def user_key_link_get(org_id, user_id):
org = Organization.get_org(id=org_id)
key_id = uuid.uuid4().hex
view_id = None
uri_id = None
for i in xrange(2):
for i in xrange(2048):
temp_id = ''.join(random.sample(SHORT_URL_CHARS, SHORT_URL_LEN))
if not view_id:
if not cache_db.exists(_get_view_key(temp_id)):
view_id = temp_id
break
else:
if not cache_db.exists(_get_uri_key(temp_id)):
uri_id = temp_id
break
if not view_id and not uri_id:
raise KeyLinkError('Failed to generate random id')
cache_db.expire(_get_key_key(key_id), KEY_LINK_TIMEOUT)
cache_db.dict_set(_get_key_key(key_id), 'org_id', org_id)
cache_db.dict_set(_get_key_key(key_id), 'user_id', user_id)
cache_db.dict_set(_get_key_key(key_id), 'view_id', view_id)
cache_db.dict_set(_get_key_key(key_id), 'uri_id', uri_id)
conf_urls = []
if app_server.inline_certs:
for server in org.iter_servers():
conf_id = uuid.uuid4().hex
cache_db.expire(_get_conf_key(conf_id), KEY_LINK_TIMEOUT)
cache_db.dict_set(_get_conf_key(conf_id), 'org_id', org_id)
cache_db.dict_set(_get_conf_key(conf_id), 'user_id', user_id)
cache_db.dict_set(_get_conf_key(conf_id), 'server_id', server.id)
conf_urls.append({
'id': conf_id,
'server_name': server.name,
'url': '/key/%s.ovpn' % conf_id,
})
cache_db.expire(_get_view_key(view_id), KEY_LINK_TIMEOUT)
cache_db.dict_set(_get_view_key(view_id), 'org_id', org_id)
cache_db.dict_set(_get_view_key(view_id), 'user_id', user_id)
cache_db.dict_set(_get_view_key(view_id), 'key_id', key_id)
cache_db.dict_set(_get_view_key(view_id), 'uri_id', uri_id)
cache_db.dict_set(_get_view_key(view_id),
'conf_urls', json.dumps(conf_urls))
cache_db.expire(_get_uri_key(uri_id), KEY_LINK_TIMEOUT)
cache_db.dict_set(_get_uri_key(uri_id), 'org_id', org_id)
cache_db.dict_set(_get_uri_key(uri_id), 'user_id', user_id)
return utils.jsonify({
'id': key_id,
'key_url': '/key/%s.tar' % key_id,
'view_url': '/k/%s' % view_id,
'uri_url': '/ku/%s' % uri_id,
})
def load_file(self):
if settings.conf.static_cache and cache_db.exists(
self.get_cache_key()):
self.get_cache()
return
if not os.path.isfile(self.path):
if settings.conf.static_cache:
self.set_cache()
return
file_basename = os.path.basename(self.path)
file_mtime = datetime.datetime.utcfromtimestamp(
os.path.getmtime(self.path))
file_size = int(os.path.getsize(self.path))
if self.gzip:
gzip_data = StringIO.StringIO()
with open(self.path, 'rb') as static_file, \
gzip.GzipFile(fileobj=gzip_data, mode='wb') as gzip_file:
shutil.copyfileobj(static_file, gzip_file)
self.data = gzip_data.getvalue()
else:
with open(self.path, 'r') as static_file:
self.data = static_file.read()
self.mime_type = mimetypes.guess_type(file_basename)[0] or 'text/plain'
self.last_modified = werkzeug.http.http_date(file_mtime)
self.etag = generate_etag(file_basename, file_size, file_mtime)
if settings.conf.static_cache:
self.set_cache()
def user_linked_key_archive_get(key_id):
org_id = cache_db.dict_get(_get_key_key(key_id), 'org_id')
user_id = cache_db.dict_get(_get_key_key(key_id), 'user_id')
# Check for expire
if not cache_db.exists(_get_key_key(key_id)):
time.sleep(RATE_LIMIT_SLEEP)
return flask.abort(404)
return _get_key_archive(org_id, user_id)
def user_uri_key_page_get(uri_id):
org_id = cache_db.dict_get(_get_uri_key(uri_id), 'org_id')
user_id = cache_db.dict_get(_get_uri_key(uri_id), 'user_id')
# Check for expire
if not cache_db.exists(_get_uri_key(uri_id)):
time.sleep(RATE_LIMIT_SLEEP)
return flask.abort(404)
org = Organization.get_org(id=org_id)
user = org.get_user(user_id)
keys = {}
for server in org.iter_servers():
key = user.build_key_conf(server.id)
keys[key['name']] = key['conf']
return utils.jsonify(keys)
def user_linked_key_page_get(view_id):
view_id_key = 'view_token-%s' % view_id
org_id = cache_db.dict_get(view_id_key, 'org_id')
user_id = cache_db.dict_get(view_id_key, 'user_id')
key_id = cache_db.dict_get(view_id_key, 'key_id')
conf_urls = cache_db.dict_get(view_id_key, 'conf_urls')
if conf_urls:
conf_urls = json.loads(conf_urls)
# Check for expire
if not cache_db.exists(view_id_key):
time.sleep(RATE_LIMIT_SLEEP)
return flask.abort(404)
org = Organization.get_org(id=org_id)
user = org.get_user(user_id)
key_page = StaticFile(app_server.www_path, KEY_INDEX_NAME,
cache=False).data
key_page = key_page.replace('<%= user_name %>', '%s - %s' % (
org.name, user.name))
key_page = key_page.replace('<%= user_key_url %>', '/key/%s.tar' % (
key_id))
if org.otp_auth:
key_page = key_page.replace('<%= user_otp_key %>', user.otp_secret)
key_page = key_page.replace('<%= user_otp_url %>',
'otpauth://totp/%s@%s?secret=%s' % (
user.name, org.name, user.otp_secret))
else:
key_page = key_page.replace('<%= user_otp_key %>', '')
key_page = key_page.replace('<%= user_otp_url %>', '')
key_page = key_page.replace('<%= view_id %>', view_id)
conf_links = ''
for conf_url in conf_urls:
conf_links += '<a class="sm" title="Download Mobile Key" ' + \
'href="%s">Download Mobile Key (%s)</a><br>\n' % (
conf_url['url'], conf_url['server_name'])
key_page = key_page.replace('<%= conf_links %>', conf_links)
return key_page
def user_linked_key_conf_get(conf_id):
org_id = cache_db.dict_get(_get_conf_key(conf_id), 'org_id')
user_id = cache_db.dict_get(_get_conf_key(conf_id), 'user_id')
server_id = cache_db.dict_get(_get_conf_key(conf_id), 'server_id')
# Check for expire
if not cache_db.exists(_get_conf_key(conf_id)):
time.sleep(RATE_LIMIT_SLEEP)
return flask.abort(404)
org = Organization.get_org(id=org_id)
user = org.get_user(user_id)
key_conf = user.build_key_conf(server_id)
response = flask.Response(response=key_conf['conf'],
mimetype='application/octet-stream')
response.headers.add('Content-Disposition',
'attachment; filename="%s"' % key_conf['name'])
return response
def load_file(self):
if settings.conf.static_cache and cache_db.exists(
self.get_cache_key()):
self.get_cache()
return
if not os.path.isfile(self.path):
if settings.conf.static_cache:
self.set_cache()
return
file_basename = os.path.basename(self.path)
file_mtime = datetime.datetime.utcfromtimestamp(
os.path.getmtime(self.path))
file_size = int(os.path.getsize(self.path))
with open(self.path, 'r') as static_file:
self.data = static_file.read()
self.mime_type = mimetypes.guess_type(file_basename)[0] or 'text/plain'
self.last_modified = werkzeug.http.http_date(file_mtime)
self.etag = generate_etag(file_basename, file_size, file_mtime)
if settings.conf.static_cache:
self.set_cache()
def load_file(self):
if settings.conf.static_cache and cache_db.exists(
self.get_cache_key()):
self.get_cache()
return
if not os.path.isfile(self.path):
if settings.conf.static_cache:
self.set_cache()
return
file_basename = os.path.basename(self.path)
file_mtime = datetime.datetime.utcfromtimestamp(
os.path.getmtime(self.path))
file_size = int(os.path.getsize(self.path))
with open(self.path, 'r') as static_file:
self.data = static_file.read()
self.mime_type = mimetypes.guess_type(file_basename)[0] or 'text/plain'
self.last_modified = werkzeug.http.http_date(file_mtime)
self.etag = self.generate_etag(file_basename, file_size, file_mtime)
if settings.conf.static_cache:
self.set_cache()
