Acquire.Identity._authorisation module¶

class Authorisation(resource=None, user=None, testing_key=None)[source]¶

Bases: object

This class holds the information needed to show that a user has authorised an action. This contains a signed token that records the time that the authorisation that was signed, together with an extra key (or secret) that can be used by the user and provider to verify that the authorisation is for the correct resource

static from_data(data)[source]¶: Return an authorisation created from the json-decoded dictionary

from_user(user_uid, service_uid)[source]¶: Return whether or not this authorisation comes from the user with passed user_uid registered on the passed service_uid

identity_uid()[source]¶: Return the UID of the identity service that authenticated the user

identity_url()[source]¶: Return the URL of the identity service that authenticated the user

is_null()[source]¶: Return whether or not this authorisation is null

is_stale(stale_time=7200)[source]¶: Return whether or not this authorisation is stale. ‘stale_time’ is the number of seconds after which the authorisation is considered stale (and thus no longer valid)

is_verified(resource=None, refresh_time=3600, stale_time=7200, testing_key=None)[source]¶

Return whether or not this authorisation has been verified. Note that this will cache any verification for ‘refresh_time’ (in seconds)

‘stale_time’ gives the time (in seconds) beyond which the authorisation will be considered stale (and thus not valid). By default this is 7200 seconds (2 hours), meaning that the authorisation must be used within 2 hours to be valid.

last_verification_time()[source]¶: Return the last time this authorisation was verified. Note that you should re-verify authorisations periodically, to ensure that they identity service is still happy that the login session was not suspicious

session_uid()[source]¶: Return the login session that authenticated the user

signature()[source]¶: Return the actual signature

signature_time()[source]¶: Return the time when the authentication was signed

to_data()[source]¶: Return this object serialised to a json-encoded dictionary

user_guid()[source]¶: Return the global UID for this user

user_uid()[source]¶: Return the UID of the user who created this authorisation

verify(resource=None, refresh_time=3600, stale_time=7200, force=False, testing_key=None)[source]¶

Verify that this is a valid authorisation provided by the user for the passed ‘resource’. This will cache the verification for ‘refresh_time’ (in seconds), but re-verification can be forced if ‘force’ is True.

‘stale_time’ gives the time (in seconds) beyond which the authorisation will be considered stale (and thus not valid). By default this is 7200 seconds (2 hours), meaning that the authorisation must be used within 2 hours to be valid.

If ‘testing_key’ is passed, then this object is being tested as part of the unit tests