1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
import importlib
keys = importlib.import_module("credential-management.support.fedcm.keys")
def main(request, response):
manifest_url = request.server.stash.take(keys.MANIFEST_URL_IN_MANIFEST_LIST_KEY)
if manifest_url is None or not len(manifest_url):
port = request.server.config.ports["https"][0]
hostname = request.url_parts.hostname
manifest_url = "https://{0}:{1}/credential-management/support/fedcm/manifest.py".format(
hostname, str(port))
else:
try:
manifest_url = manifest_url.decode()
except (UnicodeDecodeError, AttributeError):
pass
if len(request.cookies) > 0:
return (530, [], "Cookie should not be sent to manifest list endpoint")
if request.headers.get(b"Accept") != b"application/json":
return (531, [], "Wrong Accept")
if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
return (532, [], "Wrong Sec-Fetch-Dest header")
if request.headers.get(b"Referer"):
return (533, [], "Should not have Referer")
if request.headers.get(b"Origin"):
return (534, [], "Should not have Origin")
if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors":
return (535, [], "Wrong Sec-Fetch-Mode header")
if request.headers.get(b"Sec-Fetch-Site") != b"cross-site":
return (536, [], "Wrong Sec-Fetch-Site header")
response.headers.set(b"Content-Type", b"application/json")
return """
{{
"provider_urls": [
"{0}"
]
}}
""".format(manifest_url)
|
