def _complete_login(self, environ, start_response): """Complete the OpenID authentication process. Here we handle the result of the OpenID process. If the process succeeded, we record the username in the session and redirect the user to the page they were trying to view that triggered the login attempt. In the various failures cases we return a 401 Unauthorized response with a brief explanation of what went wrong. """ query = dict(parse_querystring(environ)) # Passing query['openid.return_to'] here is massive cheating, but # given we control the endpoint who cares. response = self._make_consumer(environ).complete( query, query['openid.return_to']) if response.status == SUCCESS: self.log.error('open id response: SUCCESS') sreg_info = SRegResponse.fromSuccessResponse(response) if not sreg_info: self.log.error('sreg_info is None.') exc = HTTPUnauthorized() exc.explanation = ( "You don't have a Launchpad account. Check that you're " "logged in as the right user, or log into Launchpad and try " "again.") raise exc environ[self.session_var]['identity_url'] = response.identity_url environ[self.session_var]['user'] = sreg_info['nickname'] raise HTTPMovedPermanently(query['back_to']) elif response.status == FAILURE: self.log.error('open id response: FAILURE: %s', response.message) exc = HTTPUnauthorized() exc.explanation = response.message raise exc elif response.status == CANCEL: self.log.error('open id response: CANCEL') exc = HTTPUnauthorized() exc.explanation = "Authentication cancelled." raise exc else: self.log.error('open id response: UNKNOWN') exc = HTTPUnauthorized() exc.explanation = "Unknown OpenID response." raise exc
def _complete_login(self, environ, start_response): """Complete the OpenID authentication process. Here we handle the result of the OpenID process. If the process succeeded, we record the username in the session and redirect the user to the page they were trying to view that triggered the login attempt. In the various failures cases we return a 401 Unauthorized response with a brief explanation of what went wrong. """ query = dict(parse_querystring(environ)) # Passing query['openid.return_to'] here is massive cheating, but # given we control the endpoint who cares. response = self._make_consumer(environ).complete( query, query['openid.return_to']) if response.status == SUCCESS: self.log.error('open id response: SUCCESS') sreg_info = SRegResponse.fromSuccessResponse(response) if not sreg_info: self.log.error('sreg_info is None.') exc = HTTPUnauthorized() exc.explanation = ( "You don't have a Launchpad account. Check that you're " "logged in as the right user, or log into Launchpad and try " "again.") raise exc environ[self.session_var]['user'] = sreg_info['nickname'] raise HTTPMovedPermanently(query['back_to']) elif response.status == FAILURE: self.log.error('open id response: FAILURE: %s', response.message) exc = HTTPUnauthorized() exc.explanation = response.message raise exc elif response.status == CANCEL: self.log.error('open id response: CANCEL') exc = HTTPUnauthorized() exc.explanation = "Authentication cancelled." raise exc else: self.log.error('open id response: UNKNOWN') exc = HTTPUnauthorized() exc.explanation = "Unknown OpenID response." raise exc
def __call__(self, environ, start_response): environ['loggerhead.static.url'] = environ['SCRIPT_NAME'] if environ['PATH_INFO'].startswith('/static/'): path_info_pop(environ) return static_app(environ, start_response) elif environ['PATH_INFO'] == '/favicon.ico': return favicon_app(environ, start_response) elif environ['PATH_INFO'] == '/robots.txt': return robots_app(environ, start_response) elif environ['PATH_INFO'].startswith('/+login'): return self._complete_login(environ, start_response) elif environ['PATH_INFO'].startswith('/+logout'): return self._logout(environ, start_response) path = environ['PATH_INFO'] trailingSlashCount = len(path) - len(path.rstrip('/')) user = environ[self.session_var].get('user', LAUNCHPAD_ANONYMOUS) lp_server = get_lp_server(user, branch_transport=self.get_transport()) lp_server.start_server() try: try: transport_type, info, trail = self.branchfs.translatePath( user, urlutils.escape(path)) except xmlrpclib.Fault as f: if check_fault(f, faults.PathTranslationError): raise HTTPNotFound() elif check_fault(f, faults.PermissionDenied): # If we're not allowed to see the branch... if environ['wsgi.url_scheme'] != 'https': # ... the request shouldn't have come in over http, as # requests for private branches over http should be # redirected to https by the dynamic rewrite script we # use (which runs before this code is reached), but # just in case... env_copy = environ.copy() env_copy['wsgi.url_scheme'] = 'https' raise HTTPMovedPermanently(construct_url(env_copy)) elif user != LAUNCHPAD_ANONYMOUS: # ... if the user is already logged in and still can't # see the branch, they lose. exc = HTTPUnauthorized() exc.explanation = "You are logged in as %s." % user raise exc else: # ... otherwise, lets give them a chance to log in # with OpenID. return self._begin_login(environ, start_response) else: raise if transport_type != BRANCH_TRANSPORT: raise HTTPNotFound() trail = urlutils.unescape(trail).encode('utf-8') trail += trailingSlashCount * '/' amount_consumed = len(path) - len(trail) consumed = path[:amount_consumed] branch_name = consumed.strip('/') self.log.info('Using branch: %s', branch_name) if trail and not trail.startswith('/'): trail = '/' + trail environ['PATH_INFO'] = trail environ['SCRIPT_NAME'] += consumed.rstrip('/') branch_url = lp_server.get_url() + branch_name branch_link = urlparse.urljoin( config.codebrowse.launchpad_root, branch_name) cachepath = os.path.join( config.codebrowse.cachepath, branch_name[1:]) if not os.path.isdir(cachepath): os.makedirs(cachepath) self.log.info('branch_url: %s', branch_url) base_api_url = allvhosts.configs['api'].rooturl branch_api_url = '%s/%s/%s' % ( base_api_url, 'devel', branch_name, ) self.log.info('branch_api_url: %s', branch_api_url) req = urllib2.Request(branch_api_url) private = False try: # We need to determine if the branch is private response = urllib2.urlopen(req) except urllib2.HTTPError as response: code = response.getcode() if code in (400, 401, 403, 404): # There are several error codes that imply private data. # 400 (bad request) is a default error code from the API # 401 (unauthorized) should never be returned as the # requests are always from anon. If it is returned # however, the data is certainly private. # 403 (forbidden) is obviously private. # 404 (not found) implies privacy from a private team or # similar situation, which we hide as not existing rather # than mark as forbidden. self.log.info("Branch is private") private = True self.log.info( "Branch state not determined; api error, return code: %s", code) response.close() else: self.log.info("Branch is public") response.close() try: bzr_branch = safe_open( lp_server.get_url().strip(':/'), branch_url) except errors.NotBranchError as err: self.log.warning('Not a branch: %s', err) raise HTTPNotFound() bzr_branch.lock_read() try: view = BranchWSGIApp( bzr_branch, branch_name, {'cachepath': cachepath}, self.graph_cache, branch_link=branch_link, served_url=None, private=private) return view.app(environ, start_response) finally: bzr_branch.repository.revisions.clear_cache() bzr_branch.repository.signatures.clear_cache() bzr_branch.repository.inventories.clear_cache() if bzr_branch.repository.chk_bytes is not None: bzr_branch.repository.chk_bytes.clear_cache() bzr_branch.repository.texts.clear_cache() bzr_branch.unlock() finally: lp_server.stop_server()
def __call__(self, environ, start_response): request_is_private = (environ['SERVER_PORT'] == str( config.codebrowse.private_port)) environ['loggerhead.static.url'] = environ['SCRIPT_NAME'] if environ['PATH_INFO'].startswith('/static/'): path_info_pop(environ) return static_app(environ, start_response) elif environ['PATH_INFO'] == '/favicon.ico': return favicon_app(environ, start_response) elif environ['PATH_INFO'] == '/robots.txt': return robots_app(environ, start_response) elif not request_is_private: if environ['PATH_INFO'].startswith('/+login'): return self._complete_login(environ, start_response) elif environ['PATH_INFO'].startswith('/+logout'): return self._logout(environ, start_response) path = environ['PATH_INFO'] trailingSlashCount = len(path) - len(path.rstrip('/')) if request_is_private: # Requests on the private port are internal API requests from # something that has already performed security checks. As # such, they get read-only access to everything. identity_url = LAUNCHPAD_SERVICES user = LAUNCHPAD_SERVICES else: identity_url = environ[self.session_var].get( 'identity_url', LAUNCHPAD_ANONYMOUS) user = environ[self.session_var].get('user', LAUNCHPAD_ANONYMOUS) lp_server = get_lp_server(identity_url, branch_transport=self.get_transport()) lp_server.start_server() try: try: branchfs = self.get_branchfs() transport_type, info, trail = branchfs.translatePath( identity_url, urlutils.escape(path)) except xmlrpclib.Fault as f: if check_fault(f, faults.PathTranslationError): raise HTTPNotFound() elif check_fault(f, faults.PermissionDenied): # If we're not allowed to see the branch... if environ['wsgi.url_scheme'] != 'https': # ... the request shouldn't have come in over http, as # requests for private branches over http should be # redirected to https by the dynamic rewrite script we # use (which runs before this code is reached), but # just in case... env_copy = environ.copy() env_copy['wsgi.url_scheme'] = 'https' raise HTTPMovedPermanently(construct_url(env_copy)) elif user != LAUNCHPAD_ANONYMOUS: # ... if the user is already logged in and still can't # see the branch, they lose. exc = HTTPUnauthorized() exc.explanation = "You are logged in as %s." % user raise exc else: # ... otherwise, lets give them a chance to log in # with OpenID. return self._begin_login(environ, start_response) else: raise if transport_type != BRANCH_TRANSPORT: raise HTTPNotFound() trail = urlutils.unescape(trail).encode('utf-8') trail += trailingSlashCount * '/' amount_consumed = len(path) - len(trail) consumed = path[:amount_consumed] branch_name = consumed.strip('/') self.log.info('Using branch: %s', branch_name) if trail and not trail.startswith('/'): trail = '/' + trail environ['PATH_INFO'] = trail environ['SCRIPT_NAME'] += consumed.rstrip('/') branch_url = lp_server.get_url() + branch_name branch_link = urlparse.urljoin(config.codebrowse.launchpad_root, branch_name) cachepath = os.path.join(config.codebrowse.cachepath, branch_name[1:]) if not os.path.isdir(cachepath): os.makedirs(cachepath) self.log.info('branch_url: %s', branch_url) private = info['private'] if private: self.log.info("Branch is private") else: self.log.info("Branch is public") try: bzr_branch = safe_open(lp_server.get_url().strip(':/'), branch_url) except errors.NotBranchError as err: self.log.warning('Not a branch: %s', err) raise HTTPNotFound() bzr_branch.lock_read() try: view = BranchWSGIApp(bzr_branch, branch_name, {'cachepath': cachepath}, self.graph_cache, branch_link=branch_link, served_url=None, private=private) return view.app(environ, start_response) finally: bzr_branch.repository.revisions.clear_cache() bzr_branch.repository.signatures.clear_cache() bzr_branch.repository.inventories.clear_cache() if bzr_branch.repository.chk_bytes is not None: bzr_branch.repository.chk_bytes.clear_cache() bzr_branch.repository.texts.clear_cache() bzr_branch.unlock() finally: lp_server.stop_server()