wcs: always sign api url (#7404)
This commit is contained in:
parent
df9793d68f
commit
dfac40936e
|
@ -158,17 +158,18 @@ class WcsBlurpMixin(object):
|
|||
}
|
||||
|
||||
url += self.api_url + '?format=json'
|
||||
if context.get('user'):
|
||||
url += '&orig=%s' % wcs_site.get('orig')
|
||||
if wcs_site.get('orig') and wcs_site.get('secret'):
|
||||
url += '&orig=%s' % wcs_site['orig']
|
||||
source['auth_mech'] = 'hmac-sha1'
|
||||
source['signature_key'] = str(wcs_site.get('secret', ''))
|
||||
if context.get('request') and hasattr(context['request'], 'session') \
|
||||
and context['request'].session.get('mellon_session'):
|
||||
mellon = context['request'].session['mellon_session']
|
||||
nameid = mellon['name_id_content']
|
||||
url += '&NameID=' + urllib.quote(nameid)
|
||||
elif hasattr(context['user'], 'email') and context['user'].email:
|
||||
url += '&email=' + urllib.quote(context['user'].email)
|
||||
source['signature_key'] = str(wcs_site['secret'])
|
||||
if context.get('user'):
|
||||
if context.get('request') and hasattr(context['request'], 'session') \
|
||||
and context['request'].session.get('mellon_session'):
|
||||
mellon = context['request'].session['mellon_session']
|
||||
nameid = mellon['name_id_content']
|
||||
url += '&NameID=' + urllib.quote(nameid)
|
||||
elif hasattr(context['user'], 'email') and context['user'].email:
|
||||
url += '&email=' + urllib.quote(context['user'].email)
|
||||
|
||||
source['url'] = url
|
||||
sources.append(source)
|
||||
|
|
Loading…
Reference in New Issue