# -------------------------------------------------------------------------
#
+import json
+
+from flask import Response
from flask import request
from flask_httpauth import HTTPBasicAuth
-from flask import Response
-import json
+
import osdf
-from osdf.config.base import http_basic_auth_credentials
+import osdf.config.base as cfg_base
+from osdf.adapters.aaf import aaf_authentication as aaf_auth
+from osdf.config.base import osdf_config
auth_basic = HTTPBasicAuth()
unauthorized_message = json.dumps(error_body)
+
@auth_basic.get_password
def get_pw(username):
- end_point = request.url.split('/')[-1]
- auth_group = osdf.end_point_auth_mapping.get(end_point)
- return http_basic_auth_credentials[auth_group].get(username) if auth_group else None
+ auth_group = ''
+ for k in osdf.end_point_auth_mapping:
+ if k in request.url:
+ auth_group = osdf.end_point_auth_mapping.get(k)
+ return cfg_base.http_basic_auth_credentials[auth_group].get(username) if auth_group else None
+
@auth_basic.error_handler
def auth_error():
response.headers.add('content-length', len(unauthorized_message))
response.status_code = 401
return response
+
+
+@auth_basic.verify_password
+def verify_pw(username, password):
+ is_aaf_enabled = osdf_config.deployment.get('is_aaf_enabled', False)
+ if is_aaf_enabled:
+ return aaf_auth.authenticate(username, password)
+ else:
+ pw = get_pw(username)
+ return pw == password