def setup(use=None, clargs=None): if clargs is None: logging.debug("loading configuration from command line") parser = argparse.ArgumentParser() parser.add_argument("-k", dest="insecure", action="store_true") parser.add_argument("-r", dest="readjson", action="store_true") parser.add_argument("-m", dest="metadata", action="store_true") parser.add_argument("-j", dest="json", action="store_true") parser.add_argument("-g", dest="github", action="store_true") parser.add_argument("-o", dest="outputfile") parser.add_argument(dest="configdir") clargs = parser.parse_args() for attr in dir(clargs): if not attr.startswith("_"): logging.debug(" option clargs.%s = %s" % (attr, getattr(clargs, attr))) conf_source_uri = "file://" + os.path.abspath(clargs.configdir) elif clargs.github: logging.debug("loading configuration from github repo") # make sure we ask github and that our repo-string is clean github_repo = clargs.configdir github_repo = github_repo.replace("[email protected]:", "") github_repo = github_repo.replace("https://github.com/", "") if not re.match("^[a-z0-9\-\.\/]*$", github_repo): raise Exception("suspicious characters in github repository name: " + github_repo) repo_url = "https://github.com/{}".format(github_repo) logging.debug("github repo/branch is %s/%s" % (repo_url, clargs.repobranch)) clargs.configdir = tempfile.mkdtemp() try: # issue with start from pycharm: need to set GIT_PYTHON_GIT_EXECUTABLE if clargs.repobranch: repo = git.Repo.clone_from(repo_url, clargs.configdir, branch=clargs.repobranch) else: repo = git.Repo.clone_from(repo_url, clargs.configdir) except Exception as e: logger.info("Failed to clone github repo " + github_repo) if not os.path.exists(clargs.configdir): raise Exception("could not create config dir from github repo {}".format(github_repo)) clargs.readjson = True conf_source_uri = repo_url logging.debug("Configuration source: " + conf_source_uri) if clargs.readjson: json_file = os.path.join(clargs.configdir, "generated", "config.json") try: with open(json_file) as fp: data = json.load(fp) logging.debug("JSON configuration read from " + json_file) except Exception as e: e = configloader.ConfigFileNotReadable(e.errno, e.strerror, e.filename) raise # configloader.exit_on_mandatory_config_file(e) - does not work in web mode CONF = JsonConfig(data, clargs.configdir) else: loader = configloader.ConfigLoader(clargs.configdir) try: CONF = loader.conf_CONF() logging.debug("Python configuration read from " + clargs.configdir) except configloader.ConfigFileNotReadable as e: configloader.exit_on_mandatory_config_file(e) # support for YAML config files # try: # with open(clargs.toolconf, 'r') as fd: # conf = yaml.safe_load(fd) # except FileNotFoundError as e: # raise Exception('unable to open tool configuration file: cwd=' + os.getcwd() + ', ' + str(e)) # try: # for yf in conf['flows']: # fdef = load_flows(fdef, yf, use) # except KeyError: # pass # TODO: is it really OK not to have any flows? setattr(CONF, "SOURCE_URI", conf_source_uri) flow_definitions = {"Flows": {}, "Order": [], "Desc": {}} for flow_file in CONF.FLOWS: logging.debug("Loading test flow from " + flow_file) flow_definitions = load_flows(flow_definitions, flow_file, use) # Filter flows based on profile keep = [] for key, val in flow_definitions["Flows"].items(): for p in CONF.FLOWS_PROFILES: if p in val["profiles"]: keep.append(key) for key in list(flow_definitions["Flows"].keys()): if key not in keep: del flow_definitions["Flows"][key] spconf = copy.deepcopy(CONF.CONFIG) acnf = list(spconf.values())[0] mds = metadata.load(True, acnf, CONF.METADATA, "sp") setup_logger(logger) ch = [] """ TODO: This code still bows to the idea of having multiple comhandlers. Needs cleanup. """ try: if CONF.CONTENT_HANDLER_INTERACTION: rb = robobrowser.factory(CONF.CONTENT_HANDLER_INTERACTION) ch.append(rb) comhandler = ComHandler(ch) if not CONF.DO_NOT_VALIDATE_TLS: comhandler.verify_ssl = False comhandler.set_triggers(CONF.CONTENT_HANDLER_TRIGGER) except KeyError: comhandler = None mako_path = mako.__path__[0] + os.sep staticfiles_path = staticfiles.__path__[0] + os.sep kwargs = { "base_url": copy.copy(CONF.BASE), "spconf": spconf, "flows": flow_definitions["Flows"], "order": flow_definitions["Order"], "desc": flow_definitions["Desc"], "metadata": mds, "profile": CONF.FLOWS_PROFILES, "msg_factory": saml_message_factory, "check_factory": get_check, "profile_handler": ProfileHandler, "cache": {}, "map_prof": map_prof, "make_entity": make_entity, "trace_cls": Trace, "conv_args": {"entcat": collect_ec()}, "com_handler": comhandler, "conf": CONF, "response_cls": Response, "template_root": mako_path, "static": staticfiles_path, } try: kwargs["entity_id"] = CONF.ENTITY_ID except KeyError: kwargs["disco_srv"] = conf["disco_srv"] kwargs["insecure"] = CONF.DO_NOT_VALIDATE_TLS return clargs, kwargs, CONF
def setup(use='cl'): parser = argparse.ArgumentParser() parser.add_argument('-d', dest="debug", action='store_true') parser.add_argument('-D', dest="dump", action='store_true') parser.add_argument('-e', dest="entity_id") parser.add_argument('-f', dest='flows') parser.add_argument('-i', dest="interaction") parser.add_argument('-k', dest="insecure", action='store_true') parser.add_argument('-l', dest="log_name") parser.add_argument('-p', dest="profile", action='append') parser.add_argument('-t', dest="testid") parser.add_argument('-y', dest='yamlflow', action='append') parser.add_argument('-T', dest="target_info") parser.add_argument( '-c', dest="ca_certs", help=("CA certs to use to verify HTTPS server certificates, ", "if HTTPS is used and no server CA certs are defined then ", "no cert verification will be done")) parser.add_argument(dest="config") cargs = parser.parse_args() fdef = {'Flows': {}, 'Order': [], 'Desc': []} for flow_def in cargs.yamlflow: spec = parse_yaml_conf(flow_def) fdef['Flows'].update(spec['Flows']) for param in ['Order', 'Desc']: try: fdef[param].extend(spec[param]) except KeyError: pass # Filter based on profile keep = [] for key, val in fdef['Flows'].items(): for p in cargs.profile: if p in val['profiles']: keep.append(key) for key in list(fdef['Flows'].keys()): if key not in keep: del fdef['Flows'][key] CONF = importlib.import_module(cargs.config) idpconf = copy.deepcopy(CONF.CONFIG) acnf = list(idpconf.values())[0] mds = metadata.load(True, acnf, CONF.METADATA, 'idp') stream = open(cargs.target_info, 'r') target_info = yaml.safe_load(stream) stream.close() if cargs.log_name: setup_logger(logger, cargs.log_name) elif cargs.testid: setup_logger(logger, "{}.log".format(cargs.testid)) else: setup_logger(logger) kwargs = {"base_url": copy.copy(CONF.BASE), 'idpconf': idpconf, "flows": fdef['Flows'], "orddesc": fdef['Order'], "desc": fdef['Desc'], 'metadata': mds, "profile": cargs.profile, "msg_factory": saml_message_factory, "check_factory": get_check, 'ca_certs': cargs.ca_certs, "cache": {}, "entity_id": cargs.entity_id, "profile_handler": None, 'map_prof': None, 'make_entity': make_entity, 'trace_cls': Trace, 'conv_args': {'entcat': collect_ec(), 'target_info': target_info}} opargs = {} if cargs.debug: opargs["debug"] = True if cargs.dump: opargs["dump"] = True if cargs.interaction: kwargs['interaction_conf'] = importlib.import_module( cargs.interaction).INTERACTION if cargs.insecure: kwargs["insecure"] = True return cargs.testid, kwargs, opargs