def get_http_auth_type(url, headers={}):
headers['User-Agent'] = USER_AGENT
try:
r = requests.get(url,
verify=False,
headers=headers,
timeout=Globals.timeout)
except Exception as e:
raise RequestException('Network error: {}'.format(e))
if r.status_code == 401:
if 'WWW-Authenticate' not in r.headers:
raise RequestException(
'HTTP Authentication type cannot be determined '
'because there is no response header "WWW-Authenticate"')
respheader = r.headers['WWW-Authenticate'].lower()
if 'basic' in respheader:
return AuthMode.BASIC
elif 'digest' in respheader:
return AuthMode.DIGEST
elif 'ntlm' in respheader:
return AuthMode.NTLM
else:
return AuthMode.UNKNOWN
else:
return AuthMode.UNKNOWN
def try_auth(self, username, password):
if self.interface == 'admin-console':
# We need to retrieve ViewState value
r = Requester.get(self.interface_url)
m = re.search('<input type="hidden" name="javax\.faces\.ViewState" ' \
'id="javax\.faces\.ViewState" value="(?P<viewstate>.*?)"', r.text)
if not m:
raise RequestException(
'Unable to retrieve ViewState from {}'.format(
self.interface_url))
data = OrderedDict([
("login_form", "login_form"),
("login_form:name", username),
("login_form:password", password),
("login_form:submit", "Login"),
("javax.faces.ViewState", m.group('viewstate')),
])
# We also need to retrieve JSESSIONID value
m = re.search(
r'JSESSIONID=(?P<jsessionid>.*); Path=\/admin-console',
r.headers['Set-Cookie'])
if not m:
raise RequestException('Unable to retrieve JSESSIONID value ' \
'from {}'.format(self.interface_url))
r = Requester.post(self.interface_url,
data,
headers={
'Cookie':
'JSESSIONID={}'.format(
m.group('jsessionid'))
},
allow_redirects=False)
status = ('name="login_form:password"' not in r.text \
and 'Not logged in' not in r.text)
return status
elif self.interface == 'jmx-console':
r = Requester.http_auth(self.interface_url, self.http_auth_type,
username, password)
return (r.status_code != 401)
elif self.interface == 'management':
r = Requester.http_auth(self.interface_url, self.http_auth_type,
username, password)
return (r.status_code != 401)
elif self.interface == 'web-console':
r = Requester.http_auth(self.interface_url, self.http_auth_type,
username, password)
return (r.status_code != 401)
else:
raise AuthException(
'No auth interface found during initialization')
def post(url, data, headers={}, allow_redirects=True):
headers['User-Agent'] = USER_AGENT
try:
r = requests.post(url, data=data,
verify=False, headers=headers, timeout=Globals.timeout,
allow_redirects=allow_redirects)
return r
except Exception as e:
raise RequestException('Network error: {}'.format(e))
def _get_salt(self, url):
r = Requester.get(url)
m = re.search(
'<input name="salt" type="hidden" value="(?P<salt>\S+?)">', r.text)
if not m:
raise RequestException(
'Unable to retrieve salt from {}'.format(url))
else:
return m.group('salt')
def get(url, params={}, headers={}, cookies=None, allow_redirects=True):
headers['User-Agent'] = USER_AGENT
try:
r = requests.get(url,
params=params,
headers=headers,
cookies=cookies,
verify=False,
timeout=Globals.timeout,
allow_redirects=allow_redirects)
return r
except Exception as e:
raise RequestException('Network error: {}'.format(e))
def http_auth(url, auth_type, username, password, headers={}):
if auth_type == AuthMode.BASIC:
auth = requests.auth.HTTPBasicAuth(username, password)
elif auth_type == AuthMode.DIGEST:
auth = requests.auth.HTTPDigestAuth(username, password)
elif auth_type == AuthMode.NTLM:
auth = requests_ntlm.HttpNtlmAuth(username, password)
else:
return None
headers['User-Agent'] = USER_AGENT
try:
r = requests.get(url, headers=headers, auth=auth,
verify=False, timeout=Globals.timeout)
return r
except Exception as e:
raise RequestException('Network error: {}'.format(e))