def acquire_service_token(self, options):
"""Retrieve service token"""
logger = self.logger(self.acquire_service_token.__name__)
logger.debug_secrets('options: %s', options)
request_body = self.prepare_security_token_request({
'username':
options['username'],
'password':
options['password'],
'endpoint':
self.url
})
sts_url = 'https://' + options['sts']['host'] + options['sts']['path']
response = requests.post(
sts_url,
data=request_body,
headers={'Content-Type': 'application/x-www-form-urlencoded'})
token = self.process_service_token_response(response)
logger.debug_secrets('token: %s', token)
if token:
self.token = token
return True
return False
def get_authentication_cookie(self):
"""Generate Auth Cookie"""
logger = self.logger(self.get_authentication_cookie.__name__)
logger.debug_secrets("self.FedAuth: %s\nself.rtFa: %s", self.FedAuth,
self.rtFa)
return 'FedAuth=' + self.FedAuth + '; rtFa=' + self.rtFa
def prepare_security_token_request(params):
"""Construct the request body to acquire security token from STS endpoint"""
logger = SamlTokenProvider.logger(
SamlTokenProvider.prepare_security_token_request.__name__)
logger.debug_secrets('params: %s', params)
f = open(os.path.join(os.path.dirname(__file__), 'SAML.xml'))
try:
data = f.read()
for key in params:
data = data.replace('[' + key + ']', params[key])
return data
finally:
f.close()
def process_service_token_response(self, response):
logger = self.logger(self.process_service_token_response.__name__)
logger.debug_secrets('response: %s\nresponse.content: %s', response,
response.content)
xml = ElementTree.fromstring(response.content)
ns_prefixes = {
'S':
'{http://www.w3.org/2003/05/soap-envelope}',
'psf':
'{http://schemas.microsoft.com/Passport/SoapServices/SOAPFault}',
'wst':
'{http://schemas.xmlsoap.org/ws/2005/02/trust}',
'wsse':
'{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}'
}
logger.debug_secrets("ns_prefixes: %s", ns_prefixes)
# check for errors
if xml.find('{0}Body/{0}Fault'.format(ns_prefixes['S'])) is not None:
error = xml.find(
'{0}Body/{0}Fault/{0}Detail/{1}error/{1}internalerror/{1}text'.
format(ns_prefixes['S'], ns_prefixes['psf']))
self.error = 'An error occurred while retrieving token: {0}'.format(
error.text)
logger.error(self.error)
return None
# extract token
token = xml.find(
'{0}Body/{1}RequestSecurityTokenResponse/{1}RequestedSecurityToken/{2}BinarySecurityToken'
.format(ns_prefixes['S'], ns_prefixes['wst'], ns_prefixes['wsse']))
logger.debug_secrets("token: %s", token)
return token.text
def acquire_authentication_cookie(self, options):
"""Retrieve SPO auth cookie"""
logger = self.logger(self.acquire_authentication_cookie.__name__)
url = options['endpoint']
session = requests.session()
logger.debug_secrets("session: %s\nsession.post(%s, data=%s)", session,
url, self.token)
session.post(
url,
data=self.token,
headers={'Content-Type': 'application/x-www-form-urlencoded'})
logger.debug_secrets("session.cookies: %s", session.cookies)
cookies = requests.utils.dict_from_cookiejar(session.cookies)
logger.debug_secrets("cookies: %s", cookies)
if 'FedAuth' in cookies and 'rtFa' in cookies:
self.FedAuth = cookies['FedAuth']
self.rtFa = cookies['rtFa']
return True
self.error = "An error occurred while retrieving auth cookies"
logger.error(self.error)
return False