request_early_challenge.py (1437B)
1 import json 2 import importlib 3 session_manager = importlib.import_module('device-bound-session-credentials.session_manager') 4 5 def main(request, response): 6 test_session_manager = session_manager.find_for_request(request) 7 8 use_single_header = json.loads(request.body.decode('utf-8')).get("useSingleHeader") 9 if use_single_header is None: 10 return (400, response.headers, "") 11 12 headers = [] 13 if request.headers.get(b"origin") is not None: 14 # Some tests (e.g. third-party-registration.https.html) set 15 # challenges across origins. Allow cookies so that we can get 16 # the session_manager for the request. 17 headers = [ 18 ("Access-Control-Allow-Origin", request.headers.get(b"origin")), 19 ("Access-Control-Allow-Credentials", "true"), 20 ] 21 22 challenges = [] 23 for session_id in session_manager.find_for_request(request).get_session_ids(): 24 early_challenge = test_session_manager.get_early_challenge(session_id) 25 if test_session_manager.get_allows_challenges() and early_challenge is not None: 26 challenges.append(("Secure-Session-Challenge", f'"{early_challenge}";id="{session_id}"')) 27 28 if use_single_header: 29 combined_challenges = [("Secure-Session-Challenge", ", ".join([challenge[1] for challenge in challenges]))] 30 return (200, headers + combined_challenges, "") 31 else: 32 return (200, headers + challenges, "")