def get_storage_location(self, storage):
retval = LDAP
couchbase_mappings = [
s.strip()
for s in self.conf_prop['storage.couchbase.mapping'].split(',')
]
if self.conf_prop["persistence.type"] in storage_types:
retval = storage_types[self.conf_prop["persistence.type"]]
elif storage == 'default':
retval = storage_types[self.conf_prop['storage.default']]
else:
if storage in couchbase_mappings:
retval = COUCHBASE
if (retval == COUCHBASE) and (not self.cbm):
cbp = get_properties(setupObject.gluuCouchebaseProperties)
cbm_hostname = cbp['servers'].split(',')[0]
cbm_username = cbp['auth.userName']
cbm_pass = unobscure(cbp['auth.userPassword'])
self.cbm = CBM(cbm_hostname, cbm_username, cbm_pass)
elif (retval == LDAP) and (not self.ldap_conn):
lp = get_properties(setupObject.ox_ldap_properties)
ldap_pass = unobscure(lp['bindPassword'])
ldap_hostname, ldap_port = lp['servers'].split(',')[0].split(':')
self.ldap_conn = ldap.initialize('ldaps://{0}:{1}'.format(
ldap_hostname, ldap_port))
self.ldap_conn.simple_bind_s('cn=directory manager', ldap_pass)
return retval
ldap_conn.simple_bind_s(ldap_binddn, ldap_password)
basedn = 'inum=OO11-BAFE,ou=scripts,o=gluu'
result = ldap_conn.search_s(basedn,
ldap.SCOPE_BASE,
attrlist=['oxEnabled'])
if result and result[0][1]['oxEnabled'][0].lower() != 'true':
ldap_conn.modify_s(basedn, [(ldap.MOD_REPLACE, 'oxEnabled', 'true')])
else:
# Obtain couchbase credidentals
for l in open(setupObject.gluuCouchebaseProperties):
ls = l.strip()
n = ls.find(':')
if ls.startswith('servers'):
server = ls[n + 1:].strip().split(',')[0].strip()
elif ls.startswith('auth.userName'):
userName = ls[n + 1:].strip()
elif ls.startswith('auth.userPassword'):
userPasswordEnc = ls[n + 1:].strip()
userPassword = os.popen('/opt/gluu/bin/encode.py -D {}'.format(
userPasswordEnc)).read().strip()
cbm = CBM(server, userName, userPassword)
result = cbm.exec_query(
'UPDATE `gluu` USE KEYS "scripts_OO11-BAFE" SET `oxEnabled`=true')
print("Restarting identity, this will take a while")
setupObject.run_service_command('identity', 'restart')
# Obtain couchbase credidentals
for l in open(gluu_couchbase_roperties_fn):
ls = l.strip()
n = ls.find(':')
if ls.startswith('servers'):
server = ls[n + 1:].strip().split(',')[0].strip()
elif ls.startswith('auth.userName'):
userName = ls[n + 1:].strip()
elif ls.startswith('auth.userPassword'):
userPasswordEnc = ls[n + 1:].strip()
userPassword = os.popen('/opt/gluu/bin/encode.py -D {}'.format(
userPasswordEnc)).read().strip()
from pylib.cbm import CBM
cbm = CBM(server, userName, userPassword)
result = cbm.exec_query(
'select * from gluu USE KEYS "configuration_oxauth"')
if result.ok:
configuration_oxauth = result.json()
keyStoreSecret = configuration_oxauth['results'][0]['gluu'][
'oxAuthConfDynamic']['keyStoreSecret']
oxAuthConfWebKeys = configuration_oxauth['results'][0]['gluu'][
'oxAuthConfWebKeys']
oxRevision = configuration_oxauth['results'][0]['gluu']['oxRevision']
else:
print("Couchbase server responded unexpectedly", result.text)
oxRevision = int(oxRevision) + 1
class casaCleanup(object):
def __init__(self, install_dir):
self.install_dir = install_dir
self.cbm = None
self.ldap_conn = None
self.conf_prop = get_properties(setupObject.gluu_properties_fn)
self.detectedHostname = setupObject.detect_hostname()
self.twilio_version = '7.17.0'
if os.path.exists(setupObject.gluu_hybrid_roperties):
get_properties(setupObject.gluu_hybrid_roperties, self.conf_prop)
def get_storage_location(self, storage):
retval = LDAP
couchbase_mappings = [
s.strip()
for s in self.conf_prop['storage.couchbase.mapping'].split(',')
]
if self.conf_prop["persistence.type"] in storage_types:
retval = storage_types[self.conf_prop["persistence.type"]]
elif storage == 'default':
retval = storage_types[self.conf_prop['storage.default']]
else:
if storage in couchbase_mappings:
retval = COUCHBASE
if (retval == COUCHBASE) and (not self.cbm):
cbp = get_properties(setupObject.gluuCouchebaseProperties)
cbm_hostname = cbp['servers'].split(',')[0]
cbm_username = cbp['auth.userName']
cbm_pass = unobscure(cbp['auth.userPassword'])
self.cbm = CBM(cbm_hostname, cbm_username, cbm_pass)
elif (retval == LDAP) and (not self.ldap_conn):
lp = get_properties(setupObject.ox_ldap_properties)
ldap_pass = unobscure(lp['bindPassword'])
ldap_hostname, ldap_port = lp['servers'].split(',')[0].split(':')
self.ldap_conn = ldap.initialize('ldaps://{0}:{1}'.format(
ldap_hostname, ldap_port))
self.ldap_conn.simple_bind_s('cn=directory manager', ldap_pass)
return retval
def del_casa_custom_scripts(self):
print "Deleting Casa Custom Scripts"
default_location = self.get_storage_location('default')
if default_location == LDAP:
for inum in ('BABA-CACA', 'DAA9-F7F8'):
dn = 'inum={0},ou=scripts,o=gluu'.format(inum)
try:
self.ldap_conn.delete_s(dn)
except:
pass
elif default_location == COUCHBASE:
for inum in ('BABA-CACA', 'DAA9-F7F8'):
self.cbm.exec_query(
'DELETE FROM `gluu` USE KEYS "scripts_{}"'.format(inum))
def del_casa_clients(self):
print "Deleting Casa Clients"
clients_location = self.get_storage_location('clients')
if clients_location == LDAP:
result = self.ldap_conn.search_s(
'ou=clients,o=gluu',
ldap.SCOPE_SUBTREE,
'(oxAuthDefaultAcrValues=casa)',
attrlist=['inum'],
)
if result:
for client in result:
self.ldap_conn.delete_s(client[0])
elif clients_location == COUCHBASE:
self.cbm.exec_query(
'DELETE FROM `gluu_clients` WHERE objectClass="oxAuthClient" AND oxAuthDefaultAcrValues="casa"'
)
def del_casa_user_attributes(self):
print "Removing Casa attributes for people. This may take a while..."
attrlist = [
'oxPreferredMethod', 'oxOTPDevices', 'oxMobileDevices',
'oxStrongAuthPolicy', 'oxTrustedDevicesInfo',
'oxUnlinkedExternalUids'
]
people_location = self.get_storage_location('people')
if people_location == LDAP:
result = self.ldap_conn.search_s('ou=people,o=gluu',
ldap.SCOPE_SUBTREE,
attrlist=attrlist)
for people in result:
mod_list = []
for attr in attrlist:
if attr in people[1]:
mod_list.append((ldap.MOD_REPLACE, attr, []))
if mod_list:
print "Cleaning", people[0], mod_list
self.ldap_conn.modify_s(people[0], mod_list)
elif people_location == COUCHBASE:
self.cbm.exec_query('UPDATE gluu_user UNSET {}'.format(
', '.join(attrlist)))
def delCasaFiles(self):
print('Deleting Casa Files..')
if os.path.exists('/opt/gluu/jetty/casa/'):
setupObject.run(['rm', '-r', '-f', '/opt/gluu/jetty/casa/'])
casafiles = [
'/etc/gluu/conf/casa.json',
'/etc/default/casa',
'/etc/init.d/casa',
'/etc/init.d/casa.gluu-3.1.6~',
'/etc/rc0.d/K01casa',
'/etc/rc2.d/S01casa',
'/etc/rc3.d/S01casa',
'/etc/rc4.d/S01casa',
'/etc/rc5.d/S01casa',
'/etc/rc6.d/K01casa',
'/run/jetty/casa-start.log',
'/run/jetty/casa.pid',
'/opt/dist/scripts/casa',
]
for fn in casafiles:
if os.path.exists(fn):
setupObject.run(['rm', '-f', fn])
libdir = '/opt/gluu/python/libs'
for lib in os.listdir(libdir):
if lib.startswith('casa'):
setupObject.run(['rm', '-f', (os.path.join(libdir, lib))])
def removeTwilioPathOxauth(self):
print "Removing twilio jar path form oxauth.xml"
oxauth_xml_fn = '/opt/gluu/jetty/oxauth/webapps/oxauth.xml'
if os.path.exists(oxauth_xml_fn):
oxauth_xml = setupObject.readFile(oxauth_xml_fn)
oxauth_xml = oxauth_xml.splitlines()
for l in oxauth_xml[:]:
if re.search('twilio-(.*)\.jar', l):
oxauth_xml.remove(l)
break
oxauth_xml = '\n'.join(oxauth_xml)
setupObject.writeFile(oxauth_xml_fn, oxauth_xml)