def getAndSendPushToken(self, tree, namespace,
deviceHardwareIdWithoutPrefix):
items = tree.findall("./{%s}SyncBody/{%s}Results/{%s}Item/." %
(namespace, namespace, namespace))
pushToken = None
for item in items:
locUri = item.find("./{%s}Source/{%s}LocURI/." %
(namespace, namespace)).text
if locUri == TOKEN_URI % self.config.get("Enrollment",
"ProviderId"):
pushToken = item.find("./{%s}Data/." % namespace).text
break
if pushToken is not None:
queryResult = globalFunctions.queryApi(
self.config, {
"hardware_id": deviceHardwareIdWithoutPrefix,
"push_token": pushToken
}, self.config.get("API", "AssignPushToken"))
if queryResult["success"] != True:
globalFunctions.printDebugLog(
self.config, "QUERY API FAILED",
self.config.get("API", "AssignPushToken") + " response: " +
str(result))
return queryResult["success"] == True
globalFunctions.printDebugLog(self.config,
"Error in obtaining Push Token",
"Push Token is None")
return False
def assignHardwareIdToApi(self, deviceId, deviceHardwareIdWithoutPrefix):
result = globalFunctions.queryApi(
self.config, {
"device_id": deviceId,
"hardware_id": deviceHardwareIdWithoutPrefix
}, self.config.get("API", "AssignHardwareId"))
if not result["success"]:
globalFunctions.printDebugLog(
self.config, "QUERY API FAILED",
self.config.get("API", "AssignHardwareId") + " response: " +
str(result))
return result["success"]
def index(self, **kwargs):
if 'Content-Type' not in cherrypy.request.headers:
return "Error, no content type"
if cherrypy.request.method == "GET":
return ""
if cherrypy.request.headers['Content-Type'] == CONTENT_TYPE_SOAP:
cherrypy.response.headers['Content-Type'] = CONTENT_TYPE_SOAP
requestBody = cherrypy.request.body.read()
globalFunctions.printDebugLog(self.config, "DISCOVERY REQUEST",
requestBody)
tree = ET.fromstring(requestBody)
messageId = tree.find("./{%s}Header/{%s}MessageID/." %
(NAMESPACE_S, NAMESPACE_A)).text
toReturn = self.makeResponse(messageId)
globalFunctions.printDebugLog(self.config, "DISCOVERY RESPONSE",
toReturn)
return toReturn
return "unsupported request"
def index(self, **kwargs):
if 'Content-Type' not in cherrypy.request.headers:
return "Error, no content type"
if cherrypy.request.headers['Content-Type'] == CONTENT_TYPE_SOAP:
cherrypy.response.headers['Content-Type'] = CONTENT_TYPE_SOAP
requestBody = cherrypy.request.body.read()
globalFunctions.printDebugLog(self.config, "ENROLLMENT REQUEST",
requestBody)
tree = ET.fromstring(requestBody)
xmlDoc = XmlDoc()
messageId = tree.find("./{%s}Header/{%s}MessageID/." %
(NAMESPACE_S, NAMESPACE_A)).text
binarySecurityTokenPem = tree.find(
"./{%s}Body/{%s}RequestSecurityToken/{%s}BinarySecurityToken/."
% (NAMESPACE_S, NAMESPACE_WST, NAMESPACE_WSSE)).text
binarySecurityToken = M2Crypto.X509.load_request_string(
self.reformatRequestToken(binarySecurityTokenPem))
usernameToken = tree.find(
"./{%s}Header/{%s}Security/{%s}UsernameToken/." %
(NAMESPACE_S, NAMESPACE_WSSE, NAMESPACE_WSSE))
#username is enrollment token
username = usernameToken.find("./{%s}Username/." %
NAMESPACE_WSSE).text
#password is parent pid
password = usernameToken.find("./{%s}Password/." %
NAMESPACE_WSSE).text
result = globalFunctions.queryApi(
self.config, {
'token': username,
'pin': password
}, self.config.get("API", "CheckTokenUrl"))
if result["success"] != True:
globalFunctions.printDebugLog(
self.config, "cannot verify username and token", "")
return
deviceId = str(result["device_id"])
toReturn = self.makeResponse(messageId, binarySecurityToken,
deviceId)
globalFunctions.printDebugLog(self.config, "ENROLLMENT RESPONSE",
toReturn)
return toReturn
return "unsupported request"
def index(self, **kwargs):
if 'Content-Type' not in cherrypy.request.headers:
return "Error, no content type"
if cherrypy.request.headers['Content-Type'] == CONTENT_TYPE_SYNCML:
cherrypy.response.headers['Content-Type'] = CONTENT_TYPE_SYNCML
requestBody = cherrypy.request.body.read()
tree = ET.fromstring(requestBody)
xmlDoc = XmlDoc()
globalFunctions.printDebugLog(self.config, "OMADM REQUEST",
xmlDoc.elementToString(tree))
namespace = self.namespaceWithSyncMLVersion(tree)
deviceHardwareId = self.getDeviceHardwareId(tree, namespace)
deviceHardwareIdWithoutPrefix = deviceHardwareId[
len(DEVICE_HARDWARE_ID_PREFIX):]
deviceId = self.getDeviceId(tree, namespace)
sessionId = tree.find("./{%s}SyncHdr/{%s}SessionID/." %
(namespace, namespace)).text
msgId = tree.find("./{%s}SyncHdr/{%s}MsgID/." %
(namespace, namespace)).text
if self.isUnenrollmentRequest(tree, namespace,
deviceHardwareIdWithoutPrefix):
toReturn = self.responseForUnenrollment(
deviceHardwareId, sessionId, msgId)
elif msgId == "1":
if (not self.assignHardwareIdToApi(
deviceId, deviceHardwareIdWithoutPrefix)
or self.checkApiIfUserShouldUnenroll(
deviceHardwareIdWithoutPrefix)):
toReturn = self.responseWithForceUnenrollment(
deviceHardwareId, sessionId, msgId)
else:
toReturn = self.responseWithStandardPolicy(
deviceHardwareId, sessionId, msgId)
elif msgId == "2":
if self.messageIsForceUnenrollmentResponse(tree, namespace):
toReturn = self.responseForCloseConnection(
deviceHardwareId, sessionId, msgId)
elif not self.getAndSendPushToken(
tree, namespace, deviceHardwareIdWithoutPrefix):
return "internal error"
elif self.getSyncInterval(tree, namespace) != self.config.get(
"Enrollment", "SynchInterval"):
toReturn = self.responseForChangeSyncInterval(
deviceHardwareId, sessionId, msgId)
else:
toReturn = self.responseForCloseConnection(
deviceHardwareId, sessionId, msgId)
else:
toReturn = self.responseForCloseConnection(
deviceHardwareId, sessionId, msgId)
globalFunctions.printDebugLog(self.config, "OMADM RESPONSE",
toReturn)
return toReturn
return "unsupported request"
def createProvisioningXML(self, tokenRequest, deviceId):
xmlDoc = XmlDoc()
wapProvisioningDoc = xmlDoc.element('wap-provisioningdoc')
xmlDoc.addAttribute(wapProvisioningDoc, "version", '1.1')
characteristicCertificateStore = self.makeCharacteristicNode(
xmlDoc, wapProvisioningDoc, 'CertificateStore')
characteristicRoot = self.makeCharacteristicNode(
xmlDoc, characteristicCertificateStore, 'Root')
characteristicSystem = self.makeCharacteristicNode(
xmlDoc, characteristicRoot, 'System')
rootCertificate = self.createRootCertificate()
characteristicNumSystem = self.makeCharacteristicNode(
xmlDoc, characteristicSystem,
rootCertificate.get_fingerprint('sha1'))
self.makeParmNode(xmlDoc, characteristicNumSystem,
"EncodedCertificate",
self.reformatCertificate(rootCertificate.as_pem()))
characteristicMy = self.makeCharacteristicNode(
xmlDoc, characteristicCertificateStore, 'My')
characteristicUser = self.makeCharacteristicNode(
xmlDoc, characteristicMy, 'User')
clientCertificate = self.createClientCertificate(tokenRequest)
characteristicNumUser = self.makeCharacteristicNode(
xmlDoc, characteristicUser,
clientCertificate.get_fingerprint('sha1'))
self.makeParmNode(xmlDoc, characteristicNumUser, "EncodedCertificate",
self.reformatCertificate(clientCertificate.as_pem()))
characteristicPrivateKeyContainer = self.makeCharacteristicNode(
xmlDoc, characteristicNumUser, 'PrivateKeyContainer')
characteristicWSTEP = self.makeCharacteristicNode(
xmlDoc, characteristicMy, 'WSTEP')
characteristicRenew = self.makeCharacteristicNode(
xmlDoc, characteristicWSTEP, 'Renew')
self.makeParmNode(xmlDoc, characteristicRenew, "ROBOSupport", "true",
"boolean")
self.makeParmNode(xmlDoc, characteristicRenew, "RenewPeriod",
self.config.get("Enrollment", "ROBORenewPeriod"),
"integer")
self.makeParmNode(xmlDoc, characteristicRenew, "RetryInterval",
self.config.get("Enrollment", "ROBORetryInterval"),
"integer")
characteristicApplication = self.makeCharacteristicNode(
xmlDoc, wapProvisioningDoc, 'APPLICATION')
self.makeParmNode(xmlDoc, characteristicApplication, "APPID", "w7")
self.makeParmNode(xmlDoc, characteristicApplication, "PROVIDER-ID",
self.config.get("Enrollment", "ProviderId"))
self.makeParmNode(xmlDoc, characteristicApplication, "NAME",
self.config.get("Enrollment", "Name"))
self.makeParmNode(xmlDoc, characteristicApplication, "ADDR",
self.config.get("Enrollment", "MDMServerUrl"))
self.makeParmNode(xmlDoc, characteristicApplication, "INIT", "")
characteristicAPPAUTH = self.makeCharacteristicNode(
xmlDoc, characteristicApplication, 'APPAUTH')
self.makeParmNode(xmlDoc, characteristicAPPAUTH, "AAUTHLEVEL",
"CLIENT")
self.makeParmNode(xmlDoc, characteristicAPPAUTH, "AAUTHSECRET", DUMMY)
self.makeParmNode(xmlDoc, characteristicAPPAUTH, "AAUTHDATA", DUMMY)
characteristicAPPAUTH = self.makeCharacteristicNode(
xmlDoc, characteristicApplication, 'APPAUTH')
self.makeParmNode(xmlDoc, characteristicAPPAUTH, "AAUTHLEVEL",
"APPSRV")
self.makeParmNode(xmlDoc, characteristicAPPAUTH, "AAUTHNAME", deviceId)
self.makeParmNode(xmlDoc, characteristicAPPAUTH, "AAUTHSECRET", DUMMY)
characteristicDMClient = self.makeCharacteristicNode(
xmlDoc, wapProvisioningDoc, 'DMClient')
characteristicProvider = self.makeCharacteristicNode(
xmlDoc, characteristicDMClient, 'Provider')
characteristicTestMDMServer = self.makeCharacteristicNode(
xmlDoc, characteristicProvider,
self.config.get("Enrollment", "ProviderId"))
characteristicPoll = self.makeCharacteristicNode(
xmlDoc, characteristicTestMDMServer, 'Poll')
self.makeParmNode(xmlDoc, characteristicPoll, "NumberOfFirstRetries",
"8", "integer")
self.makeParmNode(xmlDoc, characteristicPoll,
"IntervalForFirstSetOfRetries", "15", "integer")
self.makeParmNode(xmlDoc, characteristicPoll, "NumberOfSecondRetries",
"5", "integer")
self.makeParmNode(xmlDoc, characteristicPoll,
"IntervalForSecondSetOfRetries", "3", "integer")
self.makeParmNode(xmlDoc, characteristicPoll,
"NumberOfRemainingScheduledRetries", "0", "integer")
self.makeParmNode(xmlDoc, characteristicPoll,
"IntervalForRemainingScheduledRetries",
self.config.get("Enrollment",
"SynchInterval"), "integer")
toReturn = xmlDoc.elementToString(wapProvisioningDoc, False)
globalFunctions.printDebugLog(self.config,
"ENROLLMENT WAP PROVINSIONING FILE",
toReturn)
return toReturn