Example #1
0
    def post(self):
        """POST"""
        ca_id = self.request.get('ca_id', None)
        auth1 = self.GetAuth1Instance(ca_id=ca_id)

        if self._IsRemoteIpAddressBlocked(os.environ.get('REMOTE_ADDR', '')):
            raise base.NotAuthenticated('RemoteIpAddressBlocked')

        n = self.request.get('n', None)
        m = self.request.get('m', None)
        s = self.request.get('s', None)

        # uncomment for verbose logging on input auth sesssions
        #logging.debug('Input n=%s m=%s s=%s', n, m, s)

        try:
            auth1.Input(n=n, m=m, s=s)
        except ValueError, e:
            logging.exception('invalid parameters to auth1.Input()')
            raise base.NotAuthenticated('InvalidAuth1InputParams')
Example #2
0
    def GetAuth1Instance(self, ca_id=None):
        """Generate an instance of auth1 class and return it.

    Args:
      ca_id: str, default None, the ca_id to pass to LoadCaParameters.
          This value changes the set of server/ca public/priv etc config
          parameters that is used for the Auth1 communication.
    """
        try:
            auth1 = gaeserver.AuthSimianServer()
            auth1.LoadCaParameters(settings, ca_id)
        except gaeserver.CaParametersError, e:
            logging.critical('(ca_id = %s) %s' % (ca_id, str(e)))
            raise base.NotAuthenticated('CaParametersError')
Example #3
0
        s = self.request.get('s', None)

        # uncomment for verbose logging on input auth sesssions
        #logging.debug('Input n=%s m=%s s=%s', n, m, s)

        try:
            auth1.Input(n=n, m=m, s=s)
        except ValueError, e:
            logging.exception('invalid parameters to auth1.Input()')
            raise base.NotAuthenticated('InvalidAuth1InputParams')

        output = auth1.Output()
        auth_state = auth1.AuthState()

        if auth_state == gaeserver.base.AuthState.OK:
            if output:
                self.response.headers['Set-Cookie'] = CreateAuthTokenCookieStr(
                    output)
                self.response.out.write(auth.AUTH_TOKEN_COOKIE)
            else:
                logging.critical('Auth is OK but there is no output.')
                raise base.NotAuthenticated('AuthOkOutputEmpty')
        elif auth_state == gaeserver.base.AuthState.FAIL:
            raise base.NotAuthenticated('AuthStateFail')
        elif output:
            self.response.out.write(output)
        else:
            logging.critical('auth_state is %s but no output.', auth_state)
            # technically 500, 403 for security
            raise base.NotAuthenticated('AuthStateUnknownOutputEmpty')