def __init__(self, config, section):
super(Forwarder, self).__init__(config, section)
self.client = CustodiaHTTPClient(self.forward_uri)
if self.tls_certfile is not None:
self.client.set_client_cert(self.tls_certfile, self.tls_keyfile)
if self.tls_cafile is not None:
self.client.set_ca_cert(self.tls_cafile)
self.uuid = str(uuid.uuid4())
# pylint: disable=unsubscriptable-object
self.forward_headers['X-LOOP-CUSTODIA'] = self.uuid
def custodia_server(self, simple_configuration, request, dev_null):
# Don't write server messages to stdout unless we are in debug mode
if (request.config.getoption('debug')
or request.config.getoption('verbose')):
stdout = stderr = None
else:
stdout = stderr = dev_null
self.process = subprocess.Popen(
[sys.executable, '-m', 'custodia.server', self.custodia_conf],
stdout=stdout,
stderr=stderr)
self._wait_pid(self.process, 2)
self._wait_socket(self.process, 5)
arg = '{}/custodia.sock'.format(CustodiaServerRunner.test_dir)
url = 'http+unix://{}'.format(url_escape(arg, ''))
self.custodia_client = CustodiaHTTPClient(url)
def fin():
self.process.terminate()
if not self._wait_pid(self.process, 2):
self.process.kill()
if not self._wait_pid(self.process, 2):
raise AssertionError("Hard kill failed")
request.addfinalizer(fin)
return self.custodia_client
def __init__(self, *args, **kwargs):
super(Forwarder, self).__init__(*args, **kwargs)
self.client = CustodiaHTTPClient(self.config['forward_uri'])
self.headers = json.loads(self.config.get('forward_headers', '{}'))
self.use_prefix = self.config.get('prefix_remote_user',
'True').lower() == 'true'
self.uuid = str(uuid.uuid4())
self.headers['X-LOOP-CUSTODIA'] = self.uuid
def __init__(self, config, section):
super(Forwarder, self).__init__(config, section)
self.client = CustodiaHTTPClient(self.forward_uri)
if self.tls_certfile is not None:
self.client.set_client_cert(self.tls_certfile, self.tls_keyfile)
if self.tls_cafile is not None:
self.client.set_ca_cert(self.tls_cafile)
self.uuid = str(uuid.uuid4())
# pylint: disable=unsubscriptable-object
self.forward_headers['X-LOOP-CUSTODIA'] = self.uuid
class Forwarder(HTTPConsumer):
forward_uri = PluginOption(str, REQUIRED, None)
tls_cafile = PluginOption(str, INHERIT_GLOBAL(None), 'Path to CA file')
tls_certfile = PluginOption(str, None,
'Path to cert file for client cert auth')
tls_keyfile = PluginOption(str, None,
'Path to key file for client cert auth')
forward_headers = PluginOption('json', '{}', None)
prefix_remote_user = PluginOption(bool, True, None)
def __init__(self, config, section):
super(Forwarder, self).__init__(config, section)
self.client = CustodiaHTTPClient(self.forward_uri)
if self.tls_certfile is not None:
self.client.set_client_cert(self.tls_certfile, self.tls_keyfile)
if self.tls_cafile is not None:
self.client.set_ca_cert(self.tls_cafile)
self.uuid = str(uuid.uuid4())
# pylint: disable=unsubscriptable-object
# pylint: disable=unsupported-assignment-operation
self.forward_headers['X-LOOP-CUSTODIA'] = self.uuid
def _path(self, request):
trail = request.get('trail', [])
if self.prefix_remote_user:
prefix = [request.get('remote_user', 'guest').rstrip('/')]
else:
prefix = []
return '/'.join(prefix + trail)
def _headers(self, request):
headers = {}
headers.update(self.forward_headers)
loop = request['headers'].get('X-LOOP-CUSTODIA', None)
if loop is not None:
headers['X-LOOP-CUSTODIA'] += ',' + loop
return headers
def _response(self, reply, response):
if reply.status_code < 200 or reply.status_code > 299:
raise HTTPError(reply.status_code)
response['code'] = reply.status_code
if reply.content:
response['output'] = reply.content
def _request(self, cmd, request, response, path, **kwargs):
if self.uuid in request['headers'].get('X-LOOP-CUSTODIA', ''):
raise HTTPError(502, "Loop detected")
reply = cmd(path, **kwargs)
self._response(reply, response)
def GET(self, request, response):
self._request(self.client.get,
request,
response,
self._path(request),
params=request.get('query', None),
headers=self._headers(request))
def PUT(self, request, response):
self._request(self.client.put,
request,
response,
self._path(request),
data=request.get('body', None),
params=request.get('query', None),
headers=self._headers(request))
def DELETE(self, request, response):
self._request(self.client.delete,
request,
response,
self._path(request),
params=request.get('query', None),
headers=self._headers(request))
def POST(self, request, response):
self._request(self.client.post,
request,
response,
self._path(request),
data=request.get('body', None),
params=request.get('query', None),
headers=self._headers(request))
class Forwarder(HTTPConsumer):
forward_uri = PluginOption(str, REQUIRED, None)
tls_cafile = PluginOption(str, None, 'Path to CA file')
tls_certfile = PluginOption(
str, None, 'Path to cert file for client cert auth')
tls_keyfile = PluginOption(
str, None, 'Path to key file for client cert auth')
forward_headers = PluginOption('json', '{}', None)
prefix_remote_user = PluginOption(bool, True, None)
def __init__(self, config, section):
super(Forwarder, self).__init__(config, section)
self.client = CustodiaHTTPClient(self.forward_uri)
if self.tls_certfile is not None:
self.client.set_client_cert(self.tls_certfile, self.tls_keyfile)
if self.tls_cafile is not None:
self.client.set_ca_cert(self.tls_cafile)
self.uuid = str(uuid.uuid4())
# pylint: disable=unsubscriptable-object
self.forward_headers['X-LOOP-CUSTODIA'] = self.uuid
def _path(self, request):
trail = request.get('trail', [])
if self.prefix_remote_user:
prefix = [request.get('remote_user', 'guest').rstrip('/')]
else:
prefix = []
return '/'.join(prefix + trail)
def _headers(self, request):
headers = {}
headers.update(self.forward_headers)
loop = request['headers'].get('X-LOOP-CUSTODIA', None)
if loop is not None:
headers['X-LOOP-CUSTODIA'] += ',' + loop
return headers
def _response(self, reply, response):
if reply.status_code < 200 or reply.status_code > 299:
raise HTTPError(reply.status_code)
response['code'] = reply.status_code
if reply.content:
response['output'] = reply.content
def _request(self, cmd, request, response, path, **kwargs):
if self.uuid in request['headers'].get('X-LOOP-CUSTODIA', ''):
raise HTTPError(502, "Loop detected")
reply = cmd(path, **kwargs)
self._response(reply, response)
def GET(self, request, response):
self._request(self.client.get, request, response,
self._path(request),
params=request.get('query', None),
headers=self._headers(request))
def PUT(self, request, response):
self._request(self.client.put, request, response,
self._path(request),
data=request.get('body', None),
params=request.get('query', None),
headers=self._headers(request))
def DELETE(self, request, response):
self._request(self.client.delete, request, response,
self._path(request),
params=request.get('query', None),
headers=self._headers(request))
def POST(self, request, response):
self._request(self.client.post, request, response,
self._path(request),
data=request.get('body', None),
params=request.get('query', None),
headers=self._headers(request))
