def __init__(self, filepath, bundle_root_path=None): tyk.log( "Loading module: '{0}'".format(filepath), "info") self.filepath = filepath self.handlers = {} self.bundle_id = filepath self.bundle_root_path = bundle_root_path self.imported_modules = [] module_splits = filepath.split('_') self.api_id, self.middleware_id = module_splits[0], module_splits[1] self.module_path = os.path.join(self.bundle_root_path, filepath) self.parse_manifest() self.mw_path = os.path.join(self.module_path, "middleware.py") # Fallback for single file bundles: if len(self.manifest['file_list']) == 1: self.mw_path = os.path.join(self.module_path, self.manifest['file_list'][0]) try: self.loader = MiddlewareLoader(self) sys.meta_path.append(self.loader) invalidate_caches() self.module = imp.load_source(filepath, self.mw_path) self.register_handlers() self.cleanup() except Exception as e: tyk.log_error("Middleware initialization error: {0}".format(e))
def __init__(self, filepath, bundle_root_path=None): tyk.log("Loading module: '{0}'".format(filepath), "info") self.filepath = filepath self.handlers = {} self.bundle_id = filepath self.bundle_root_path = bundle_root_path self.imported_modules = [] self.middleware_id = filepath self.module_path = os.path.join(self.bundle_root_path, filepath) self.parse_manifest() self.mw_path = os.path.join(self.module_path, "middleware.py") # Fallback for single file bundles: if len(self.manifest['file_list']) == 1: self.mw_path = os.path.join(self.module_path, self.manifest['file_list'][0]) try: self.loader = MiddlewareLoader(self) sys.meta_path.append(self.loader) invalidate_caches() self.module = imp.load_source(filepath, self.mw_path) self.register_handlers() self.cleanup() except Exception as e: tyk.log_error("Middleware initialization error: {0}".format(e)) pass
def reload(self): try: invalidate_caches() reload_module(self.module) self.register_handlers() except: tyk.log_error( "Reload error:" )
def dispatch_event(self, event_json): try: event = TykEvent(event_json) event_handler = self.find_event_handler(event.handler_name) if event_handler: event_handler.process(event) except: tyk.log_error("Can't dispatch, error:")
def __init__(self, module_path, module_name): tyk.log( "Loading module: '{0}'".format(module_name), "info") self.module_path = module_path self.handlers = {} try: source = SourceFileLoader(module_name, self.module_path) self.module = source.load_module() self.register_handlers() except: tyk.log_error( "Middleware initialization error:" )
def __init__(self, filepath): tyk.log("Loading module: '{0}'".format(filepath), "info") self.filepath = filepath self.handlers = {} try: self.module = import_module(filepath) self.register_handlers() except: tyk.log_error("Middleware initialization error:")
def dispatch_hook(self, object_msg): try: object = TykCoProcessObject(object_msg) middleware, hook_handler = self.find_hook_by_name(object.hook_name) if hook_handler: object = middleware.process(hook_handler, object) else: tyk.log( "Can't dispatch '{0}', hook is not defined.".format( object.hook_name), "error") return object.dump() except: exc_trace = traceback.format_exc() print(exc_trace) tyk.log_error("Can't dispatch, error:") return object_msg
def except_hook(type, value, traceback): tyk.log_error("{0}".format(value)) pass
from gateway import TykGateway as tyk def except_hook(type, value, traceback): tyk.log_error("{0}".format(value)) pass sys.excepthook = except_hook try: from tyk.middleware import TykMiddleware from tyk.object import TykCoProcessObject from tyk.event import TykEvent except Exception as e: tyk.log_error(str(e)) sys.exit(1) class TykDispatcher: '''A simple dispatcher''' def __init__(self, bundle_root_path): tyk.log("Initializing dispatcher", "info") self.bundle_root_path = bundle_root_path self.bundles = [] self.hook_table = {} def find_bundle(self, bundle_id): found = None for bundle in self.bundles: if bundle.bundle_id == bundle_id:
def LDAPAuthMiddleware(request, session, metadata, spec): """ Function to handle Authentication via LDAP. Please review the tutorial here: https://tyk.io/docs/customise-tyk/plugins/rich-plugins/python/custom-auth-python-tutorial/ This middleware expects an 'Authorization' header in the request object. The header will have the format: 'Basic AUTH_STRING' Where AUTH_STRING is a base64 encoded string of the format: 'username:password' For this example, the username is expected to have a distinguished name of: "cn=" + username + ",dc=example,dc=org" Note that the ldap_server variable is set to the ip address of the LDAP server. """ auth_header = request.get_header('Authorization') if not auth_header: # Log the error error_text = "No Auth header" tyk.log_error(error_text) # Set the return_overrides object to the appropriate error request.object.return_overrides.response_code = 400 request.object.return_overrides.response_error = error_text return request, session, metadata tyk.log_error(auth_header) field, sep, value = auth_header.partition("Basic ") if not value: # Log the error error_text = "Incorrect auth header (no value)" tyk.log_error(error_text) # Set the return_overrides object to the appropriate error request.object.return_overrides.response_code = 400 request.object.return_overrides.response_error = error_text return request, session, metadata # note the weirdness with bytes vs. strings because we're in python3 value_bytes = bytes(value, 'ascii') decoded_value = base64.standard_b64decode(value_bytes).decode() username, password = decoded_value.split(":") if not (username and password): # Log the error error_text = "Incorrect auth header (no username, password)" tyk.log_error(error_text) # Set the return_overrides object to the appropriate error request.object.return_overrides.response_code = 400 request.object.return_overrides.response_error = error_text return request, session, metadata user_dn = "cn=" + username + ",dc=example,dc=org" try: # initialize ldap and authenticate user using bind ldap_object = ldap.initialize("ldap://" + ldap_server) ldap_object.bind_s(user_dn, password) except ldap.LDAPError as e: # Log the error error_text = "Could not authenticate against LDAP with user " + username tyk.log_error(error_text) tyk.log_error(str(e)) # Set the return_overrides object to the appropriate error request.object.return_overrides.response_code = 500 request.object.return_overrides.response_error = error_text + ". -- " + str(e) return request, session, metadata # Setting metadata['token'] indicates to Tyk that the authorization was a success. In this case we are setting it # to the md5sum of the user_dn and the password. to_hash = user_dn + ":" + password metadata['token'] = hashlib.md5(to_hash.encode()).hexdigest() tyk.log("Authorized user: "******"info") return request, session, metadata