Example #1
0
File: plugin.py Project: EICT/C-BAS 
def setup():

    pm.registerService('apiexceptionsv1', apiexceptionsv1)
    pm.registerService('apiexceptionsv2', apiexceptionsv2)

    api_tools = APITools()
    pm.registerService('apitools', api_tools)

    resource_manager_tools = ResourceManagerTools()
    pm.registerService('resourcemanagertools', resource_manager_tools)

    config = pm.getService("config")
    config.install("delegatetools.config_path", "deploy/config.json", "JSON file with configuration data for CH, SA, MA")
    config.install("delegatetools.supplemetary_fileds_path", "deploy/supplementary_fields.json", "JSON file with Supplementary Fields for CH, SA, MA",True)
    config.install("delegatetools.service_registry_path","deploy/registry.json", "JSON file with Services supported by the registry",True)
    config.install("delegatetools.defaults_path", "src/plugins/fedtools/defaults.json", "JSON file with default data for CH, SA, MA", True)
    #<UT>
    config.install("delegatetools.authz_path", "src/plugins/fedtools/authz.json", "JSON file with mapping between privileges and methods", True)
    config.install("delegatetools.roles_path", "src/plugins/fedtools/roles.json", "JSON file with default privileges for CH roles", True)
    config.install("delegatetools.trusted_cert_path", "deploy/trusted/certs/", "Path to trusted certificates", True)
    config.install("delegatetools.trusted_cert_keys_path", "deploy/trusted/cert_keys", "Path to trusted certificate keys", True)
    config.install("delegatetools.trusted_crl_path", "deploy/trusted/crl", "Path to CRLs", True)

    delegate_tools = DelegateTools()
    pm.registerService('delegatetools', delegate_tools)
Example #2
0
def setup():
    config = pm.getService("config")
    #print "*** "+ str(config.get('flask.app_port'))
    # create default configurations (if they are not already in the database)
    config.install("flask.bind", "0.0.0.0", "IP to bind the Flask RPC to.")
    config.install("flask.hostname", _get_hostname(config.get('flask.bind')),
                   "Hostname of Flask RPC server.")
    config.install("flask.cbas_hostname", "cbas.eict.de",
                   "Hostname of Flask RPC server.")
    config.install("flask.fcgi_port", 9009,
                   "Port to bind the Flask RPC to (FCGI server).")
    config.install("flask.app_port", 8008,
                   "Port to bind the Flask RPC to (standalone server).")
    config.install("flask.debug", True,
                   "Write logging messages for the Flask RPC server.")
    config.install("flask.fcgi", False,
                   "Use FCGI server instead of the development server.")
    config.install(
        "flask.force_client_cert", True,
        "Only applies if flask.debug is set: Determines if the client _must_ present a certificate. No validation is performed."
    )

    # create and register the RPC server
    flaskserver = FlaskServer()
    pm.registerService('rpcserver', flaskserver)

    # create and register the XML-RPC server
    xmlrpc = FlaskXMLRPC(flaskserver)
    pm.registerService('xmlrpc', xmlrpc)
Example #3
0
def setup():
    config = pm.getService("config")
    config.install("schedule.dbpath", "deploy/schedule.db", "Path to the schedule database (if relative, eiSoil's root will be assumed as base).")

    from schedulep import Schedule
    pm.registerService('schedule', Schedule)
    import scheduleexceptions as exceptions_package
    pm.registerService('scheduleexceptions', exceptions_package)
Example #4
0
def setup():
    # setup config items
    config = pm.getService("config")
    config.install(
        "worker.dbpath", "deploy/worker.db",
        "Path to the worker's database (if relative, eiSoil's root will be assumed)."
    )

    import workers as worker_package
    pm.registerService('worker', worker_package)
Example #5
0
File: plugin.py Project: EICT/C-BAS 
def setup():
    # setup config items
    config = pm.getService("config")
    config.install(
        "worker.dbpath",
        "deploy/worker.db",
        "Path to the worker's database (if relative, eiSoil's root will be assumed).",
    )

    import workers as worker_package

    pm.registerService("worker", worker_package)
Example #6
0
File: plugin.py Project: EICT/C-BAS 
def setup():
    # setup config keys
    config = pm.getService("config")
    config.install("dhcprm.max_reservation_duration", 10*60, "Maximum duration a DHCP resource can be held allocated (not provisioned).")
    config.install("dhcprm.max_lease_duration", 24*60*60, "Maximum duration DHCP lease can be provisioned.")
    config.install("dhcprm.dbpath", "deploy/dhcp.db", "Path to the dhcp database (if relative, eiSoil's root will be assumed as base).")
    
    from dhcpresourcemanager import DHCPResourceManager
    import dhcpexceptions as exceptions_package
    rm = DHCPResourceManager()
    pm.registerService('dhcpresourcemanager', rm)
    pm.registerService('dhcpexceptions', exceptions_package)
Example #7
0
def setup():
    # setup config keys
    config = pm.getService("config")
    config.install(
        "dhcprm.max_reservation_duration", 10 * 60,
        "Maximum duration a DHCP resource can be held allocated (not provisioned)."
    )
    config.install("dhcprm.max_lease_duration", 24 * 60 * 60,
                   "Maximum duration DHCP lease can be provisioned.")
    config.install(
        "dhcprm.dbpath", "deploy/dhcp.db",
        "Path to the dhcp database (if relative, eiSoil's root will be assumed as base)."
    )

    from dhcpresourcemanager import DHCPResourceManager
    import dhcpexceptions as exceptions_package
    rm = DHCPResourceManager()
    pm.registerService('dhcpresourcemanager', rm)
    pm.registerService('dhcpexceptions', exceptions_package)
Example #8
0
File: plugin.py Project: EICT/C-BAS 
def setup():
    config = pm.getService("config")
    #print "*** "+ str(config.get('flask.app_port'))
    # create default configurations (if they are not already in the database)
    config.install("flask.bind", "0.0.0.0", "IP to bind the Flask RPC to.")
    config.install("flask.hostname", _get_hostname(config.get('flask.bind')), "Hostname of Flask RPC server.")
    config.install("flask.cbas_hostname", "cbas.eict.de", "Hostname of Flask RPC server.")
    config.install("flask.fcgi_port", 9009, "Port to bind the Flask RPC to (FCGI server).")
    config.install("flask.app_port", 8008, "Port to bind the Flask RPC to (standalone server).")
    config.install("flask.debug", True, "Write logging messages for the Flask RPC server.")
    config.install("flask.fcgi", False, "Use FCGI server instead of the development server.")
    config.install("flask.force_client_cert", True, "Only applies if flask.debug is set: Determines if the client _must_ present a certificate. No validation is performed.")
    
    # create and register the RPC server
    flaskserver = FlaskServer()
    pm.registerService('rpcserver', flaskserver)

    # create and register the XML-RPC server
    xmlrpc = FlaskXMLRPC(flaskserver)
    pm.registerService('xmlrpc', xmlrpc)
Example #9
0
def setup():

    pm.registerService('apiexceptionsv1', apiexceptionsv1)
    pm.registerService('apiexceptionsv2', apiexceptionsv2)

    api_tools = APITools()
    pm.registerService('apitools', api_tools)

    resource_manager_tools = ResourceManagerTools()
    pm.registerService('resourcemanagertools', resource_manager_tools)

    config = pm.getService("config")
    config.install("delegatetools.config_path", "deploy/config.json",
                   "JSON file with configuration data for CH, SA, MA")
    config.install("delegatetools.supplemetary_fileds_path",
                   "deploy/supplementary_fields.json",
                   "JSON file with Supplementary Fields for CH, SA, MA", True)
    config.install("delegatetools.service_registry_path",
                   "deploy/registry.json",
                   "JSON file with Services supported by the registry", True)
    config.install("delegatetools.defaults_path",
                   "src/plugins/fedtools/defaults.json",
                   "JSON file with default data for CH, SA, MA", True)
    #<UT>
    config.install("delegatetools.authz_path",
                   "src/plugins/fedtools/authz.json",
                   "JSON file with mapping between privileges and methods",
                   True)
    config.install("delegatetools.roles_path",
                   "src/plugins/fedtools/roles.json",
                   "JSON file with default privileges for CH roles", True)
    config.install("delegatetools.trusted_cert_path", "deploy/trusted/certs/",
                   "Path to trusted certificates", True)
    config.install("delegatetools.trusted_cert_keys_path",
                   "deploy/trusted/cert_keys",
                   "Path to trusted certificate keys", True)
    config.install("delegatetools.trusted_crl_path", "deploy/trusted/crl",
                   "Path to CRLs", True)

    delegate_tools = DelegateTools()
    pm.registerService('delegatetools', delegate_tools)
Example #10
0
def setup():
    # setup config keys
    config = pm.getService("config")
    config.install("geniv3rpc.cert_root", "deploy/trusted", "Folder which includes trusted clearinghouse certificates for GENI API v3 (in .pem format). If relative path, the root is assumed to be git repo root.")
    config.install("geniv3rpc.rspec_validation", True, "Determines if RSpec shall be validated by the given xs:schemaLocations in the document (may cause downloads of the given schema from the given URL per request).")
    
    # register xmlrpc endpoint
    xmlrpc = pm.getService('xmlrpc')
    geni_handler = GENIv3Handler()
    pm.registerService('geniv3handler', geni_handler)
    pm.registerService('geniv3delegatebase', GENIv3DelegateBase)
    pm.registerService('geniv3exceptions', geni_exceptions)
    xmlrpc.registerXMLRPC('geni3', geni_handler, '/RPC2') # name, handlerObj, endpoint
Example #11
0
def setup():
    pm.registerService('gfedv1exceptions', gfed_exceptions)

    xmlrpc = pm.getService('xmlrpc')
    _api_tools = pm.getService('apitools')

    greg_handler = GRegistryv1Handler()
    pm.registerService('gregistryv1handler', greg_handler)
    pm.registerService('gregistryv1delegatebase', GRegistryv1DelegateBase)
    xmlrpc.registerXMLRPC('greg', greg_handler, '/reg/1') # name, handlerObj, endpoint
    # _api_tools.register_endpoint(name='gregv1', type='reg', version='1', url='/reg/1')

    gma_handler = GMAv1Handler()
    pm.registerService('gmav1handler', gma_handler)
    pm.registerService('gmav1delegatebase', GMAv1DelegateBase)
    xmlrpc.registerXMLRPC('gma', gma_handler, '/ma/1') # name, handlerObj, endpoint
    # _api_tools.register_endpoint(name='gmav1', type='ma', version='1', url='/ma/1')

    gsa_handler = GSAv1Handler()
    pm.registerService('gsav1handler', gsa_handler)
    pm.registerService('gsav1delegatebase', GSAv1DelegateBase)
    xmlrpc.registerXMLRPC('gsav1', gsa_handler, '/sa/1') # name, handlerObj, endpoint
Example #12
0
def setup():
    sa_rm = OSliceAuthorityResourceManager()
    pm.registerService('osliceauthorityrm', sa_rm)
    pm.registerService('osliceauthorityexceptions', osliceauthorityexceptions)
Example #13
0
File: plugin.py Project: EICT/C-BAS 
def setup():

    xmlrpc = pm.getService('xmlrpc')
    api_tools = pm.getService('apitools')

    greg_handler = GRegistryv2Handler()
    pm.registerService('gregistryv2handler', greg_handler)
    pm.registerService('gregistryv2delegatebase', GRegistryv2DelegateBase)
    xmlrpc.registerXMLRPC('gregv2', greg_handler, '/reg/2') # name, handlerObj, endpoint
    api_tools.register_endpoint(name='gregv2', type='reg', version='2', url='/reg/2')

    gma_handler = GMAv2Handler()
    pm.registerService('gmav2handler', gma_handler)
    pm.registerService('gmav2delegatebase', GMAv2DelegateBase)
    xmlrpc.registerXMLRPC('gmav2', gma_handler, '/ma/2') # name, handlerObj, endpoint
    api_tools.register_endpoint(name='gmav2', type='ma', version='2', url='/ma/2')

    gsa_handler = GSAv2Handler()
    pm.registerService('gsav2handler', gsa_handler)
    pm.registerService('gsav2delegatebase', GSAv2DelegateBase)
    xmlrpc.registerXMLRPC('gsav2', gsa_handler, '/sa/2') # name, handlerObj, endpoint
    api_tools.register_endpoint(name='gsav2', type='sa', version='2', url='/sa/2')

    glog_handler = GLoggingHandler()
    pm.registerService('glogginghandler', glog_handler)
    pm.registerService('gloggingdelegatebase', GLoggingDelegateBase)
    xmlrpc.registerXMLRPC('glogging', glog_handler, '/logging') # name, handlerObj, endpoint
    api_tools.register_endpoint(name='glogging', type='logging', version='1', url='/logging')
Example #14
0
def setup():
    reg_rm = ORegistryResourceManager()
    pm.registerService('oregistryrm', reg_rm)
    pm.registerService('oregistryexceptions', oregistryexceptions)
Example #15
0
File: plugin.py Project: EICT/C-BAS 
def setup():
    
    pm.registerService("geniutil", geniutil)

    # view certificates with: openssl x509 -in ca_cert -text -noout
    # or use mac osx's Keychain Access (go into "Keychain Access"-Menu and use the Cerificate Assistant)
    # infer public key from private key for testing: openssl rsa -in mykey.pem -pubout
    
    # # creates a self-signed CA cert including a new key pair
    # ca_c,ca_pu,ca_pr = geniutil.create_certificate("urn:publicid:IDN+eict.de+authority+sa", is_ca=True, email="*****@*****.**")
    # 
    # # creates a user cert with a new key pair
    # u_c,u_pu,u_pr = geniutil.create_certificate("urn:publicid:IDN+eict:de+user+tom", issuer_key=ca_pr, issuer_cert=ca_c, email="*****@*****.**")
    # 
    # # creates a user cert with a given public key
    # u2_c,u2_pu,u2_pr = geniutil.create_certificate("urn:publicid:IDN+eict:de+user+manfred", issuer_key=ca_pr, issuer_cert=ca_c, public_key=u_pu, email="*****@*****.**")
    # 
    # logger.info(">>> CERT <<<\n %s>>> PUB <<<\n %s>>> PRIV <<<\n %s" % (u2_c,u2_pu,u2_pr))
    
    # import ext.geni
    # from ext.geni.util import cert_util as gcf_cert_util
    #
    # # setup config items
    # # config = pm.getService("config")
    # # config.install("worker.dbpath", "deploy/worker.db", "Path to the worker's database (if relative, eiSoil's root will be assumed).")
    # 
    # TMP_PATH = '/Users/motine/Documents/Ofelia/devel/test/cert' # I dont want to use tempfile, so I can look at the files (need persistant files)
    # import os.path
    # 
    # # TEST: create key-pair
    # from ext.sfa.trust.certificate import Keypair
    # kp = Keypair()
    # kp.create()
    # kp.load_from_file() # from pem
    # kp.save_to_file() # as pem
    # kp.load_from_string() # from pem
    # logger.info("private key PEM: %s" % (kp.as_pem(),))
    # logger.info("public key DER: %s" % (kp.get_pubkey_string(),))
    # 
    # # TEST: load key-pair
    # 
    # # --------------------------------------------------
    # # create a self signed CA cert
    # ca_gid, ca_keys = gcf_cert_util.create_cert("urn:publicid:IDN+eict.de+authority+sa", ca=True, email="*****@*****.**");
    # logger.info("CA private key PEM: %s" % (ca_keys.as_pem(),))
    # logger.info("CA CRT: %s" % (ca_gid.save_to_string(),))
    # ca_keys.save_to_file(os.path.join(TMP_PATH, 'ca_key.pem'))
    # ca_gid.save_to_file(os.path.join(TMP_PATH, 'ca_cert.crt')) 
    # 
    # 
    # # --------------------------------------------------
    # # TEST: create user cert signed by a CA cert (incl. a new keypair)
    # 
    # user_gid, user_keys = gcf_cert_util.create_cert("urn:publicid:IDN+eict.de+user+motine", issuer_key=ca_keys, issuer_cert=ca_gid, email="*****@*****.**");
    # user_keys.save_to_file(os.path.join(TMP_PATH, 'user_key.pem'))
    # user_gid.save_to_file(os.path.join(TMP_PATH, 'user_cert.crt')) # this includes the parents
    # 
    # # write the public key out (needed for the next use case)
    # user_pub_key = user_keys.get_m2_pkey().get_rsa().pem() # or user_gid.get_pubkey()
    # with open(os.path.join(TMP_PATH, 'user_pub_key.pem'), 'w') as f:
    #     f.write(user_pub_key)
    # 
    # # TEST: create user cert signed by a CA cert (with existing keypair)
    # 
    # user2_gid, user2_keys = gcf_cert_util.create_cert("urn:publicid:IDN+eict.de+user+motine", issuer_key=ca_keys, issuer_cert=ca_gid, public_key=os.path.join(TMP_PATH, 'user_key.pub'), email="*****@*****.**");
    # user2_keys.save_to_file(os.path.join(TMP_PATH, 'user2_key.pem'))
    # user2_gid.save_to_file(os.path.join(TMP_PATH, 'user2_cert.crt')) # this includes the parents
    
    # --------------------------------------------------
    # Notes
    # slice_gid = cert_util.create_cert(urn, self.keyfile, self.certfile, uuidarg = slice_uuid)[0]
    # def create_cert(urn, issuer_key=None, issuer_cert=None, ca=False,
    #             public_key=None, lifeDays=1825, email=None, uuidarg=None):
    # issuer_key can either be a string (filename) or a Keypair
    # issuer_certfile can either be a string (filename) or a GID
    # public_key contains the entity to sign. If None a new key is created, otherwise it must be a string)
    # --------------------------------------------------

    # create two users from different CAs
    # then verify these (one should fail, one should succeed)
    
    # TEST: get root certs
    #    self.trusted_root_files = cred_util.CredentialVerifier(ca_certs).root_cert_files

    # TEST: load cert from file
    
    # TEST: create user cred (see ch.py)
    # TEST: create slice cred (see ch.py)

    # please see ca.py
    # TEST: extract info from cert
    # see GID
    # TEST: verify cert against a trusted root
    # see GID verify chain

    # # get the cert_root
    # config = pm.getService("config")
    # cert_root = expand_eisoil_path(config.get("geniv3rpc.cert_root"))
    

    # TEST: create cred
    # TEST: extract individual entries in cred
    # TEST: verify cred against a trusted root
    # client_cert = cred.Credential(string=geni_credentials[0]).gidCaller.save_to_string(save_parents=True)
    # try:
    #     cred_verifier = ext.geni.CredentialVerifier(cert_root)
    #     cred_verifier.verify_from_strings(client_cert, geni_credentials, slice_urn, privileges)
    # except Exception as e:
    #     raise RuntimeError("%s" % (e,))
    # 
    # user_gid = gid.GID(string=client_cert)
    # user_urn = user_gid.get_urn()
    # user_uuid = user_gid.get_uuid()
    # user_email = user_gid.get_email()
    # return user_urn, user_uuid, user_email # TODO document return
Example #16
0
def setup():
    ls_rm = OLoggingAuthorityResourceManager()
    pm.registerService('ologgingauthorityrm', ls_rm)
    pm.registerService('ologgingauthorityexceptions', ologgingauthorityexceptions)
Example #17
0
File: plugin.py Project: EICT/C-BAS 
def setup():
    reg_rm = ORegistryResourceManager()
    pm.registerService('oregistryrm', reg_rm)
    pm.registerService('oregistryexceptions', oregistryexceptions)
Example #18
0
File: plugin.py Project: EICT/C-BAS 
def setup():
    import amconfigdb
    import amconfigdbexceptions
    pm.registerService("config", amconfigdb.ConfigDB())
    pm.registerService("configexceptions", amconfigdbexceptions)
Example #19
0
def setup():

    xmlrpc = pm.getService('xmlrpc')
    api_tools = pm.getService('apitools')

    greg_handler = GRegistryv2Handler()
    pm.registerService('gregistryv2handler', greg_handler)
    pm.registerService('gregistryv2delegatebase', GRegistryv2DelegateBase)
    xmlrpc.registerXMLRPC('gregv2', greg_handler,
                          '/reg/2')  # name, handlerObj, endpoint
    api_tools.register_endpoint(name='gregv2',
                                type='reg',
                                version='2',
                                url='/reg/2')

    gma_handler = GMAv2Handler()
    pm.registerService('gmav2handler', gma_handler)
    pm.registerService('gmav2delegatebase', GMAv2DelegateBase)
    xmlrpc.registerXMLRPC('gmav2', gma_handler,
                          '/ma/2')  # name, handlerObj, endpoint
    api_tools.register_endpoint(name='gmav2',
                                type='ma',
                                version='2',
                                url='/ma/2')

    gsa_handler = GSAv2Handler()
    pm.registerService('gsav2handler', gsa_handler)
    pm.registerService('gsav2delegatebase', GSAv2DelegateBase)
    xmlrpc.registerXMLRPC('gsav2', gsa_handler,
                          '/sa/2')  # name, handlerObj, endpoint
    api_tools.register_endpoint(name='gsav2',
                                type='sa',
                                version='2',
                                url='/sa/2')

    glog_handler = GLoggingHandler()
    pm.registerService('glogginghandler', glog_handler)
    pm.registerService('gloggingdelegatebase', GLoggingDelegateBase)
    xmlrpc.registerXMLRPC('glogging', glog_handler,
                          '/logging')  # name, handlerObj, endpoint
    api_tools.register_endpoint(name='glogging',
                                type='logging',
                                version='1',
                                url='/logging')
Example #20
0
def setup():
    import amconfigdb
    import amconfigdbexceptions
    pm.registerService("config", amconfigdb.ConfigDB())
    pm.registerService("configexceptions", amconfigdbexceptions)
Example #21
0
def setup():
    from emailer import Mailer
    pm.registerService('mailer', Mailer)
Example #22
0
def setup():
    ma_rm = OMemberAuthorityResourceManager()
    pm.registerService('omemberauthorityrm', ma_rm)
    pm.registerService('omemberauthorityexceptions',
                       omemberauthorityexceptions)
Example #23
0
def setup():
    mongo_database = MongoDB(db_ip, db_port, db_name)
    pm.registerService('mongodb', mongo_database)
Example #24
0
File: plugin.py Project: EICT/C-BAS 
def setup():
    ma_rm = OMemberAuthorityResourceManager()
    pm.registerService('omemberauthorityrm', ma_rm)
    pm.registerService('omemberauthorityexceptions', omemberauthorityexceptions)