def run_test_instance(self, iss, tag):
_port = self.get_port(iss, tag)
args = [
"optest.py", "-i",
unquote_plus(iss), "-t",
unquote_plus(tag), "-p",
str(_port), "-M", self.mako_dir
]
for _fl in self.flows:
args.extend(["-f", _fl])
if self.path2port:
args.extend(["-m", self.path2port])
ppmap = read_path2port_map(self.path2port)
try:
_path = ppmap[str(_port)]
except KeyError:
_errtxt = 'Port not in path2port map file {}'.format(
self.path2port)
logger.error(_errtxt)
return ServiceError(_errtxt)
url = '{}{}'.format(self.test_tool_base, _path)
else:
url = '{}:{}'.format(self.test_tool_base[:-1], _port)
_econf = self.rest.read_conf(iss, tag)
if _econf['tool']['insecure']:
args.append('-k')
args.append(self.test_tool_conf)
_key = '{}:{}'.format(iss, tag)
# If already running - kill
try:
pid = self.running_processes[_key]
except KeyError:
pass
else:
logger.info('kill {}'.format(pid))
subprocess.call(['kill', pid])
logger.info(args)
if False: # Only on Windows
DETACHED_PROCESS = 0x00000008
process = subprocess.Popen(args,
creationflags=DETACHED_PROCESS).pid
else:
process = subprocess.Popen(args,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
# continues immediately
if process.pid:
logger.info("process id: {}".format(process.pid))
self.running_processes['{}:{}'.format(iss, tag)] = process.pid
time.sleep(5)
return url
def run_test_instance(self, iss, tag):
_port = self.assigned_ports.register_port(iss, tag)
args = [
self.test_script, "-i",
unquote_plus(iss), "-t",
unquote_plus(tag), "-p",
str(_port), "-M", self.mako_dir, "-f", self.flowdir
]
if self.path2port:
args.extend(["-m", self.path2port])
ppmap = read_path2port_map(self.path2port)
try:
_path = ppmap[str(_port)]
except KeyError:
_errtxt = 'Port not in path2port map file {}'.format(
self.path2port)
logger.error(_errtxt)
return ServiceError(_errtxt)
url = '{}{}'.format(self.test_tool_base, _path)
else:
url = '{}:{}'.format(self.test_tool_base[:-1], _port)
typ, _econf = self.rest.read_conf(iss, tag)
if _econf['tool']['insecure']:
args.append('-k')
args.append(self.test_tool_conf)
# If already running - kill
try:
pid = isrunning(unquote_plus(iss), unquote_plus(tag))
except KeyError:
pass
else:
if pid:
logger.info('kill {}'.format(pid))
subprocess.call(['kill', str(pid)])
# Now get it running
args.append('&')
logger.info("Test tool command: {}".format(" ".join(args)))
# spawn independent process
os.system(" ".join(args))
pid = 0
for i in range(0, 10):
time.sleep(1)
pid = isrunning(unquote_plus(iss), unquote_plus(tag))
if pid:
break
if pid:
logger.info("process id: {}".format(pid))
self.running_processes[self.key(iss, tag)] = pid
return url
else:
return None
def construct_app_args(args,
conf,
operations,
func,
default_profiles,
inst_conf,
display_order=None):
"""
:param args: Command arguments, argparse instance
:param conf: Service configuration
:param operations: Operations module
:param func: Functions module
:param default_profiles: The default profiles module
:param inst_conf: Test instance configuration
:return: Application arguments
"""
sys.path.insert(0, ".")
# setup_logging("%s/rp_%s.log" % (SERVER_LOG_FOLDER, _port), logger)
if args.flowdir:
_flowdir = args.flowdir
else:
_flowdir = conf.FLOWDIR
cls_factories = {'': operations.factory}
func_factory = func.factory
try:
profiles = importlib.import_module(conf.PROFILES)
except AttributeError:
profiles = default_profiles
if display_order is None:
display_order = OP_ORDER
flow_state = FlowState(_flowdir,
profile_handler=ProfileHandler,
cls_factories=cls_factories,
func_factory=func_factory,
display_order=display_order)
# Add own keys for signing/encrypting JWTs
jwks, keyjar, kidd = build_keyjar(conf.KEYS)
try:
if args.staticdir:
_sdir = args.staticdir
else:
_sdir = 'jwks'
except AttributeError:
_sdir = 'jwks'
# If this instance is behind a reverse proxy or on its own
_port = args.port
if conf.BASE.endswith('/'):
conf.BASE = conf.BASE[:-1]
if args.path2port:
ppmap = read_path2port_map(args.path2port)
try:
_path = ppmap[str(_port)]
except KeyError:
print('Port not in path2port map file {}'.format(args.path2port))
sys.exit(-1)
# if args.xport:
# _base = '{}:{}/{}/'.format(conf.BASE, str(_port), _path)
# else:
_base = '{}/{}/'.format(conf.BASE, _path)
else:
if _port not in [443, 80]:
_base = '{}:{}'.format(conf.BASE, _port)
else:
_base = conf.BASE
_path = ''
if not _base.endswith('/'):
_base += '/'
# -------- JWKS ---------------
if args.path2port:
jwks_uri = "{}{}/jwks_{}.json".format(_base, _sdir, _port)
f = open('{}/jwks_{}.json'.format(_sdir, _port), "w")
elif _port not in [443, 80]:
jwks_uri = "{}:{}/{}/jwks_{}.json".format(conf.BASE, _port, _sdir,
_port)
f = open('{}/jwks_{}.json'.format(_sdir, _port), "w")
else:
jwks_uri = "{}/{}/jwks.json".format(conf.BASE, _sdir)
f = open('{}/jwks.json'.format(_sdir), "w")
f.write(json.dumps(jwks))
f.close()
# -------- MAKO setup -----------
try:
if args.makodir:
_dir = args.makodir
if not _dir.endswith("/"):
_dir += "/"
else:
_dir = "./"
except AttributeError:
_dir = './'
LOOKUP = TemplateLookup(directories=[_dir + 'templates', _dir + 'htdocs'],
module_directory=_dir + 'modules',
input_encoding='utf-8',
output_encoding='utf-8')
_client_info = inst_conf['client']
# Now when the basic URL for the RP is constructed update the
# redirect_uris and the post_logout_redirect_uris
try:
ri = _client_info['registration_info']
except KeyError:
pass
else:
ri['redirect_uris'] = [r.format(_base) for r in ri['redirect_uris']]
try:
ri['post_logout_redirect_uris'] = [
r.format(_base) for r in ri['post_logout_redirect_uris']
]
except KeyError:
pass
_client_info.update({
"base_url": _base,
"kid": kidd,
"keyjar": keyjar,
"jwks_uri": jwks_uri
})
# try:
# _client_info['client_id'] = _client_info['registration_response'][
# 'client_id']
# except KeyError:
# pass
if args.insecure:
_client_info['verify_ssl'] = False
# Test profile either as a command line argument or if not that
# from the configuration file
# if args.profile:
# _profile = args.profile
# else:
# _profile = inst_conf['tool']['profile']
# Application arguments
app_args = {
"flow_state": flow_state,
"conf": conf,
"base_url": _base,
"client_info": _client_info,
"profiles": profiles,
"operation": operations,
"cache": {}, # "profile": _profile,
"lookup": LOOKUP,
'tool_conf': inst_conf['tool'],
"profile_handler": ProfileHandler
}
return _path, app_args
def run_test_instance(self, iss, tag):
_port = self.assigned_ports.register_port(iss, tag)
args = [self.test_script]
args.extend(["-i", shlex.quote(unquote_plus(iss))])
args.extend(["-t", shlex.quote(unquote_plus(tag))])
args.extend(["-p", str(_port)])
args.extend(["-f", self.flowdir])
args.append("-s")
if self.path2port:
args.extend(["-m", self.path2port])
ppmap = read_path2port_map(self.path2port)
try:
_path = ppmap[str(_port)]
except KeyError:
_errtxt = 'Port not in path2port map file {}'.format(
self.path2port)
logger.error(_errtxt)
return ServiceError(_errtxt)
url = '{}{}'.format(self.test_tool_base, _path)
else:
url = '{}:{}'.format(self.test_tool_base, _port)
typ, _econf = self.rest.read_conf(iss, tag)
try:
_insecure = _econf['tool']['insecure']
except KeyError:
pass
else:
if _insecure:
args.append('-k')
args.append(self.test_tool_conf)
# If already running - kill
try:
pid = isrunning(unquote_plus(iss), unquote_plus(tag))
except KeyError:
pass
else:
if pid:
logger.info('kill {}'.format(pid))
subprocess.call(['kill', str(pid)])
# Now get it running
args.append('&')
cmd = " ".join(args)
logger.info("Test tool command: {}".format(cmd))
# spawn independent process, leaping blindly here
os.system(cmd)
pid = 0
for i in range(0, 10):
time.sleep(1)
pid = isrunning(unquote_plus(iss), unquote_plus(tag))
if pid:
break
if pid:
logger.info("{} {} - process id: {}".format(iss, tag, pid))
self.running_processes['{}:{}'.format(iss, tag)] = pid
return url
else:
logger.error('Failed to start the test tool')
return None
def construct_app_args(args, conf, operations, func, default_profiles,
inst_conf, display_order=None):
"""
:param args: Command arguments, argparse instance
:param conf: Service configuration
:param operations: Operations module
:param func: Functions module
:param default_profiles: The default profiles module
:param inst_conf: Test instance configuration
:return: Application arguments
"""
sys.path.insert(0, ".")
# setup_logging("%s/rp_%s.log" % (SERVER_LOG_FOLDER, _port), logger)
if args.flowdir:
_flowdir = args.flowdir
else:
_flowdir = conf.FLOWDIR
cls_factories = {'': operations.factory}
func_factory = func.factory
try:
profiles = importlib.import_module(conf.PROFILES)
except AttributeError:
profiles = default_profiles
if display_order is None:
display_order = OP_ORDER
flow_state = FlowState(_flowdir, profile_handler=ProfileHandler,
cls_factories=cls_factories,
func_factory=func_factory,
display_order=display_order)
# Add own keys for signing/encrypting JWTs
jwks, keyjar, kidd = build_keyjar(conf.KEYS)
try:
if args.staticdir:
_sdir = args.staticdir
else:
_sdir = 'jwks'
except AttributeError:
_sdir = 'jwks'
# If this instance is behind a reverse proxy or on its own
_port = args.port
if conf.BASE.endswith('/'):
conf.BASE = conf.BASE[:-1]
if args.path2port:
ppmap = read_path2port_map(args.path2port)
try:
_path = ppmap[str(_port)]
except KeyError:
print('Port not in path2port map file {}'.format(args.path2port))
sys.exit(-1)
# if args.xport:
# _base = '{}:{}/{}/'.format(conf.BASE, str(_port), _path)
# else:
_base = '{}/{}/'.format(conf.BASE, _path)
else:
if _port not in [443, 80]:
_base = '{}:{}'.format(conf.BASE, _port)
else:
_base = conf.BASE
_path = ''
if not _base.endswith('/'):
_base += '/'
# -------- JWKS ---------------
if args.path2port:
jwks_uri = "{}{}/jwks_{}.json".format(_base, _sdir, _port)
f = open('{}/jwks_{}.json'.format(_sdir, _port), "w")
elif _port not in [443, 80]:
jwks_uri = "{}:{}/{}/jwks_{}.json".format(conf.BASE, _port, _sdir,
_port)
f = open('{}/jwks_{}.json'.format(_sdir, _port), "w")
else:
jwks_uri = "{}/{}/jwks.json".format(conf.BASE, _sdir)
f = open('{}/jwks.json'.format(_sdir), "w")
f.write(json.dumps(jwks))
f.close()
# -------- MAKO setup -----------
try:
if args.makodir:
_dir = args.makodir
if not _dir.endswith("/"):
_dir += "/"
else:
_dir = "./"
except AttributeError:
_dir = './'
LOOKUP = TemplateLookup(directories=[_dir + 'templates', _dir + 'htdocs'],
module_directory=_dir + 'modules',
input_encoding='utf-8',
output_encoding='utf-8')
_client_info = inst_conf['client']
# Now when the basic URL for the RP is constructed update the
# redirect_uris and the post_logout_redirect_uris
try:
ri = _client_info['registration_info']
except KeyError:
pass
else:
ri['redirect_uris'] = [r.format(_base) for r in ri['redirect_uris']]
try:
ri['post_logout_redirect_uris'] = [r.format(_base) for r in
ri['post_logout_redirect_uris']]
except KeyError:
pass
_client_info.update(
{"base_url": _base, "kid": kidd, "keyjar": keyjar,
"jwks_uri": jwks_uri}
)
# try:
# _client_info['client_id'] = _client_info['registration_response'][
# 'client_id']
# except KeyError:
# pass
if args.insecure:
_client_info['verify_ssl'] = False
# Test profile either as a command line argument or if not that
# from the configuration file
# if args.profile:
# _profile = args.profile
# else:
# _profile = inst_conf['tool']['profile']
# Application arguments
app_args = {
"flow_state": flow_state, "conf": conf, "base_url": _base,
"client_info": _client_info, "profiles": profiles,
"operation": operations, "cache": {}, # "profile": _profile,
"lookup": LOOKUP, 'tool_conf': inst_conf['tool'],
"profile_handler": ProfileHandler
}
return _path, app_args
def construct_app_args(args, oper, func, default_profiles):
"""
:param args: Command arguments, argparse instance
:param oper: Operations module
:param func: Functions module
:param default_profiles: The default profiles module
:return: Application arguments
"""
sys.path.insert(0, ".")
CONF = importlib.import_module(args.config)
#setup_logging("%s/rp_%s.log" % (SERVER_LOG_FOLDER, CONF.PORT), logger)
fdef = {'Flows': {}, 'Order': [], 'Desc': {}}
cls_factories = {'': oper.factory}
func_factory = func.factory
for flow_def in args.flows:
spec = parse_yaml_conf(flow_def, cls_factories, func_factory)
fdef['Flows'].update(spec['Flows'])
fdef['Desc'].update(spec['Desc'])
fdef['Order'].extend(spec['Order'])
if args.profiles:
profiles = importlib.import_module(args.profiles)
else:
profiles = default_profiles
try:
if args.operations:
operations = importlib.import_module(args.operations)
else:
operations = oper
except AttributeError:
operations = oper
# Add own keys for signing/encrypting JWTs
jwks, keyjar, kidd = build_keyjar(CONF.KEYS)
try:
if args.staticdir:
_sdir = args.staticdir
else:
_sdir = 'static'
except AttributeError:
_sdir = 'static'
# If this instance is behind a reverse proxy or on its own
if CONF.BASE.endswith('/'):
CONF.BASE = CONF.BASE[:-1]
if args.path2port:
ppmap = read_path2port_map(args.path2port)
_path = ppmap[str(CONF.PORT)]
if args.xport:
_port = CONF.PORT
_base = '{}:{}/{}/'.format(CONF.BASE, str(CONF.PORT), _path)
else:
_base = '{}/{}/'.format(CONF.BASE, _path)
if args.tls:
_port = 443
else:
_port = 80
else:
_port = CONF.PORT
if _port not in [443, 80]:
_base = '{}:{}'.format(CONF.BASE, _port)
else:
_base = CONF.BASE
_path = ''
# -------- JWKS ---------------
if args.path2port:
jwks_uri = "{}{}/jwks_{}.json".format(_base, _sdir, _port)
f = open('{}/jwks_{}.json'.format(_sdir, _port), "w")
elif _port not in [443, 80]:
jwks_uri = "{}:{}/{}/jwks_{}.json".format(CONF.BASE, _port, _sdir,
_port)
f = open('{}/jwks_{}.json'.format(_sdir, _port), "w")
else:
jwks_uri = "{}/{}/jwks.json".format(CONF.BASE, _sdir)
f = open('{}/jwks.json'.format(_sdir), "w")
f.write(json.dumps(jwks))
f.close()
# -------- MAKO setup -----------
try:
if args.makodir:
_dir = args.makodir
if not _dir.endswith("/"):
_dir += "/"
else:
_dir = "./"
except AttributeError:
_dir = './'
LOOKUP = TemplateLookup(directories=[_dir + 'templates', _dir + 'htdocs'],
module_directory=_dir + 'modules',
input_encoding='utf-8',
output_encoding='utf-8')
_client_info = CONF.CLIENT
# Now when the basci URL for the RP is constructed update the
# redirect_uris and the post_logout_redirect_uris
try:
ri = _client_info['registration_info']
except KeyError:
pass
else:
ri['redirect_uris'] = [r.format(_base) for r in ri['redirect_uris']]
try:
ri['post_logout_redirect_uris'] = [r.format(_base) for r in
ri['post_logout_redirect_uris']]
except KeyError:
pass
_base += '/'
_client_info.update(
{"base_url": _base, 'client_id': _base, "kid": kidd, "keyjar": keyjar,
"jwks_uri": jwks_uri}
)
if args.insecure:
_client_info['verify_ssl'] = False
# Test profile either as a command line argument or if not that
# from the configuration file
if args.profile:
_profile = args.profile
else:
_profile = CONF.TOOL['profile']
# Application arguments
app_args = {
"flows": fdef['Flows'], "conf": CONF,
"client_info": _client_info, "order": fdef['Order'],
"profiles": profiles, "operation": operations, "cache": {},
"profile": _profile, "lookup": LOOKUP, "desc": fdef['Desc'],
}
return _path, app_args