| import importlib |
| keys = importlib.import_module("credential-management.support.fedcm.keys") |
| |
| def main(request, response): |
| manifest_url = request.server.stash.take(keys.MANIFEST_URL_IN_MANIFEST_LIST_KEY) |
| |
| if manifest_url is None or not len(manifest_url): |
| port = request.server.config.ports["https"][0] |
| hostname = request.url_parts.hostname |
| manifest_url = "https://{0}:{1}/credential-management/support/fedcm/manifest.py".format( |
| hostname, str(port)) |
| else: |
| try: |
| manifest_url = manifest_url.decode() |
| except (UnicodeDecodeError, AttributeError): |
| pass |
| |
| if len(request.cookies) > 0: |
| return (530, [], "Cookie should not be sent to manifest list endpoint") |
| if request.headers.get(b"Accept") != b"application/json": |
| return (531, [], "Wrong Accept") |
| if request.headers.get(b"Sec-Fetch-Dest") != b"webidentity": |
| return (532, [], "Wrong Sec-Fetch-Dest header") |
| if request.headers.get(b"Referer"): |
| return (533, [], "Should not have Referer") |
| if request.headers.get(b"Origin"): |
| return (534, [], "Should not have Origin") |
| if request.headers.get(b"Sec-Fetch-Mode") != b"no-cors": |
| return (535, [], "Wrong Sec-Fetch-Mode header") |
| if request.headers.get(b"Sec-Fetch-Site") != b"cross-site": |
| return (536, [], "Wrong Sec-Fetch-Site header") |
| |
| response.headers.set(b"Content-Type", b"application/json") |
| |
| return """ |
| {{ |
| "provider_urls": [ |
| "{0}" |
| ] |
| }} |
| """.format(manifest_url) |