Merge "Normalize fernet payload disassembly"
This commit is contained in:
commit
95dd28db92
@ -346,7 +346,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, project_id, domain_id, exp_expires_at,
|
exp_user_id, exp_methods, project_id, domain_id, exp_expires_at,
|
||||||
exp_audit_ids, trust_id, federated_info)
|
exp_audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
(user_id, methods, expires_at, audit_ids) = (
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
|
trust_id, federated_info) = (
|
||||||
token_formatters.UnscopedPayload.disassemble(payload))
|
token_formatters.UnscopedPayload.disassemble(payload))
|
||||||
|
|
||||||
self.assertEqual(exp_user_id, user_id)
|
self.assertEqual(exp_user_id, user_id)
|
||||||
@ -368,7 +369,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, exp_project_id, domain_id,
|
exp_user_id, exp_methods, exp_project_id, domain_id,
|
||||||
exp_expires_at, exp_audit_ids, trust_id, federated_info)
|
exp_expires_at, exp_audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
(user_id, methods, project_id, expires_at, audit_ids) = (
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
|
trust_id, federated_info) = (
|
||||||
token_formatters.ProjectScopedPayload.disassemble(payload))
|
token_formatters.ProjectScopedPayload.disassemble(payload))
|
||||||
|
|
||||||
self.assertEqual(exp_user_id, user_id)
|
self.assertEqual(exp_user_id, user_id)
|
||||||
@ -391,7 +393,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, project_id, exp_domain_id,
|
exp_user_id, exp_methods, project_id, exp_domain_id,
|
||||||
exp_expires_at, exp_audit_ids, trust_id, federated_info)
|
exp_expires_at, exp_audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
(user_id, methods, domain_id, expires_at, audit_ids) = (
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
|
trust_id, federated_info) = (
|
||||||
token_formatters.DomainScopedPayload.disassemble(payload))
|
token_formatters.DomainScopedPayload.disassemble(payload))
|
||||||
|
|
||||||
self.assertEqual(exp_user_id, user_id)
|
self.assertEqual(exp_user_id, user_id)
|
||||||
@ -414,7 +417,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, project_id, exp_domain_id,
|
exp_user_id, exp_methods, project_id, exp_domain_id,
|
||||||
exp_expires_at, exp_audit_ids, trust_id, federated_info)
|
exp_expires_at, exp_audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
(user_id, methods, domain_id, expires_at, audit_ids) = (
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
|
trust_id, federated_info) = (
|
||||||
token_formatters.DomainScopedPayload.disassemble(payload))
|
token_formatters.DomainScopedPayload.disassemble(payload))
|
||||||
|
|
||||||
self.assertEqual(exp_user_id, user_id)
|
self.assertEqual(exp_user_id, user_id)
|
||||||
@ -437,7 +441,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, exp_project_id, domain_id,
|
exp_user_id, exp_methods, exp_project_id, domain_id,
|
||||||
exp_expires_at, exp_audit_ids, exp_trust_id, federated_info)
|
exp_expires_at, exp_audit_ids, exp_trust_id, federated_info)
|
||||||
|
|
||||||
(user_id, methods, project_id, expires_at, audit_ids, trust_id) = (
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
|
trust_id, federated_info) = (
|
||||||
token_formatters.TrustScopedPayload.disassemble(payload))
|
token_formatters.TrustScopedPayload.disassemble(payload))
|
||||||
|
|
||||||
self.assertEqual(exp_user_id, user_id)
|
self.assertEqual(exp_user_id, user_id)
|
||||||
@ -460,7 +465,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, project_id, domain_id, exp_expires_at,
|
exp_user_id, exp_methods, project_id, domain_id, exp_expires_at,
|
||||||
exp_audit_ids, trust_id, federated_info)
|
exp_audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
(user_id, methods, expires_at, audit_ids) = (
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
|
trust_id, federated_info) = (
|
||||||
token_formatters.UnscopedPayload.disassemble(payload))
|
token_formatters.UnscopedPayload.disassemble(payload))
|
||||||
|
|
||||||
self.assertEqual(exp_user_id, user_id)
|
self.assertEqual(exp_user_id, user_id)
|
||||||
@ -487,7 +493,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, exp_project_id, domain_id,
|
exp_user_id, exp_methods, exp_project_id, domain_id,
|
||||||
exp_expires_at, exp_audit_ids, trust_id, federated_info)
|
exp_expires_at, exp_audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
(user_id, methods, project_id, expires_at, audit_ids) = (
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
|
trust_id, federated_info) = (
|
||||||
token_formatters.ProjectScopedPayload.disassemble(payload))
|
token_formatters.ProjectScopedPayload.disassemble(payload))
|
||||||
|
|
||||||
self.assertEqual(exp_user_id, user_id)
|
self.assertEqual(exp_user_id, user_id)
|
||||||
@ -517,7 +524,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, project_id, exp_domain_id,
|
exp_user_id, exp_methods, project_id, exp_domain_id,
|
||||||
exp_expires_at, exp_audit_ids, trust_id, federated_info)
|
exp_expires_at, exp_audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
(user_id, methods, domain_id, expires_at, audit_ids) = (
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
|
trust_id, federated_info) = (
|
||||||
token_formatters.DomainScopedPayload.disassemble(payload))
|
token_formatters.DomainScopedPayload.disassemble(payload))
|
||||||
|
|
||||||
self.assertEqual(exp_user_id, user_id)
|
self.assertEqual(exp_user_id, user_id)
|
||||||
@ -544,7 +552,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, exp_project_id, domain_id,
|
exp_user_id, exp_methods, exp_project_id, domain_id,
|
||||||
exp_expires_at, exp_audit_ids, exp_trust_id, federated_info)
|
exp_expires_at, exp_audit_ids, exp_trust_id, federated_info)
|
||||||
|
|
||||||
(user_id, methods, project_id, expires_at, audit_ids, trust_id) = (
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
|
trust_id, federated_info) = (
|
||||||
token_formatters.TrustScopedPayload.disassemble(payload))
|
token_formatters.TrustScopedPayload.disassemble(payload))
|
||||||
|
|
||||||
self.assertEqual(exp_user_id, user_id)
|
self.assertEqual(exp_user_id, user_id)
|
||||||
@ -577,7 +586,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, project_id, domain_id, exp_expires_at,
|
exp_user_id, exp_methods, project_id, domain_id, exp_expires_at,
|
||||||
exp_audit_ids, trust_id, exp_federated_info)
|
exp_audit_ids, trust_id, exp_federated_info)
|
||||||
|
|
||||||
(user_id, methods, expires_at, audit_ids, federated_info) = (
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
|
trust_id, federated_info) = (
|
||||||
token_formatters.FederatedUnscopedPayload.disassemble(payload))
|
token_formatters.FederatedUnscopedPayload.disassemble(payload))
|
||||||
|
|
||||||
self.assertEqual(exp_user_id, user_id)
|
self.assertEqual(exp_user_id, user_id)
|
||||||
@ -615,8 +625,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, exp_project_id, domain_id,
|
exp_user_id, exp_methods, exp_project_id, domain_id,
|
||||||
exp_expires_at, exp_audit_ids, trust_id, exp_federated_info)
|
exp_expires_at, exp_audit_ids, trust_id, exp_federated_info)
|
||||||
|
|
||||||
(user_id, methods, project_id, expires_at, audit_ids,
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
federated_info) = (
|
trust_id, federated_info) = (
|
||||||
token_formatters.FederatedProjectScopedPayload.disassemble(
|
token_formatters.FederatedProjectScopedPayload.disassemble(
|
||||||
payload))
|
payload))
|
||||||
|
|
||||||
@ -643,8 +653,8 @@ class TestPayloads(unit.TestCase):
|
|||||||
exp_user_id, exp_methods, project_id, exp_domain_id,
|
exp_user_id, exp_methods, project_id, exp_domain_id,
|
||||||
exp_expires_at, exp_audit_ids, trust_id, exp_federated_info)
|
exp_expires_at, exp_audit_ids, trust_id, exp_federated_info)
|
||||||
|
|
||||||
(user_id, methods, domain_id, expires_at, audit_ids,
|
(user_id, methods, project_id, domain_id, expires_at, audit_ids,
|
||||||
federated_info) = (
|
trust_id, federated_info) = (
|
||||||
token_formatters.FederatedDomainScopedPayload.disassemble(
|
token_formatters.FederatedDomainScopedPayload.disassemble(
|
||||||
payload))
|
payload))
|
||||||
|
|
||||||
|
@ -186,35 +186,12 @@ class TokenFormatter(object):
|
|||||||
versioned_payload = msgpack.unpackb(serialized_payload)
|
versioned_payload = msgpack.unpackb(serialized_payload)
|
||||||
version, payload = versioned_payload[0], versioned_payload[1:]
|
version, payload = versioned_payload[0], versioned_payload[1:]
|
||||||
|
|
||||||
# depending on the formatter, these may or may not be defined
|
for payload_class in PAYLOAD_CLASSES:
|
||||||
domain_id = None
|
if version == payload_class.version:
|
||||||
project_id = None
|
(user_id, methods, project_id, domain_id, expires_at,
|
||||||
trust_id = None
|
audit_ids, trust_id, federated_info) = (
|
||||||
federated_info = None
|
payload_class.disassemble(payload))
|
||||||
|
break
|
||||||
if version == UnscopedPayload.version:
|
|
||||||
(user_id, methods, expires_at, audit_ids) = (
|
|
||||||
UnscopedPayload.disassemble(payload))
|
|
||||||
elif version == DomainScopedPayload.version:
|
|
||||||
(user_id, methods, domain_id, expires_at, audit_ids) = (
|
|
||||||
DomainScopedPayload.disassemble(payload))
|
|
||||||
elif version == ProjectScopedPayload.version:
|
|
||||||
(user_id, methods, project_id, expires_at, audit_ids) = (
|
|
||||||
ProjectScopedPayload.disassemble(payload))
|
|
||||||
elif version == TrustScopedPayload.version:
|
|
||||||
(user_id, methods, project_id, expires_at, audit_ids, trust_id) = (
|
|
||||||
TrustScopedPayload.disassemble(payload))
|
|
||||||
elif version == FederatedUnscopedPayload.version:
|
|
||||||
(user_id, methods, expires_at, audit_ids, federated_info) = (
|
|
||||||
FederatedUnscopedPayload.disassemble(payload))
|
|
||||||
elif version == FederatedProjectScopedPayload.version:
|
|
||||||
(user_id, methods, project_id, expires_at, audit_ids,
|
|
||||||
federated_info) = FederatedProjectScopedPayload.disassemble(
|
|
||||||
payload)
|
|
||||||
elif version == FederatedDomainScopedPayload.version:
|
|
||||||
(user_id, methods, domain_id, expires_at, audit_ids,
|
|
||||||
federated_info) = FederatedDomainScopedPayload.disassemble(
|
|
||||||
payload)
|
|
||||||
else:
|
else:
|
||||||
# If the token_format is not recognized, raise ValidationError.
|
# If the token_format is not recognized, raise ValidationError.
|
||||||
raise exception.ValidationError(_(
|
raise exception.ValidationError(_(
|
||||||
@ -271,6 +248,17 @@ class BasePayload(object):
|
|||||||
def disassemble(cls, payload):
|
def disassemble(cls, payload):
|
||||||
"""Disassemble an unscoped payload into the component data.
|
"""Disassemble an unscoped payload into the component data.
|
||||||
|
|
||||||
|
The tuple consists of::
|
||||||
|
|
||||||
|
(user_id, methods, project_id, domain_id, expires_at_str,
|
||||||
|
audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
|
* ``methods`` are the auth methods.
|
||||||
|
* federated_info is a dict contains the group IDs, the identity
|
||||||
|
provider ID, the protocol ID, and the federated domain ID
|
||||||
|
|
||||||
|
Fields will be set to None if they didn't apply to this payload type.
|
||||||
|
|
||||||
:param payload: this variant of payload
|
:param payload: this variant of payload
|
||||||
:returns: a tuple of the payloads component data
|
:returns: a tuple of the payloads component data
|
||||||
|
|
||||||
@ -377,20 +365,18 @@ class UnscopedPayload(BasePayload):
|
|||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def disassemble(cls, payload):
|
def disassemble(cls, payload):
|
||||||
"""Disassemble an unscoped payload into the component data.
|
|
||||||
|
|
||||||
:param payload: the payload of an unscoped token
|
|
||||||
:return: a tuple containing the user_id, auth methods, expires_at, and
|
|
||||||
audit_ids
|
|
||||||
|
|
||||||
"""
|
|
||||||
(is_stored_as_bytes, user_id) = payload[0]
|
(is_stored_as_bytes, user_id) = payload[0]
|
||||||
if is_stored_as_bytes:
|
if is_stored_as_bytes:
|
||||||
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
||||||
methods = auth_plugins.convert_integer_to_method_list(payload[1])
|
methods = auth_plugins.convert_integer_to_method_list(payload[1])
|
||||||
expires_at_str = cls._convert_float_to_time_string(payload[2])
|
expires_at_str = cls._convert_float_to_time_string(payload[2])
|
||||||
audit_ids = list(map(provider.base64_encode, payload[3]))
|
audit_ids = list(map(provider.base64_encode, payload[3]))
|
||||||
return (user_id, methods, expires_at_str, audit_ids)
|
project_id = None
|
||||||
|
domain_id = None
|
||||||
|
trust_id = None
|
||||||
|
federated_info = None
|
||||||
|
return (user_id, methods, project_id, domain_id, expires_at_str,
|
||||||
|
audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
|
|
||||||
class DomainScopedPayload(BasePayload):
|
class DomainScopedPayload(BasePayload):
|
||||||
@ -420,13 +406,6 @@ class DomainScopedPayload(BasePayload):
|
|||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def disassemble(cls, payload):
|
def disassemble(cls, payload):
|
||||||
"""Disassemble a payload into the component data.
|
|
||||||
|
|
||||||
:param payload: the payload of a token
|
|
||||||
:return: a tuple containing the user_id, auth methods, domain_id,
|
|
||||||
expires_at_str, and audit_ids
|
|
||||||
|
|
||||||
"""
|
|
||||||
(is_stored_as_bytes, user_id) = payload[0]
|
(is_stored_as_bytes, user_id) = payload[0]
|
||||||
if is_stored_as_bytes:
|
if is_stored_as_bytes:
|
||||||
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
||||||
@ -441,8 +420,12 @@ class DomainScopedPayload(BasePayload):
|
|||||||
raise
|
raise
|
||||||
expires_at_str = cls._convert_float_to_time_string(payload[3])
|
expires_at_str = cls._convert_float_to_time_string(payload[3])
|
||||||
audit_ids = list(map(provider.base64_encode, payload[4]))
|
audit_ids = list(map(provider.base64_encode, payload[4]))
|
||||||
|
project_id = None
|
||||||
|
trust_id = None
|
||||||
|
federated_info = None
|
||||||
|
|
||||||
return (user_id, methods, domain_id, expires_at_str, audit_ids)
|
return (user_id, methods, project_id, domain_id, expires_at_str,
|
||||||
|
audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
|
|
||||||
class ProjectScopedPayload(BasePayload):
|
class ProjectScopedPayload(BasePayload):
|
||||||
@ -465,13 +448,6 @@ class ProjectScopedPayload(BasePayload):
|
|||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def disassemble(cls, payload):
|
def disassemble(cls, payload):
|
||||||
"""Disassemble a payload into the component data.
|
|
||||||
|
|
||||||
:param payload: the payload of a token
|
|
||||||
:return: a tuple containing the user_id, auth methods, project_id,
|
|
||||||
expires_at_str, and audit_ids
|
|
||||||
|
|
||||||
"""
|
|
||||||
(is_stored_as_bytes, user_id) = payload[0]
|
(is_stored_as_bytes, user_id) = payload[0]
|
||||||
if is_stored_as_bytes:
|
if is_stored_as_bytes:
|
||||||
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
||||||
@ -481,8 +457,12 @@ class ProjectScopedPayload(BasePayload):
|
|||||||
project_id = cls.attempt_convert_uuid_bytes_to_hex(project_id)
|
project_id = cls.attempt_convert_uuid_bytes_to_hex(project_id)
|
||||||
expires_at_str = cls._convert_float_to_time_string(payload[3])
|
expires_at_str = cls._convert_float_to_time_string(payload[3])
|
||||||
audit_ids = list(map(provider.base64_encode, payload[4]))
|
audit_ids = list(map(provider.base64_encode, payload[4]))
|
||||||
|
domain_id = None
|
||||||
|
trust_id = None
|
||||||
|
federated_info = None
|
||||||
|
|
||||||
return (user_id, methods, project_id, expires_at_str, audit_ids)
|
return (user_id, methods, project_id, domain_id, expires_at_str,
|
||||||
|
audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
|
|
||||||
class TrustScopedPayload(BasePayload):
|
class TrustScopedPayload(BasePayload):
|
||||||
@ -508,13 +488,6 @@ class TrustScopedPayload(BasePayload):
|
|||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def disassemble(cls, payload):
|
def disassemble(cls, payload):
|
||||||
"""Validate a trust-based payload.
|
|
||||||
|
|
||||||
:param token_string: a string representing the token
|
|
||||||
:returns: a tuple containing the user_id, auth methods, project_id,
|
|
||||||
expires_at_str, audit_ids, and trust_id
|
|
||||||
|
|
||||||
"""
|
|
||||||
(is_stored_as_bytes, user_id) = payload[0]
|
(is_stored_as_bytes, user_id) = payload[0]
|
||||||
if is_stored_as_bytes:
|
if is_stored_as_bytes:
|
||||||
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
||||||
@ -525,9 +498,11 @@ class TrustScopedPayload(BasePayload):
|
|||||||
expires_at_str = cls._convert_float_to_time_string(payload[3])
|
expires_at_str = cls._convert_float_to_time_string(payload[3])
|
||||||
audit_ids = list(map(provider.base64_encode, payload[4]))
|
audit_ids = list(map(provider.base64_encode, payload[4]))
|
||||||
trust_id = cls.convert_uuid_bytes_to_hex(payload[5])
|
trust_id = cls.convert_uuid_bytes_to_hex(payload[5])
|
||||||
|
domain_id = None
|
||||||
|
federated_info = None
|
||||||
|
|
||||||
return (user_id, methods, project_id, expires_at_str, audit_ids,
|
return (user_id, methods, project_id, domain_id, expires_at_str,
|
||||||
trust_id)
|
audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
|
|
||||||
class FederatedUnscopedPayload(BasePayload):
|
class FederatedUnscopedPayload(BasePayload):
|
||||||
@ -567,15 +542,6 @@ class FederatedUnscopedPayload(BasePayload):
|
|||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def disassemble(cls, payload):
|
def disassemble(cls, payload):
|
||||||
"""Validate a federated payload.
|
|
||||||
|
|
||||||
:param token_string: a string representing the token
|
|
||||||
:return: a tuple containing the user_id, auth methods, audit_ids, and a
|
|
||||||
dictionary containing federated information such as the group
|
|
||||||
IDs, the identity provider ID, the protocol ID, and the
|
|
||||||
federated domain ID
|
|
||||||
|
|
||||||
"""
|
|
||||||
(is_stored_as_bytes, user_id) = payload[0]
|
(is_stored_as_bytes, user_id) = payload[0]
|
||||||
if is_stored_as_bytes:
|
if is_stored_as_bytes:
|
||||||
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
||||||
@ -589,7 +555,11 @@ class FederatedUnscopedPayload(BasePayload):
|
|||||||
audit_ids = list(map(provider.base64_encode, payload[6]))
|
audit_ids = list(map(provider.base64_encode, payload[6]))
|
||||||
federated_info = dict(group_ids=group_ids, idp_id=idp_id,
|
federated_info = dict(group_ids=group_ids, idp_id=idp_id,
|
||||||
protocol_id=protocol_id)
|
protocol_id=protocol_id)
|
||||||
return (user_id, methods, expires_at_str, audit_ids, federated_info)
|
project_id = None
|
||||||
|
domain_id = None
|
||||||
|
trust_id = None
|
||||||
|
return (user_id, methods, project_id, domain_id, expires_at_str,
|
||||||
|
audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
|
|
||||||
class FederatedScopedPayload(FederatedUnscopedPayload):
|
class FederatedScopedPayload(FederatedUnscopedPayload):
|
||||||
@ -616,16 +586,6 @@ class FederatedScopedPayload(FederatedUnscopedPayload):
|
|||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def disassemble(cls, payload):
|
def disassemble(cls, payload):
|
||||||
"""Validate a project-scoped federated payload.
|
|
||||||
|
|
||||||
:param token_string: a string representing the token
|
|
||||||
:returns: a tuple containing the user_id, auth methods, scope_id,
|
|
||||||
expiration time (as str), audit_ids, and a dictionary
|
|
||||||
containing federated information such as the the identity
|
|
||||||
provider ID, the protocol ID, the federated domain ID and
|
|
||||||
group IDs
|
|
||||||
|
|
||||||
"""
|
|
||||||
(is_stored_as_bytes, user_id) = payload[0]
|
(is_stored_as_bytes, user_id) = payload[0]
|
||||||
if is_stored_as_bytes:
|
if is_stored_as_bytes:
|
||||||
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id)
|
||||||
@ -633,6 +593,12 @@ class FederatedScopedPayload(FederatedUnscopedPayload):
|
|||||||
(is_stored_as_bytes, scope_id) = payload[2]
|
(is_stored_as_bytes, scope_id) = payload[2]
|
||||||
if is_stored_as_bytes:
|
if is_stored_as_bytes:
|
||||||
scope_id = cls.attempt_convert_uuid_bytes_to_hex(scope_id)
|
scope_id = cls.attempt_convert_uuid_bytes_to_hex(scope_id)
|
||||||
|
project_id = (
|
||||||
|
scope_id
|
||||||
|
if cls.version == FederatedProjectScopedPayload.version else None)
|
||||||
|
domain_id = (
|
||||||
|
scope_id
|
||||||
|
if cls.version == FederatedDomainScopedPayload.version else None)
|
||||||
group_ids = list(map(cls.unpack_group_id, payload[3]))
|
group_ids = list(map(cls.unpack_group_id, payload[3]))
|
||||||
(is_stored_as_bytes, idp_id) = payload[4]
|
(is_stored_as_bytes, idp_id) = payload[4]
|
||||||
if is_stored_as_bytes:
|
if is_stored_as_bytes:
|
||||||
@ -642,8 +608,9 @@ class FederatedScopedPayload(FederatedUnscopedPayload):
|
|||||||
audit_ids = list(map(provider.base64_encode, payload[7]))
|
audit_ids = list(map(provider.base64_encode, payload[7]))
|
||||||
federated_info = dict(idp_id=idp_id, protocol_id=protocol_id,
|
federated_info = dict(idp_id=idp_id, protocol_id=protocol_id,
|
||||||
group_ids=group_ids)
|
group_ids=group_ids)
|
||||||
return (user_id, methods, scope_id, expires_at_str, audit_ids,
|
trust_id = None
|
||||||
federated_info)
|
return (user_id, methods, project_id, domain_id, expires_at_str,
|
||||||
|
audit_ids, trust_id, federated_info)
|
||||||
|
|
||||||
|
|
||||||
class FederatedProjectScopedPayload(FederatedScopedPayload):
|
class FederatedProjectScopedPayload(FederatedScopedPayload):
|
||||||
|
Loading…
x
Reference in New Issue
Block a user