30 lines
699 B
Python
30 lines
699 B
Python
|
from base64 import b64decode
|
||
|
import traceback
|
||
|
|
||
|
from flask import g, request
|
||
|
|
||
|
from ceo_common.logger_factory import logger_factory
|
||
|
from ceo_common.krb5.utils import store_fwd_tgt_creds
|
||
|
|
||
|
logger = logger_factory(__name__)
|
||
|
|
||
|
|
||
|
def before_request():
|
||
|
if 'x-krb5-cred' not in request.headers:
|
||
|
return
|
||
|
cred = b64decode(request.headers['x-krb5-cred'])
|
||
|
ctx = store_fwd_tgt_creds(cred)
|
||
|
name = ctx.__enter__()
|
||
|
g.stored_creds_ctx = ctx
|
||
|
g.sasl_user = name
|
||
|
|
||
|
|
||
|
def teardown_request(err):
|
||
|
if 'stored_creds_ctx' not in g:
|
||
|
return
|
||
|
try:
|
||
|
ctx = g.stored_creds_ctx
|
||
|
ctx.__exit__(None, None, None)
|
||
|
except Exception:
|
||
|
logger.error(traceback.format_exc())
|