Example #1
0
    def dispatch(self, request, *args, **kwargs):
        try:
            token = request.META['HTTP_X_MONOLITH_TOKEN'].strip()
            api_data = verify_secret(token, 'zentral.contrib.monolith')
        except (KeyError, ValueError, APIAuthError):
            return HttpResponseForbidden("No no no!")

        # machine serial number
        h_msn = request.META.get("HTTP_X_ZENTRAL_SERIAL_NUMBER")  # new way
        t_msn = api_data.get("machine_serial_number")  # old way
        if h_msn and t_msn and h_msn != t_msn:
            logger.warning("Serial number mismatch. header: %s, token: %s",
                           h_msn, t_msn)
        self.machine_serial_number = h_msn or t_msn  # priority to h_msn because set in preflight script

        # business unit, manifest
        self.meta_business_unit = api_data['business_unit'].meta_business_unit
        self.manifest = get_object_or_404(
            Manifest, meta_business_unit=self.meta_business_unit)

        self.user_agent, self.ip = user_agent_and_ip_address_from_request(
            request)

        # machine extra infos
        self.machine = MetaMachine(self.machine_serial_number)
        self.tags = self.machine.tags

        if not self.machine_serial_number:
            logger.warning("Missing serial number. mbu: %s %s",
                           self.meta_business_unit, self.meta_business_unit.pk)

        return super().dispatch(request, *args, **kwargs)
Example #2
0
 def verify_signed_secret(self, enroll_secret):
     api_secret_data = verify_secret(enroll_secret, SOURCE_MODULE)
     self.machine_serial_number = api_secret_data.get(
         'machine_serial_number', None)
     if not self.machine_serial_number:
         raise APIAuthError("No serial number")
     self.business_unit = api_secret_data.get("business_unit", None)
Example #3
0
 def check_data_secret(self, data):
     try:
         data = verify_secret(data['enroll_secret'], "zentral.contrib.osquery")
     except KeyError:
         raise SuspiciousOperation("Osquery enroll request without enroll secret")
     try:
         self.machine_serial_number = data['machine_serial_number']
     except KeyError:
         raise SuspiciousOperation("Osquery enroll secret without machine serial number")
     self.business_unit = data.get('business_unit', None)
Example #4
0
 def check_data_secret(self, data):
     try:
         data = verify_secret(data['enroll_secret'], "zentral.contrib.osquery")
     except KeyError:
         raise SuspiciousOperation("Osquery enroll request without enroll secret")
     try:
         self.machine_serial_number = data['machine_serial_number']
     except KeyError:
         raise SuspiciousOperation("Osquery enroll secret without machine serial number")
     self.business_unit = data.get('business_unit', None)
Example #5
0
 def dispatch(self, request, *args, **kwargs):
     try:
         token = request.META['HTTP_X_MONOLITH_TOKEN'].strip()
         api_data = verify_secret(token, 'zentral.contrib.monolith')
     except (KeyError, ValueError, APIAuthError):
         return HttpResponseForbidden("No no no!")
     self.machine_serial_number = api_data.get("machine_serial_number", None)
     self.user_agent, self.ip = user_agent_and_ip_address_from_request(request)
     self.machine = MetaMachine(self.machine_serial_number)
     self.tags = self.machine.tags
     self.meta_business_unit = api_data['business_unit'].meta_business_unit
     self.manifest = get_object_or_404(Manifest, meta_business_unit=self.meta_business_unit)
     return super().dispatch(request, *args, **kwargs)
Example #6
0
 def verify_signed_machine_id(self):
     """Verify the secret signature"""
     # TODO: deprecate and remove
     data = verify_secret(self.machine_id, "zentral.contrib.santa")
     self.machine_serial_number = data.get('machine_serial_number', None)
     self.business_unit = data.get('business_unit', None)
Example #7
0
 def check_data_secret(self, data):
     data = verify_secret(data['enroll_secret'], "zentral.contrib.osquery")
     self.machine_serial_number = data['machine_serial_number']
     self.business_unit = data.get('business_unit', None)
Example #8
0
 def verify_request_secret(self, secret):
     data = verify_secret(secret, "zentral.contrib.munki")
     self.machine_serial_number = data.get('machine_serial_number', None)
     self.business_unit = data.get('business_unit', None)
Example #9
0
 def check_data_secret(self, data):
     data = verify_secret(data.pop('zentral_api_secret', None),
                          "zentral.contrib.zendesk")
     self.business_unit = data.get('business_unit', None)
Example #10
0
 def check_data_secret(self, data):
     data = verify_secret(data.pop('zentral_api_secret', None), "zentral.contrib.zendesk")
     self.business_unit = data.get('business_unit', None)