Ejemplo n.º 1
0
def parse_args():
    usage = (
        """
%s [--test]
	"""
        % sys.argv[0]
    )

    if len(sys.argv) == 2:
        if sys.argv[1] == "--test":
            config = acquire_configuration()
            if not "server" in config:
                print "No server defined."
                raise SystemExit
            if not "apikey" in config:
                print "No API key defined."
                raise SystemExit

            uAuth = Client(config["apikey"], config["server"], verify=False)
            try:
                (resp, status) = uAuth.get("keys")
            except Exception, e:
                print "Error: %s" % e.message
                raise SystemExit

            if status == 200:
                print "The authentication server is available."
        elif sys.argv[1] in ["-h", "--help"]:
            print usage
        raise SystemExit
Ejemplo n.º 2
0
def acquire_configuration():

	# CONFIG file should return a dictionary named config
	# it permits you to determine values programatically
	config_program = Script(CONFIG_FILE)
	config_program.execute()
	config = config_program['config']
	
	if 'use_remote_settings' in config and config['use_remote_settings']:
		client = Client(config['apikey'], config['server'])
		(remote_config, status_code) = client.get("config")
		if status_code == 200:
			for key, value in remote_config.items():
				if key in ['apikey', 'server']:
					continue
				config[key] = value

	return config
Ejemplo n.º 3
0
def authenticate(username, password):
    uAuth = Client(config["apikey"], config["server"], verify=False)

    # Check user groups with server.
    try:
        (resp, status) = uAuth.get("users/%s" % username)
    except:
        if "defer_to_original" in config and config["defer_to_original"]:
            run_default_login_program()

        print "Authentication server currently unavailable."
        return

    if status != 200:
        log("%s user %s" % (str(status), username))
        return

        # Allow/deny based on allow_groups and deny_groups lists.
        # Obtain users groups/roles.
    user_groups = []
    if "groups" in resp:
        user_groups = resp["groups"]

    priority = None
    if "priority" in config:
        priority = config["priority"]

    allowed = False
    if "allow_groups" in config:
        for group in config["allow_groups"]:
            if group in user_groups:
                log("%s found in allow group." % username)
                allowed = True
    else:
        log("No allow groups configured.")
        return

    denied = False
    if "deny_groups" in config:
        for group in config["deny_groups"]:
            if group in user_groups:
                log("%s found in deny group." % username)
                denied = True
    else:
        log("No deny groups configured.")

    if priority and allowed and denied:
        log('Priority "%s"' % priority)
        if priority == "deny":
            return
    elif denied == True or allowed == False:
        log("Denied:  " + str(denied))
        log("Allowed: " + str(allowed))
        return

        # Perform the actual authentication.
        # It's in this section that you would want to upload data from
        # hardware peripherals to make use of key-based authentication.
    try:
        (resp, status) = uAuth.post("users/%s/login" % username, {"password": password})
    except:
        # Defer to the original login program is configured to do so
        if "defer_to_original" in config and config["defer_to_original"]:
            run_default_login_program()

        print "Authentication server currently unavailable."
        return

    if resp == True and status == 200:
        return 1
    return