1 new commit in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/2015315c6ee6/ Changeset: 2015315c6ee6 User: greg Date: 2014-05-23 21:09:35 Summary: Reuse (rather than copy) the Galaxy API AuthenticationController class in the Tool Shed. Affected #: 2 files diff -r 3d33ae64235e910ad882b8893dfdc9100d8a8210 -r 2015315c6ee603bbea0b21b9595fc343367cf332 lib/galaxy/webapps/tool_shed/api/authenticate.py --- a/lib/galaxy/webapps/tool_shed/api/authenticate.py +++ b/lib/galaxy/webapps/tool_shed/api/authenticate.py @@ -10,22 +10,17 @@ } """ import logging -from base64 import b64decode -from paste.httpexceptions import HTTPBadRequest -from urllib import unquote from galaxy import web -from galaxy.exceptions import ObjectNotFound -from galaxy.web.base.controller import BaseAPIController -from galaxy.web.base.controller import CreatesApiKeysMixin +from galaxy.webapps.galaxy.api.authenticate import AuthenticationController log = logging.getLogger( __name__ ) -class AuthenticationController( BaseAPIController, CreatesApiKeysMixin ): +class ToolShedAuthenticationController( AuthenticationController ): @web.expose_api_anonymous - def get_api_key( self, trans, **kwd ): + def get_tool_shed_api_key( self, trans, **kwd ): """ def get_api_key( self, trans, **kwd ) * GET /api/authenticate/baseauth @@ -36,59 +31,4 @@ :raises: ObjectNotFound, HTTPBadRequest """ - email, password = self._decode_baseauth( trans.environ.get( 'HTTP_AUTHORIZATION' ) ) - user = trans.sa_session.query( trans.app.model.User ).filter( trans.app.model.User.table.c.email == email ).all() - if ( len( user ) is not 1 ): - # DB is inconsistent and we have more users with same email - raise ObjectNotFound - else: - user = user[ 0 ] - is_valid_user = user.check_password( password ) - if ( is_valid_user ): - if user.api_keys: - key = user.api_keys[ 0 ].key - else: - key = self.create_api_key( trans, user ) - return dict( api_key=key ) - else: - trans.response.status = 500 - return "invalid password" - - def _decode_baseauth( self, encoded_str ): - """ - Decode an encrypted HTTP basic authentication string. Returns a tuple of - the form (email, password), and raises a HTTPBadRequest exception if - nothing could be decoded. - - :param encoded_str: BaseAuth string encoded base64 - :type encoded_str: string - - :returns: email of the user - :rtype: string - :returns: password of the user - :rtype: string - - :raises: HTTPBadRequest - """ - split = encoded_str.strip().split( ' ' ) - # If split is only one element, try to decode the email and password directly. - if len( split ) == 1: - try: - email, password = b64decode( split[ 0 ] ).split( ':' ) - except: - raise HTTPBadRequest - # If there are only two elements, check the first and ensure it says - # 'basic' so that we know we're about to decode the right thing. If not, - # bail out. - elif len( split ) == 2: - if split[ 0 ].strip().lower() == 'basic': - try: - email, password = b64decode( split[ 1 ] ).split( ':' ) - except: - raise HTTPBadRequest - else: - raise HTTPBadRequest - # If there are more than 2 elements, something crazy must be happening. Bail. - else: - raise HTTPBadRequest - return unquote( email ), unquote( password ) + return self.get_api_key( trans, **kwd ) diff -r 3d33ae64235e910ad882b8893dfdc9100d8a8210 -r 2015315c6ee603bbea0b21b9595fc343367cf332 lib/galaxy/webapps/tool_shed/buildapp.py --- a/lib/galaxy/webapps/tool_shed/buildapp.py +++ b/lib/galaxy/webapps/tool_shed/buildapp.py @@ -83,7 +83,7 @@ webapp.mapper.connect( 'api_key_retrieval', '/api/authenticate/baseauth/', controller='authenticate', - action='get_api_key', + action='get_tool_shed_api_key', conditions=dict( method=[ "GET" ] ) ) webapp.mapper.resource( 'category', 'categories', Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.