def get_http_auth_type(url, headers={}): headers['User-Agent'] = USER_AGENT try: r = requests.get(url, verify=False, headers=headers, timeout=Globals.timeout) except Exception as e: raise RequestException('Network error: {}'.format(e)) if r.status_code == 401: if 'WWW-Authenticate' not in r.headers: raise RequestException( 'HTTP Authentication type cannot be determined ' 'because there is no response header "WWW-Authenticate"') respheader = r.headers['WWW-Authenticate'].lower() if 'basic' in respheader: return AuthMode.BASIC elif 'digest' in respheader: return AuthMode.DIGEST elif 'ntlm' in respheader: return AuthMode.NTLM else: return AuthMode.UNKNOWN else: return AuthMode.UNKNOWN
def try_auth(self, username, password): if self.interface == 'admin-console': # We need to retrieve ViewState value r = Requester.get(self.interface_url) m = re.search('<input type="hidden" name="javax\.faces\.ViewState" ' \ 'id="javax\.faces\.ViewState" value="(?P<viewstate>.*?)"', r.text) if not m: raise RequestException( 'Unable to retrieve ViewState from {}'.format( self.interface_url)) data = OrderedDict([ ("login_form", "login_form"), ("login_form:name", username), ("login_form:password", password), ("login_form:submit", "Login"), ("javax.faces.ViewState", m.group('viewstate')), ]) # We also need to retrieve JSESSIONID value m = re.search( r'JSESSIONID=(?P<jsessionid>.*); Path=\/admin-console', r.headers['Set-Cookie']) if not m: raise RequestException('Unable to retrieve JSESSIONID value ' \ 'from {}'.format(self.interface_url)) r = Requester.post(self.interface_url, data, headers={ 'Cookie': 'JSESSIONID={}'.format( m.group('jsessionid')) }, allow_redirects=False) status = ('name="login_form:password"' not in r.text \ and 'Not logged in' not in r.text) return status elif self.interface == 'jmx-console': r = Requester.http_auth(self.interface_url, self.http_auth_type, username, password) return (r.status_code != 401) elif self.interface == 'management': r = Requester.http_auth(self.interface_url, self.http_auth_type, username, password) return (r.status_code != 401) elif self.interface == 'web-console': r = Requester.http_auth(self.interface_url, self.http_auth_type, username, password) return (r.status_code != 401) else: raise AuthException( 'No auth interface found during initialization')
def post(url, data, headers={}, allow_redirects=True): headers['User-Agent'] = USER_AGENT try: r = requests.post(url, data=data, verify=False, headers=headers, timeout=Globals.timeout, allow_redirects=allow_redirects) return r except Exception as e: raise RequestException('Network error: {}'.format(e))
def _get_salt(self, url): r = Requester.get(url) m = re.search( '<input name="salt" type="hidden" value="(?P<salt>\S+?)">', r.text) if not m: raise RequestException( 'Unable to retrieve salt from {}'.format(url)) else: return m.group('salt')
def get(url, params={}, headers={}, cookies=None, allow_redirects=True): headers['User-Agent'] = USER_AGENT try: r = requests.get(url, params=params, headers=headers, cookies=cookies, verify=False, timeout=Globals.timeout, allow_redirects=allow_redirects) return r except Exception as e: raise RequestException('Network error: {}'.format(e))
def http_auth(url, auth_type, username, password, headers={}): if auth_type == AuthMode.BASIC: auth = requests.auth.HTTPBasicAuth(username, password) elif auth_type == AuthMode.DIGEST: auth = requests.auth.HTTPDigestAuth(username, password) elif auth_type == AuthMode.NTLM: auth = requests_ntlm.HttpNtlmAuth(username, password) else: return None headers['User-Agent'] = USER_AGENT try: r = requests.get(url, headers=headers, auth=auth, verify=False, timeout=Globals.timeout) return r except Exception as e: raise RequestException('Network error: {}'.format(e))