
S
SMART
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
3
Issues
3
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
UNI-KLU
SMART
Commits
cf0da34f
Commit
cf0da34f
authored
Jul 30, 2020
by
Manuel
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
implemented method to verify token
parent
c7776171
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
63 additions
and
1 deletion
+63
-1
security_util.py
src/modules/security/security_util.py
+63
-1
No files found.
src/modules/security/security_util.py
View file @
cf0da34f
# global import, red is normal don't worry
import
network_constants
import
requests
import
json
from
typing
import
Dict
class
TokenStash
:
'''
used to keep track of already verified tokens in order to mitigate the traffic
to the user-microservice
'''
trusted_tokens
=
{}
@
staticmethod
def
add
(
token
:
str
,
username
:
str
):
'''
adds a verified token to the stash
'''
TokenStash
.
trusted_tokens
[
token
]
=
username
@
staticmethod
def
is_token_cached
(
token
:
str
)
->
str
:
'''
returns the associated username to a token, None otherwise
'''
if
token
in
TokenStash
.
trusted_tokens
:
return
TokenStash
.
trusted_tokens
[
token
]
return
None
def
decodeToken
(
token
:
str
)
->
Dict
:
pass
\ No newline at end of file
'''
verifies the passed token on the user-microservice and returns a dictionary with the
subject entry if the verification was successful, an error is raised otherwise
@params:
token - Required : JWT token from authorization header, must start with "Bearer "
'''
cached_username
=
TokenStash
.
is_token_cached
(
token
)
if
cached_username
!=
None
:
print
(
"Re-using cached token!"
)
return
{
"sub"
:
cached_username
}
if
not
token
.
startswith
(
"Bearer "
):
raise
ValueError
(
'Invalid JWT token (must be a Bearer string)'
)
token
=
token
[
7
:]
response
=
requests
.
get
(
f
'https://{REST_GATEWAY_HOSTNAME}/api/tokens/{token}'
)
if
response
.
status_code
!=
200
:
raise
ValueError
(
f
"Validation of token failed ({response.status_code})!"
)
data
=
json
.
dumps
(
response
.
text
)
if
not
"username"
in
data
:
raise
ValueError
(
f
"Validation of token failed (missing field in verification response)!"
)
TokenStash
.
add
(
token
,
data
[
"username"
])
return
{
"sub"
:
data
[
"username"
]}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment