forked from WillAyd/BOESDKParser
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsample_framework.py
More file actions
84 lines (73 loc) · 3.02 KB
/
Copy pathsample_framework.py
File metadata and controls
84 lines (73 loc) · 3.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
from lxml import etree
from bottle import route, run, request, response
def check_content_type(f):
def wrapper(*args, **kwargs):
acc_hdr = request.headers.get('accept')
if acc_hdr == 'application/xml':
return f(*args, **kwargs)
else:
response.status = 406
return 'Unrecognized "accept" header'
return wrapper
def authenticate(f):
'''Very basic authentication method to check if the logon-token'''
def wrapper(*args, **kwargs):
token = request.headers.get('X-SAP-LogonToken')
if token == ('COMMANDCOM-LCM:6400@{3&2=5595,U3&p=40674.9596541551,Y7&4F='
'12,U3&63=secEnterprise,0P&66=60,03&68=secEnterprise:Admini'
'strator,0P&qe=100,U3&vz=SFY6agrLPxpfQBK1ZKYCwoBZKCbfsQm7Vg'
'WZFiH.RhM,UP'):
return f(*args, **kwargs)
else:
response.status = 401
return 'Unrecognized logon token'
return wrapper
@route('/biprws/logon/long')
@check_content_type
def login():
return ('<attrs xmlns="http://www.sap.com/rws/bip">'
'<attr name="userName" type="string"></attr>'
'<attr name="password" type="string"></attr>'
'<attr name="auth" type="string" possibilities="secEnterprise,secLDAP,secWinAD,secSAPR3">secEnterprise</attr>'
'</attrs>')
@route('/biprws/logon/long', method='POST')
@check_content_type
def login():
body = request.body.read()
root = etree.fromstring(body)
user, pw = root[0].text, root[1].text
# This only works for a demo. Authentication would be way more complex
# and use middleware / a database in a real application, but for now
# we'll just check for a user of myUserName and password of myPassword
# to match the SAP examples
if user == 'myUserName' and pw == 'myPassword':
return ('<attrs xmlns="http://www.sap.com/rws/bip">'
'<attr name="LogonToken" type="string">COMMANDCOM-LCM:'
'6400@{3&2=5595,U3&p=40674.9596541551,Y7&4F=12,U3&63=secEnterprise,0P&66=60,03&68='
'secEnterprise:Administrator,'
'0P&qe=100,U3&vz=SFY6agrLPxpfQBK1ZKYCwoBZKCbfsQm7VgWZFiH.RhM,UP</attr>'
'</attrs>')
# Fall back to a 401
response.status = 401
return 'Could not authenticate user with provided credentials'
@route('/biprws/raylight/v1/universes')
@check_content_type
@authenticate
def universes():
return ('<universes>'
'<universe>'
'<id>6773</id>'
'<cuid>AXyRzvmRrJxLqUm6_Jbf7lE</cuid>'
'<name>efashion.unv</name>'
'<type>unv</type>'
'<folderId>6771</folderId>'
'</universe>'
'<universe>'
'<id>5808</id>'
'<cuid>AUW2qRdU0IdPkyhlpZWrxvo</cuid>'
'<name>Warehouse.unx</name>'
'<type>unx</type>'
'<folderId>5807</folderId>'
'</universe>'
'</universes>')
run(host='localhost', port=8080)