File: login.py

package info (click to toggle)
firefox 147.0.2-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 4,683,484 kB
  • sloc: cpp: 7,607,246; javascript: 6,533,185; ansic: 3,775,227; python: 1,415,393; xml: 634,561; asm: 438,951; java: 186,241; sh: 62,752; makefile: 18,079; objc: 13,092; perl: 12,808; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; php: 436; lisp: 258; awk: 247; sql: 66; sed: 54; csh: 10; exp: 6
file content (56 lines) | stat: -rw-r--r-- 2,587 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
 
import json
import importlib
session_manager = importlib.import_module('device-bound-session-credentials.session_manager')

def main(request, response):
    num_sessions = 1
    use_single_header = True
    registration_url = "/device-bound-session-credentials/start_session.py"
    request_body_raw = request.body.decode('utf-8')
    if len(request_body_raw) > 0:
        request_body = json.loads(request_body_raw)
        maybe_num_sessions = request_body.get("numSessions")
        if maybe_num_sessions is not None:
            num_sessions = maybe_num_sessions
        maybe_use_single_header = request_body.get("useSingleHeader")
        if maybe_use_single_header is not None:
            use_single_header = maybe_use_single_header
        maybe_registration_url = request_body.get("registrationUrl")
        if maybe_registration_url is not None:
            registration_url = maybe_registration_url

    test_session_manager = session_manager.find_for_request(request)

    header_items = ["(RS256)",'challenge="login_challenge_value"',f'path="{registration_url}"']
    authorization_value = test_session_manager.get_authorization_value()
    if authorization_value is not None:
        header_items.append(f'authorization="{authorization_value}"')
    provider_session_id = test_session_manager.get_provider_session_id()
    if provider_session_id is not None:
        header_items.append(f'provider_session_id="{provider_session_id}"')
    provider_url = test_session_manager.get_provider_url()
    if provider_url is not None:
        header_items.append(f'provider_url="{provider_url}"')
    provider_key = test_session_manager.get_provider_key()
    if provider_key is not None:
        header_items.append(f'provider_key="{provider_key}"')

    registrations = []
    for i in range(num_sessions):
        registrations.append(('Secure-Session-Registration', ";".join(header_items)))

    headers = []
    if request.headers.get(b"origin") is not None:
        # Some tests (e.g. subdomain-registration.https.html) login
        # across origins. Allow cookies so that we can get the
        # session_manager for the request.
        headers = [
            ("Access-Control-Allow-Origin", request.headers.get(b"origin")),
            ("Access-Control-Allow-Credentials", "true"),
        ]

    if use_single_header:
        combined_registrations = [("Secure-Session-Registration", ", ".join([registration[1] for registration in registrations]))]
        return (200, headers + combined_registrations, "")
    else:
        return (200, headers + registrations, "")