Example #1
0
 def _poll(self):
     assert self.ws and self.ws.connected, 'cannot poll while websocket is not connected'
     try:
         self.call(self.poll_method)
     except:
         log.warning('no poll response received from {!r}, closing connection, will attempt to reconnect', self.url, exc_info=True)
         self.ws.close()
     else:
         self._last_poll = datetime.now()
Example #2
0
 def watchlist_guess(self):
     try:
         from uber.models import Session
         with Session() as session:
             watchentries = session.guess_attendee_watchentry(self)
             return [w.to_dict() for w in watchentries]
     except Exception as ex:
         log.warning('Error guessing watchlist entry: {}', ex)
         return None
Example #3
0
 def _poll(self):
     assert self.ws and self.ws.connected, 'cannot poll while websocket is not connected'
     try:
         self.call(self.poll_method)
     except:
         log.warning('no poll response received from {!r}, closing connection, will attempt to reconnect', self.url, exc_info=True)
         self.ws.close()
     else:
         self._last_poll = datetime.now()
Example #4
0
    def check_authentication(cls):
        host, origin = cherrypy.request.headers['host'], cherrypy.request.headers['origin']
        if ('//' + host) not in origin:
            log.error('Javascript websocket connections must follow same-origin policy; origin {!r} does not match host {!r}', origin, host)
            raise ValueError('Origin and Host headers do not match')

        if config['ws.auth_required'] and 'username' not in cherrypy.session:
            log.warning('websocket connections to this address must have a valid session')
            raise ValueError('you are not logged in')

        return cherrypy.session.get('username', '<UNAUTHENTICATED>')
Example #5
0
 def _put(self, item):
     delay, item = item
     if delay:
         if self.task.running:
             heapq.heappush(self.delayed, (time.time() + delay, item))
         else:
             message = 'TimeDelayQueue.put called with a delay parameter without background task having been started'
             log.warning(message)
             warn(message)
     else:
         Queue._put(self, item)
Example #6
0
 def _put(self, item):
     delay, item = item
     if delay:
         if self.task.running:
             heapq.heappush(self.delayed, (time.time() + delay, item))
         else:
             message = 'TimeDelayQueue.put called with a delay parameter without background task having been started'
             log.warning(message)
             warn(message)
     else:
         Queue._put(self, item)
Example #7
0
 def stop(self):
     with self.lock:
         if self.running:
             self.stopped.set()
             for i in range(50):
                 self.threads[:] = [t for t in self.threads if t.is_alive()]
                 if self.threads:
                     time.sleep(0.1)
                 else:
                     break
             else:
                 log.warning('not all daemons have been joined: {}', self.threads)
                 del self.threads[:]
Example #8
0
 def stop(self):
     with self.lock:
         if self.running:
             self.stopped.set()
             for i in range(50):
                 self.threads[:] = [t for t in self.threads if t.is_alive()]
                 if self.threads:
                     time.sleep(0.1)
                 else:
                     break
             else:
                 log.warning('not all daemons have been joined: {}', self.threads)
                 del self.threads[:]
Example #9
0
def ldap_auth(username, password):
    if not username or not password:
        return False

    try:
        ssl_material = (
            config['ldap.cacert'], config['ldap.cert'], config['ldap.key']
        )
        server_kwargs = {}
        tls_kwargs = {}

        if config['ldap.url'].startswith('ldaps') or any(ssl_material):
            server_kwargs['use_ssl'] = True
        else:
            server_kwargs['use_ssl'] = False
        server_kwargs['host'] = config['ldap.url']

        if config['ldap.cacert']:
            tls_kwargs['ca_certs_file'] = config['ldap.cacert']
            # if we specify a CA certs file, assume we want to validate it
            tls_kwargs['validate'] = ssl.CERT_REQUIRED

        if tls_kwargs:
            server_kwargs['tls'] = ldap3.Tls(**tls_kwargs)

        server = ldap3.Server(**server_kwargs)

    except:
        log.error('Error initializing LDAP server', exc_info=True)
        raise

    # attempt to bind on each base DN that was configured
    for basedn in listify(config['ldap.basedn']):
        dn = '{}={},{}'.format(config['ldap.userattr'], username, basedn)
        log.debug('attempting to bind with dn {}', dn)
        try:
            connection = ldap3.Connection(server, user=dn, password=password)
            connection.start_tls()
            is_bound = connection.bind()
        except:
            log.warning("Error binding to LDAP server with dn", exc_info=True)
            raise

        if is_bound:
            return True

    # we couldn't auth on anything
    return False
Example #10
0
    def check_authentication(cls):
        host, origin = cherrypy.request.headers[
            'host'], cherrypy.request.headers['origin']
        if ('//' + host) not in origin:
            log.error(
                'Javascript websocket connections must follow same-origin policy; origin {!r} does not match host {!r}',
                origin, host)
            raise ValueError('Origin and Host headers do not match')

        if config['ws.auth_required'] and 'username' not in cherrypy.session:
            log.warning(
                'websocket connections to this address must have a valid session'
            )
            raise ValueError('you are not logged in')

        return cherrypy.session.get('username', '<UNAUTHENTICATED>')
Example #11
0
    def check_authentication(cls):
        host, origin = cherrypy.request.headers[
            'host'], cherrypy.request.headers['origin']
        if ('//' + host.split(':')[0]) not in origin:
            log.error(
                'Javascript websocket connections must follow same-origin policy; origin {!r} does not match host {!r}',
                origin, host)
            raise WebSocketAuthError('Origin and Host headers do not match')

        if config['ws.auth_required'] and not cherrypy.session.get(
                config['ws.auth_field']):
            log.warning(
                'websocket connections to this address must have a valid session'
            )
            raise WebSocketAuthError('You are not logged in')

        return WebSocketDispatcher.check_authentication()
Example #12
0
def ldap_auth(username, password):
    if not username or not password:
        return False

    try:
        conn = ldap.initialize(config['ldap.url'])

        force_start_tls = False
        if config['ldap.cacert']:
            ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, config['ldap.cacert'])
            force_start_tls = True

        if config['ldap.cert']:
            ldap.set_option(ldap.OPT_X_TLS_CERTFILE, config['ldap.cert'])
            force_start_tls = True

        if config['ldap.key']:
            ldap.set_option(ldap.OPT_X_TLS_KEYFILE, config['ldap.key'])
            force_start_tls = True

        if force_start_tls:
            conn.start_tls_s()
        else:
            conn.set_option(ldap.OPT_X_TLS_DEMAND, config['ldap.start_tls'])
    except:
        log.error('Error initializing LDAP connection', exc_info=True)
        raise

    for basedn in listify(config['ldap.basedn']):
        dn = '{}={},{}'.format(config['ldap.userattr'], username, basedn)
        log.debug('attempting to bind with dn {}', dn)
        try:
            conn.simple_bind_s(dn, password)
        except ldap.INVALID_CREDENTIALS as x:
            continue
        except:
            log.warning("Error binding to LDAP server with dn", exc_info=True)
            raise
        else:
            return True
Example #13
0
def ldap_auth(username, password):
    if not username or not password:
        return False
    
    try:
        conn = ldap.initialize(config['ldap.url'])
        
        force_start_tls = False
        if config['ldap.cacert']:
            ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, config['ldap.cacert'])
            force_start_tls = True
            
        if config['ldap.cert']:
            ldap.set_option(ldap.OPT_X_TLS_CERTFILE, config['ldap.cert'])
            force_start_tls = True
            
        if config['ldap.key']:
            ldap.set_option(ldap.OPT_X_TLS_KEYFILE, config['ldap.key'])
            force_start_tls = True
    
        if force_start_tls:
            conn.start_tls_s()
        else:
            conn.set_option(ldap.OPT_X_TLS_DEMAND, config['ldap.start_tls'])
    except:
        log.error('Error initializing LDAP connection', exc_info=True)
        raise
    
    for basedn in listify(config['ldap.basedn']):
        dn = '{}={},{}'.format(config['ldap.userattr'], username, basedn)
        log.debug('attempting to bind with dn {}', dn)
        try:
            conn.simple_bind_s(dn, password)
        except ldap.INVALID_CREDENTIALS as x:
            continue
        except:
            log.warning("Error binding to LDAP server with dn", exc_info=True)
            raise
        else:
            return True
Example #14
0
from __future__ import unicode_literals
import importlib

import six
import cherrypy

from sideboard._version import __version__
try:
    import sideboard.server
except:
    from sideboard.lib import log
    log.warning('Error importing server', exc_info=True)

from sideboard.internal.imports import _discover_plugins
from sideboard.internal.logging import _configure_logging

_discover_plugins()
_configure_logging()