2 new commits in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/65ca3d67f90b/ Changeset: 65ca3d67f90b Branch: next-stable User: greg Date: 2014-05-21 21:06:41 Summary: Enhance the Tool Shed API to be able to retrieve an API key for an authenticated user. Affected #: 2 files
diff -r a8904f154c5a1d94d8180c75683992a4123caef2 -r 65ca3d67f90b6617981cd75663dca2246643c047 lib/galaxy/webapps/tool_shed/api/authenticate.py --- /dev/null +++ b/lib/galaxy/webapps/tool_shed/api/authenticate.py @@ -0,0 +1,94 @@ +""" +API key retrieval through BaseAuth +Sample usage: + +curl --user zipzap@foo.com:password http://localhost:9009/api/authenticate/baseauth + +Returns: +{ + "api_key": <some api key> +} +""" +import logging +from base64 import b64decode +from paste.httpexceptions import HTTPBadRequest +from urllib import unquote + +from galaxy import web +from galaxy.exceptions import ObjectNotFound +from galaxy.web.base.controller import BaseAPIController +from galaxy.web.base.controller import CreatesApiKeysMixin + +log = logging.getLogger( __name__ ) + + +class AuthenticationController( BaseAPIController, CreatesApiKeysMixin ): + + @web.expose_api_anonymous + def get_api_key( self, trans, **kwd ): + """ + def get_api_key( self, trans, **kwd ) + * GET /api/authenticate/baseauth + returns an API key for authenticated user based on BaseAuth headers + + :returns: api_key in json format + :rtype: dict + + :raises: ObjectNotFound, HTTPBadRequest + """ + email, password = self._decode_baseauth( trans.environ.get( 'HTTP_AUTHORIZATION' ) ) + user = trans.sa_session.query( trans.app.model.User ).filter( trans.app.model.User.table.c.email == email ).all() + if ( len( user ) is not 1 ): + # DB is inconsistent and we have more users with same email + raise ObjectNotFound + else: + user = user[ 0 ] + is_valid_user = user.check_password( password ) + if ( is_valid_user ): + if user.api_keys: + key = user.api_keys[ 0 ].key + else: + key = self.create_api_key( trans, user ) + return dict( api_key=key ) + else: + trans.response.status = 500 + return "invalid password" + + def _decode_baseauth( self, encoded_str ): + """ + Decode an encrypted HTTP basic authentication string. Returns a tuple of + the form (email, password), and raises a HTTPBadRequest exception if + nothing could be decoded. + + :param encoded_str: BaseAuth string encoded base64 + :type encoded_str: string + + :returns: email of the user + :rtype: string + :returns: password of the user + :rtype: string + + :raises: HTTPBadRequest + """ + split = encoded_str.strip().split( ' ' ) + # If split is only one element, try to decode the email and password directly. + if len( split ) == 1: + try: + email, password = b64decode( split[ 0 ] ).split( ':' ) + except: + raise HTTPBadRequest + # If there are only two elements, check the first and ensure it says + # 'basic' so that we know we're about to decode the right thing. If not, + # bail out. + elif len( split ) == 2: + if split[ 0 ].strip().lower() == 'basic': + try: + email, password = b64decode( split[ 1 ] ).split( ':' ) + except: + raise HTTPBadRequest + else: + raise HTTPBadRequest + # If there are more than 2 elements, something crazy must be happening. Bail. + else: + raise HTTPBadRequest + return unquote( email ), unquote( password )
diff -r a8904f154c5a1d94d8180c75683992a4123caef2 -r 65ca3d67f90b6617981cd75663dca2246643c047 lib/galaxy/webapps/tool_shed/buildapp.py --- a/lib/galaxy/webapps/tool_shed/buildapp.py +++ b/lib/galaxy/webapps/tool_shed/buildapp.py @@ -80,6 +80,11 @@ webapp.add_route( '/repos/*path_info', controller='hg', action='handle_request', path_info='/' ) # Add the web API. # A good resource for RESTful services - http://routes.readthedocs.org/en/latest/restful.html webapp.add_api_controllers( 'galaxy.webapps.tool_shed.api', app ) + webapp.mapper.connect( 'api_key_retrieval', + '/api/authenticate/baseauth/', + controller='authenticate', + action='get_api_key', + conditions=dict( method=[ "GET" ] ) ) webapp.mapper.resource( 'category', 'categories', controller='categories',
https://bitbucket.org/galaxy/galaxy-central/commits/2601a535a022/ Changeset: 2601a535a022 User: davebgx Date: 2014-05-21 21:10:01 Summary: Merge with next-stable. Affected #: 0 files
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.
galaxy-commits@lists.galaxyproject.org