Ozwillo » Modules CKAN Ozwillo

from hashlib import sha1

import hmac

import ckan.plugins as plugins

import ckan.logic as logic

from pylons import config

from ckan.common import request, _

from ckan.logic.action.create import _group_or_org_create as group_or_org_create

def valid_signature_required(func):

    plugin_config_prefix = 'ckanext.ozwillo_organization_api.'

    signature_header_name = config.get(plugin_config_prefix + 'signature_header_name',

                                       'X-Hub-Signature')

    instantiated_secret = config.get(plugin_config_prefix + 'instantiated_secret',

                                     'secret')

    def wrapper(context, data):

        if signature_header_name in request.headers:

            if request.headers[signature_header_name].startswith('sha1='):

                algo, hash = request.headers[signature_header_name].rsplit('=')

                computed_hash = hmac.new(instantiated_secret, str(data), sha1).hexdigest()

                if hash != computed_hash:

                    raise logic.NotAuthorized(_('Invalid HMAC'))

            else:

                raise logic.ValidationError(_('Invalid HMAC algo'))

        else:

            raise logic.NotAuthorized(_("No HMAC in the header"))

        return func(context, data)

    return wrapper

@valid_signature_required

def create_organization(context, data_dict):

    pass

@valid_signature_required

def delete_organization(context, data_dict):

    pass

class OzwilloOrganizationApiPlugin(plugins.SingletonPlugin):

    """

    API for OASIS to create and delete an organization

    """

    plugins.implements(plugins.IActions)

    def get_actions(self):

        return {

            'create-organization': create_organization,

            'delete-organization': delete_organization

        }