openapi-core/openapi_core/security/providers.py

import warnings

from openapi_core.security.exceptions import SecurityError


class BaseProvider(object):

    def __init__(self, scheme):
        self.scheme = scheme


class UnsupportedProvider(BaseProvider):

    def __call__(self, request):
        warnings.warn("Unsupported scheme type")


class ApiKeyProvider(BaseProvider):

    def __call__(self, request):
        name = self.scheme['name']
        location = self.scheme['in']
        source = getattr(request.parameters, location)
        if name not in source:
            raise SecurityError("Missing api key parameter.")
        return source[name]


class HttpProvider(BaseProvider):

    def __call__(self, request):
        if 'Authorization' not in request.parameters.header:
            raise SecurityError('Missing authorization header.')
        auth_header = request.parameters.header['Authorization']
        try:
            auth_type, encoded_credentials = auth_header.split(' ', 1)
        except ValueError:
            raise SecurityError('Could not parse authorization header.')

        scheme = self.scheme['scheme']
        if auth_type.lower() != scheme:
            raise SecurityError(
                'Unknown authorization method %s' % auth_type)

        return encoded_credentials
Security providers and security models retouch 2020-02-04 13:54:53 +00:00			`import warnings`

			`from openapi_core.security.exceptions import SecurityError`


			`class BaseProvider(object):`

			`def __init__(self, scheme):`
			`self.scheme = scheme`


			`class UnsupportedProvider(BaseProvider):`

			`def __call__(self, request):`
			`warnings.warn("Unsupported scheme type")`


			`class ApiKeyProvider(BaseProvider):`

			`def __call__(self, request):`
Spec path 2021-04-23 11:36:27 +00:00			`name = self.scheme['name']`
			`location = self.scheme['in']`
			`source = getattr(request.parameters, location)`
			`if name not in source:`
Security providers and security models retouch 2020-02-04 13:54:53 +00:00			`raise SecurityError("Missing api key parameter.")`
Spec path 2021-04-23 11:36:27 +00:00			`return source[name]`
Security providers and security models retouch 2020-02-04 13:54:53 +00:00

			`class HttpProvider(BaseProvider):`

			`def __call__(self, request):`
			`if 'Authorization' not in request.parameters.header:`
			`raise SecurityError('Missing authorization header.')`
			`auth_header = request.parameters.header['Authorization']`
			`try:`
			`auth_type, encoded_credentials = auth_header.split(' ', 1)`
			`except ValueError:`
			`raise SecurityError('Could not parse authorization header.')`

Spec path 2021-04-23 11:36:27 +00:00			`scheme = self.scheme['scheme']`
			`if auth_type.lower() != scheme:`
Security providers and security models retouch 2020-02-04 13:54:53 +00:00			`raise SecurityError(`
			`'Unknown authorization method %s' % auth_type)`
Security HTTP provider fix 2020-03-23 13:20:08 +00:00
			`return encoded_credentials`