File: login.py

package info (click to toggle)
firefox 149.0-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 4,767,760 kB
  • sloc: cpp: 7,416,064; javascript: 6,752,859; ansic: 3,774,850; python: 1,250,473; xml: 641,578; asm: 439,191; java: 186,617; sh: 56,634; makefile: 18,856; objc: 13,092; perl: 12,763; pascal: 5,960; yacc: 4,583; cs: 3,846; lex: 1,720; ruby: 1,002; php: 436; lisp: 258; awk: 105; sql: 66; sed: 53; csh: 10; exp: 6
file content (58 lines) | stat: -rw-r--r-- 2,669 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
import json
import importlib
session_manager = importlib.import_module('device-bound-session-credentials.session_manager')

def main(request, response):
    num_sessions = 1
    use_single_header = True
    registration_url = "/device-bound-session-credentials/start_session.py"
    request_body_raw = request.body.decode('utf-8')
    if len(request_body_raw) > 0:
        request_body = json.loads(request_body_raw)
        maybe_num_sessions = request_body.get("numSessions")
        if maybe_num_sessions is not None:
            num_sessions = maybe_num_sessions
        maybe_use_single_header = request_body.get("useSingleHeader")
        if maybe_use_single_header is not None:
            use_single_header = maybe_use_single_header
        maybe_registration_url = request_body.get("registrationUrl")
        if maybe_registration_url is not None:
            registration_url = maybe_registration_url

    test_session_manager = session_manager.find_for_request(request)

    header_items = ["(RS256)",f'path="{registration_url}"']
    if test_session_manager.get_allows_challenges():
        header_items.append('challenge="login_challenge_value"')
    authorization_value = test_session_manager.get_authorization_value()
    if authorization_value is not None:
        header_items.append(f'authorization="{authorization_value}"')
    provider_session_id = test_session_manager.get_provider_session_id()
    if provider_session_id is not None:
        header_items.append(f'provider_session_id="{provider_session_id}"')
    provider_url = test_session_manager.get_provider_url()
    if provider_url is not None:
        header_items.append(f'provider_url="{provider_url}"')
    provider_key = test_session_manager.get_provider_key()
    if provider_key is not None:
        header_items.append(f'provider_key="{provider_key}"')

    registrations = []
    for i in range(num_sessions):
        registrations.append(('Secure-Session-Registration', ";".join(header_items)))

    headers = []
    if request.headers.get(b"origin") is not None:
        # Some tests (e.g. subdomain-registration.https.html) login
        # across origins. Allow cookies so that we can get the
        # session_manager for the request.
        headers = [
            ("Access-Control-Allow-Origin", request.headers.get(b"origin")),
            ("Access-Control-Allow-Credentials", "true"),
        ]

    if use_single_header:
        combined_registrations = [("Secure-Session-Registration", ", ".join([registration[1] for registration in registrations]))]
        return (200, headers + combined_registrations, "")
    else:
        return (200, headers + registrations, "")