IEEE.org     |     IEEE Xplore Digital Library     |     IEEE Standards     |     IEEE Spectrum     |     More Sites

Verified Commit e9f71bc4 authored by Emi Simpson's avatar Emi Simpson
Browse files

[api] Encode the token during the SSO flow

parent 4d65134a
Pipeline #1112 failed with stage
in 50 seconds
from flask import Blueprint
from werkzeug.wrappers.response import Response
from base64 import b64encode
from dataclasses import dataclass
from flask_saml2.sp.sp import ServiceProvider #type: ignore
from functools import wraps
......@@ -14,7 +13,7 @@ from mystic.queries.direct_auth import ValidatePasswordError
from mystic.api import after_running_execute_queries, is_r, json_request, make_response, query_args_request, R
from mystic.api.v1.errors import ApiErrorCode, AuthModeDisabledError, BadPasswordError, handle_json_parse_error, InternalError, MalformedArgumentError, MismatchedTypeError, MissingFieldsError, UnknownError, UserDneError, NameTakenError
from mystic.api.v1.saml import AuthAttrs, DictMalformed, provide_saml_data
from mystic.api.v1.types import Auth, create_session, Session, User, user_from_database_user
from mystic.api.v1.types import Auth, create_session, encode_token, Session, User, user_from_database_user
from mystic.api.v1.util import check_all_present, first_error, get_typechecked, unk_err
from mystic.queries import Query, direct_auth
from mystic.types import ApiGetRequest, ApiJsonRequest, Url, UserID
......@@ -262,7 +261,7 @@ class AuthModule:
_add_query_param(
callback_url,
'token',
b64encode(token.token).decode('ASCII'))),
encode_token(token.token))),
on_error=lambda _: (
NULLIFY_SESSION,
_add_query_param(
......@@ -300,7 +299,7 @@ class AuthModule:
_add_query_param(
callback,
'token',
b64encode(token.token).decode('ASCII'))),
encode_token(token.token))),
on_error=lambda _: (
NULLIFY_SESSION,
_add_query_param(
......
......@@ -287,5 +287,8 @@ def create_session(token: SessionTokenInfo, user: User) -> Session:
"""
A shorthand for creating a :class:`Session` from an unencoded session token
"""
return Session(token=encode_token(token.token), expires=token.expires, user=user)
def encode_token(token: bytes) -> str:
from base64 import b64encode
return Session(token=b64encode(token.token).decode('ASCII'), expires=token.expires, user=user)
return b64encode(token).decode('ASCII').replace('+', '%2B')
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment