Add: verified, parsed token as claims kwarg to callbacks

author: Lars Wirzenius <liw@liw.fi> 2017-11-22 20:07:01 +0200
committer: Lars Wirzenius <liw@liw.fi> 2017-11-22 20:07:01 +0200
commit: d4ebdfdc898678c62327d537a9b854e9c70ca48c (patch)
tree: 9c98073bfc141e3dffc2177b2add3b7c185f9b5e
parent: fb5eb73c33e7e249668c77b9b61388738838af75 (diff)
download: apifw-d4ebdfdc898678c62327d537a9b854e9c70ca48c.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/apifw/bottleapp.py b/apifw/bottleapp.py
index 20e57ef..7e1572d 100644
--- a/apifw/bottleapp.py
+++ b/apifw/bottleapp.py
@@ -108,9 +108,10 @@ class BottleAuthorizationPlugin:
 
     def apply(self, callback, route):
         def wrapper(*args, **kwargs):
-
             if self.needs_authorization(route):
-                self.assert_authorized(route)
+                claims = self.get_token_claims()
+                kwargs['claims'] = claims
+                self.assert_authorized(route, claims)
             return callback(*args, **kwargs)
 
         return wrapper
@@ -122,10 +123,13 @@ class BottleAuthorizationPlugin:
         logging.debug('authz_routes: %r', self._authz_routes)
         return key in self._authz_routes
 
-    def assert_authorized(self, route):
+    def get_token_claims(self):
         value = self.get_authorization_header(bottle.request)
         token = self.parse_authorization_header(value)
         claims = self.parse_token(token)
+        return claims
+
+    def assert_authorized(self, route, claims):
         self.check_issuer(claims)
         if not self.scope_allows_route(claims['scope'], route):
             self.raise_forbidden(
author	Lars Wirzenius <liw@liw.fi>	2017-11-22 20:07:01 +0200
committer	Lars Wirzenius <liw@liw.fi>	2017-11-22 20:07:01 +0200
commit	d4ebdfdc898678c62327d537a9b854e9c70ca48c (patch)
tree	9c98073bfc141e3dffc2177b2add3b7c185f9b5e
parent	fb5eb73c33e7e249668c77b9b61388738838af75 (diff)
download	apifw-d4ebdfdc898678c62327d537a9b854e9c70ca48c.tar.gz