Skip to content
Snippets Groups Projects
Commit ed83e8b0 authored by Jan Hartig's avatar Jan Hartig
Browse files

Replace DN Regex to support more certificates

parent f2fe4c53
No related branches found
No related tags found
1 merge request!17Develop
Pipeline #16176 passed
......@@ -2,7 +2,6 @@
import hmac
import json
from base64 import urlsafe_b64encode
from re import compile
from time import time
from urllib.parse import quote
......@@ -21,8 +20,6 @@ SANIC_JITSI_APP_SECRET: Jitsi App Secret
SANIC_TOKEN_VALID_FOR: Time in seconds generated JWT will be valid for
'''
re_dn = compile("CN=([^,]+).+,O=Physikalisch-Technische Bundesanstalt.+C=DE")
# Static token header string
header = json.dumps({
"typ": "JWT",
......@@ -36,15 +33,13 @@ async def cert2room(request):
serial = request.headers.get("SSL-Client-Serial")
if s_dn and serial:
# Additional cert validation based on regex
match = re_dn.search(s_dn)
# Turn distinguished names string into dict
dn = dict(item.split("=") for item in s_dn.split(","))
if not match:
# Check if User is PTB
if not dn["O"] == "Physikalisch-Technische Bundesanstalt":
raise Unauthorized("Unauthorized")
# Get user's name from regex match
name = match.groups()[0]
# Get user's room & email from json file
try:
room = await get_user_data(serial)
......@@ -55,7 +50,7 @@ async def cert2room(request):
except KeyError:
# Serial not found, build room from name
room = name
room = dn["CN"]
# Make room name url-safe
room = quote(room)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment