X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=osdf%2Fwebapp%2Fappcontroller.py;h=5db879a4a73bd89e7acc68453c2175c24f2872f4;hb=f90e03c6a749ee25df3ac74355981861d59160d0;hp=49f84ffc1fd3dacca8766a04b18fbdbd17360598;hpb=0b855c08fd98fb8fa0f4bc40d8df430c897b4bad;p=optf%2Fosdf.git diff --git a/osdf/webapp/appcontroller.py b/osdf/webapp/appcontroller.py index 49f84ff..5db879a 100644 --- a/osdf/webapp/appcontroller.py +++ b/osdf/webapp/appcontroller.py @@ -16,12 +16,16 @@ # ------------------------------------------------------------------------- # +import json + +from flask import Response from flask import request from flask_httpauth import HTTPBasicAuth -from flask import Response -import json + import osdf -from osdf.config.base import http_basic_auth_credentials +import osdf.config.base as cfg_base +from osdf.adapters.aaf import aaf_authentication as aaf_auth +from osdf.config.base import osdf_config auth_basic = HTTPBasicAuth() @@ -33,11 +37,15 @@ error_body = { unauthorized_message = json.dumps(error_body) + @auth_basic.get_password def get_pw(username): - end_point = request.url.split('/')[-1] - auth_group = osdf.end_point_auth_mapping.get(end_point) - return http_basic_auth_credentials[auth_group].get(username) if auth_group else None + auth_group = '' + for k in osdf.end_point_auth_mapping: + if k in request.url: + auth_group = osdf.end_point_auth_mapping.get(k) + return cfg_base.http_basic_auth_credentials[auth_group].get(username) if auth_group else None + @auth_basic.error_handler def auth_error(): @@ -45,3 +53,13 @@ def auth_error(): response.headers.add('content-length', len(unauthorized_message)) response.status_code = 401 return response + + +@auth_basic.verify_password +def verify_pw(username, password): + is_aaf_enabled = osdf_config.deployment.get('is_aaf_enabled', False) + if is_aaf_enabled: + return aaf_auth.authenticate(username, password) + else: + pw = get_pw(username) + return pw == password