1 def main(request
, response
):
2 if request
.cookies
.get(b
"cookie") != b
"1":
3 return (530, [], "Missing cookie")
4 if request
.method
!= "POST":
5 return (531, [], "Method is not POST")
6 if request
.headers
.get(b
"Content-Type") != b
"application/x-www-form-urlencoded":
7 return (532, [], "Wrong Content-Type")
8 if request
.headers
.get(b
"Accept") != b
"application/json":
9 return (533, [], "Wrong Accept")
10 if request
.headers
.get(b
"Sec-Fetch-Dest") != b
"webidentity":
11 return (500, [], "Wrong Sec-Fetch-Dest header")
12 if request
.headers
.get(b
"Referer"):
13 return (534, [], "Should not have Referer")
14 if not request
.headers
.get(b
"Origin"):
15 return (535, [], "Missing Origin")
16 if request
.headers
.get(b
"Sec-Fetch-Mode") != b
"no-cors":
17 return (539, [], "Wrong Sec-Fetch-Mode header")
18 if request
.headers
.get(b
"Sec-Fetch-Site") != b
"none":
19 return (540, [], "Wrong Sec-Fetch-Site header")
21 if not request
.POST
.get(b
"client_id"):
22 return (536, [], "Missing 'client_id' POST parameter")
23 if not request
.POST
.get(b
"account_id"):
24 return (537, [], "Missing 'account_id' POST parameter")
25 if not request
.POST
.get(b
"disclosure_text_shown"):
26 return (538, [], "Missing 'disclosure_text_shown' POST parameter")
27 if not request
.POST
.get(b
"is_account_auto_selected"):
28 return (541, [], "Missing 'is_account_auto_selected' POST parameter")
30 response
.headers
.set(b
"Content-Type", b
"application/json")
32 return "{\"token\": \"token\"}"