blob: cba0cb331e714c9a4208bdff1e7d74f19c314f03 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
import importlib
keys = importlib.import_module("credential-management.support.fedcm.keys")
def main(request, response):
manifest_url = request.server.stash.take(keys.MANIFEST_URL_IN_MANIFEST_LIST_KEY)
if manifest_url is None or not len(manifest_url):
port = request.server.config.ports["https"][0]
hostname = request.url_parts.hostname
manifest_url = "https://{0}:{1}/credential-management/support/fedcm/manifest.py".format(
hostname, str(port))
else:
try:
manifest_url = manifest_url.decode()
except (UnicodeDecodeError, AttributeError):
pass
if len(request.cookies) > 0:
return (530, [], "Cookie should not be sent to manifest list endpoint")
if request.headers.get(b"Accept") != b"application/json":
return (531, [], "Wrong Accept")
if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity":
return (532, [], "Wrong Sec-Fetch-Dest header")
if request.headers.get(b"Referer"):
return (533, [], "Should not have Referer")
if request.headers.get(b"Origin"):
return (534, [], "Should not have Origin")
return """
{{
"provider_urls": [
"{0}"
]
}}
""".format(manifest_url)
|
