d1_gmn.app.middleware package

Submodules

d1_gmn.app.middleware.detail_codes module

Get Detail Code for DataONE exception based on REST call path.

class d1_gmn.app.middleware.detail_codes.DataoneExceptionToDetailCode

Bases: object

detail_code(request, exception)

d1_gmn.app.middleware.exception_handler module

Exception handler middleware.

Catch, log and serialize exceptions that are raised when processing a request.

Implements the system for returning information about exceptional conditions (errors) as described in Raised by MN and CN APIs http://mule1.dataone.org/ArchitectureDocs/html

An MN is required to always return a DataONE exception on errors. When running in production mode (settings.DEBUG = False and settings.DEBUG_GMN = False), GMN complies with this by wrapping any unhandled internal exception in a DataONE exception.

When running in Django debug mode (settings.DEBUG = True), non-DataONE exceptions are returned as Django HTML exception pages.

Responses to HEAD requests can not contain a body, so the exception is serialized to a set of HTTP headers for HEAD requests.

class d1_gmn.app.middleware.exception_handler.ExceptionHandler(next_in_chain_func)

Bases: object

process_exception(request, e)

d1_gmn.app.middleware.profiling_handler module

d1_gmn.app.middleware.request_handler module

d1_gmn.app.middleware.response_handler module

d1_gmn.app.middleware.session_cert module

Extract subjects from a DataONE X.509 v3 certificate.

If a certificate was provided, it has been validated by Apache before being passed to GMN. So it is known to signed by a trusted CA and to be unexpired.

A user can connect without providing a certificate (and so, without providing a session). This limits the user’s access to data that is publicly available.

A user can connect with a certificate that does not contain a list of equivalent identities and group memberships (no SubjectInfo). This limits the user’s access to data that is publicly available and that is available directly to that user (as designated in the Subject DN).

d1_gmn.app.middleware.session_cert.get_subjects(request)

Get all subjects in the certificate.

  • Returns: primary_str (primary subject), equivalent_set (equivalent identities, groups and group memberships)

  • The primary subject is the certificate subject DN, serialized to a DataONE compliant subject string.

d1_gmn.app.middleware.session_cert.get_authenticated_subjects(cert_pem)

Return primary subject and set of equivalents authenticated by certificate.

  • cert_pem can be str or bytes

d1_gmn.app.middleware.session_jwt module

Validate Java Web Token (JWT) and extract subject.

d1_gmn.app.middleware.session_jwt.validate_jwt_and_get_subject_list(request)

d1_gmn.app.middleware.view_handler module