Skip to content
Snippets Groups Projects
Commit 0ed1cc76 authored by Jan Hartig's avatar Jan Hartig
Browse files

Merge branch 'develop' into 'main'

Develop

See merge request !17
parents 508767be ed83e8b0
Branches
No related tags found
1 merge request!17Develop
Pipeline #21213 passed
sanic==22.6.2 sanic==22.12.0
aiofiles~=0.8.0 aiofiles==22.1.0
\ No newline at end of file \ No newline at end of file
...@@ -2,7 +2,6 @@ ...@@ -2,7 +2,6 @@
import hmac import hmac
import json import json
from base64 import urlsafe_b64encode from base64 import urlsafe_b64encode
from re import compile
from time import time from time import time
from urllib.parse import quote from urllib.parse import quote
...@@ -21,8 +20,6 @@ SANIC_JITSI_APP_SECRET: Jitsi App Secret ...@@ -21,8 +20,6 @@ SANIC_JITSI_APP_SECRET: Jitsi App Secret
SANIC_TOKEN_VALID_FOR: Time in seconds generated JWT will be valid for SANIC_TOKEN_VALID_FOR: Time in seconds generated JWT will be valid for
''' '''
re_dn = compile("CN=([^,]+).+,O=Physikalisch-Technische Bundesanstalt.+C=DE")
# Static token header string # Static token header string
header = json.dumps({ header = json.dumps({
"typ": "JWT", "typ": "JWT",
...@@ -36,15 +33,13 @@ async def cert2room(request): ...@@ -36,15 +33,13 @@ async def cert2room(request):
serial = request.headers.get("SSL-Client-Serial") serial = request.headers.get("SSL-Client-Serial")
if s_dn and serial: if s_dn and serial:
# Additional cert validation based on regex # Turn distinguished names string into dict
match = re_dn.search(s_dn) dn = dict(item.split("=") for item in s_dn.split(","))
if not match: # Check if User is PTB
if not dn["O"] == "Physikalisch-Technische Bundesanstalt":
raise Unauthorized("Unauthorized") raise Unauthorized("Unauthorized")
# Get user's name from regex match
name = match.groups()[0]
# Get user's room & email from json file # Get user's room & email from json file
try: try:
room = await get_user_data(serial) room = await get_user_data(serial)
...@@ -55,7 +50,7 @@ async def cert2room(request): ...@@ -55,7 +50,7 @@ async def cert2room(request):
except KeyError: except KeyError:
# Serial not found, build room from name # Serial not found, build room from name
room = name room = dn["CN"]
# Make room name url-safe # Make room name url-safe
room = quote(room) room = quote(room)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment