Myceliandre
/
galicea-odoo-addons-ecosystem
2
0
Fork 1
Code Issues Pull Requests 1 Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19 Commits
6 Branches
0 Tags
609 KiB
Tree: 67338a9c19
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '67338a9c19'
${ noResults }
galicea-odoo-addons-ecosystem/galicea_openid_connect/api.py

103 lines
3.8 KiB
Raw Normal View History

[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[openid_connect] Fix CORS c.d.
5 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect] Fix CORS c.d.
5 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect] Fix CORS c.d.
5 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
[openid_connect] Fix CORS c.d.
5 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect] Fix CORS c.d.
5 years ago
12.0
5 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
12.0
5 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
12.0
5 years ago
[MIG] 13.0 migration
4 years ago
12.0
5 years ago
[MIG] 13.0 migration
4 years ago
12.0
5 years ago
[MIG] 13.0 migration
4 years ago
12.0
5 years ago
[openid_connect]
6 years ago
[MIG] 13.0 migration
4 years ago
[openid_connect]
6 years ago
  1. import json
  2. import logging
  3. from functools import wraps
  5. from odoo import http
  6. import werkzeug
  8. _logger = logging.getLogger(__name__)
  11. class ApiException(Exception):
  12. INVALID_REQUEST = "invalid_request"
  14. def __init__(self, message, code=None):
  15. super(Exception, self).__init__(message)
  16. self.code = code if code else self.INVALID_REQUEST
  19. def resource(path, method, auth="user"):
  20. assert auth in ["user", "client"]
  22. def endpoint_decorator(func):
  23. @http.route(
  24. path, auth="public", type="http", methods=[method, "OPTIONS"], csrf=False
  25. )
  26. @wraps(func)
  27. def func_wrapper(self, req, **query):
  28. cors_headers = {
  29. "Access-Control-Allow-Origin": "*",
  30. "Access-Control-Allow-Headers": "Origin, X-Requested-With, Content-Type, Accept, X-Debug-Mode, Authorization",
  31. "Access-Control-Max-Age": 60 * 60 * 24,
  32. }
  33. if req.httprequest.method == "OPTIONS":
  34. return http.Response(status=200, headers=cors_headers)
  36. try:
  37. access_token = None
  38. if "Authorization" in req.httprequest.headers:
  39. authorization_header = req.httprequest.headers["Authorization"]
  40. if authorization_header[:7] == "Bearer ":
  41. access_token = authorization_header.split(" ", 1)[1]
  42. if access_token is None:
  43. access_token = query.get("access_token")
  44. if not access_token:
  45. raise ApiException(
  46. "access_token param is missing", "invalid_request",
  47. )
  48. if auth == "user":
  49. token = (
  50. req.env["galicea_openid_connect.access_token"]
  51. .sudo()
  52. .search([("token", "=", access_token)])
  53. )
  54. if not token:
  55. raise ApiException(
  56. "access_token is invalid", "invalid_request",
  57. )
  58. req.uid = token.user_id.id
  59. elif auth == "client":
  60. token = (
  61. req.env["galicea_openid_connect.client_access_token"]
  62. .sudo()
  63. .search([("token", "=", access_token)])
  64. )
  65. if not token:
  66. raise ApiException(
  67. "access_token is invalid", "invalid_request",
  68. )
  69. req.uid = token.client_id.system_user_id.id
  71. ctx = req.context.copy()
  72. ctx.update({"client_id": token.client_id.id})
  73. req.context = ctx
  75. response = func(self, req, **query)
  76. return werkzeug.Response(
  77. response=json.dumps(response), headers=cors_headers, status=200
  78. )
  79. except ApiException as e:
  80. error_message = "error: {0}".format(e)
  81. return werkzeug.Response(
  82. response=json.dumps(
  83. {"error": e.code, "error_message": error_message}
  84. ),
  85. status=400,
  86. headers=cors_headers,
  87. )
  88. except:
  89. _logger.exception("Unexpected exception while processing API request")
  90. return werkzeug.Response(
  91. response=json.dumps(
  92. {
  93. "error": "server_error",
  94. "error_message": "Unexpected server error",
  95. }
  96. ),
  97. headers=cors_headers,
  98. status=500,
  99. )
  101. return func_wrapper
  103. return endpoint_decorator