def GET(self):
try:
pyDict = {}
data = param_input()
response = get(str(data.file_location),
cert=config_get('webui', 'usercert'),
verify=False)
if not response.ok:
response.raise_for_status()
cont = response.content
file_like_object = BytesIO(cont)
tar = open(mode='r:gz', fileobj=file_like_object)
for member in tar.getmembers():
if member.name == str(data.file_name):
try:
f = tar.extractfile(member)
pyDict['content'] = f.read(16000000)
pyDict['size'] = f.tell()
jsonResponse = dumps(pyDict)
tar.close()
return jsonResponse
except UnicodeDecodeError:
f = tar.extractfile(member)
out = GzipFile(fileobj=f)
pyDict['content'] = out.read(16000000)
pyDict['size'] = out.tell()
jsonResponse = dumps(pyDict)
tar.close()
return jsonResponse
return "ok"
except ConnectionError, err:
raise generate_http_error(503, str(type(err)), str(err))
def GET(self): # pylint:disable=no-self-use,invalid-name
""" GET """
params = param_input()
url = '/r2d2?'
for key, value in params.items():
url += key + '=' + value + '&'
seeother(url[:-1])
def GET(self):
""" GET """
render = template.render(join(dirname(__file__), 'templates/'))
data = param_input()
if hasattr(data, 'account') and data.account:
account = data.account
else:
account = None
return render.login(account)
def GET(self): # pylint:disable=no-self-use,invalid-name
""" GET """
data = param_input()
try:
return oidc_auth(data.account, data.issuer)
except:
raise generate_http_error(
401, 'CannotAuthenticate',
'Cannot get token OIDC auth url from the server.')
def POST(self):
SAML_PATH = config_get('saml', 'config_path')
request = ctx.env
data = dict(param_input())
req = prepare_webpy_request(request, data)
auth = OneLogin_Saml2_Auth(req, custom_base_path=SAML_PATH)
auth.process_response()
errors = auth.get_errors()
if not errors:
if auth.is_authenticated():
setcookie('saml-nameid', value=auth.get_nameid(), path='/')
def POST(self):
if not EXTRA_MODULES['onelogin']:
header('X-Rucio-Auth-Token', None)
return "SAML not configured on the server side."
SAML_PATH = config_get('saml', 'config_path')
req = prepare_saml_request(ctx.env, dict(param_input()))
auth = OneLogin_Saml2_Auth(req, custom_base_path=SAML_PATH)
auth.process_response()
errors = auth.get_errors()
if not errors:
if auth.is_authenticated():
setcookie('saml-nameid', value=auth.get_nameid(), path='/')
def GET(self): # pylint:disable=no-self-use,invalid-name
""" GET """
data = param_input()
try:
if not MULTI_VO:
ui_vo = 'def'
elif hasattr(data, 'vo') and data.vo:
ui_vo = data.vo
else:
ui_vo = None
return oidc_auth(data.account, data.issuer, ui_vo)
except:
raise generate_http_error(
401, 'CannotAuthenticate',
'Cannot get token OIDC auth url from the server.')
def GET(self):
try:
data = param_input()
response = get(str(data.file_location),
cert=config_get('webui', 'usercert'),
verify=False)
if not response.ok:
response.raise_for_status()
cont = response.content
file_like_object = BytesIO(cont)
tar = open(mode='r:gz', fileobj=file_like_object)
jsonResponse = {}
for member in tar.getmembers():
jsonResponse[member.name] = member.size
header('Content-Type', 'application/json')
return dumps(jsonResponse)
except ConnectionError, err:
raise generate_http_error(503, str(type(err)), str(err))
def GET(self):
"""
HTTP Success:
200 OK
HTTP Error:
401 Unauthorized
:param Rucio-VO: VO name as a string (Multi-VO only)
:param Rucio-Account: Account identifier as a string.
:param Rucio-Username: Username as a string.
:param Rucio-Password: Password as a string.
:param Rucio-AppID: Application identifier as a string.
:returns: "X-Rucio-SAML-Auth-URL" as a variable-length string header.
"""
header('Access-Control-Allow-Origin', ctx.env.get('HTTP_ORIGIN'))
header('Access-Control-Allow-Headers',
ctx.env.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS'))
header('Access-Control-Allow-Methods', '*')
header('Access-Control-Allow-Credentials', 'true')
header('Access-Control-Expose-Headers', 'X-Rucio-Auth-Token')
header('Content-Type', 'application/octet-stream')
header('Cache-Control',
'no-cache, no-store, max-age=0, must-revalidate')
header('Cache-Control', 'post-check=0, pre-check=0', False)
header('Pragma', 'no-cache')
if not EXTRA_MODULES['onelogin']:
header('X-Rucio-Auth-Token', None)
return "SAML not configured on the server side."
saml_nameid = cookies().get('saml-nameid')
vo = ctx.env.get('HTTP_X_RUCIO_VO', 'def')
account = ctx.env.get('HTTP_X_RUCIO_ACCOUNT')
appid = ctx.env.get('HTTP_X_RUCIO_APPID')
if appid is None:
appid = 'unknown'
ip = ctx.env.get('HTTP_X_FORWARDED_FOR')
if ip is None:
ip = ctx.ip
if saml_nameid:
try:
result = get_auth_token_saml(account,
saml_nameid,
appid,
ip,
vo=vo)
except AccessDenied:
raise generate_http_error(
401, 'CannotAuthenticate',
'Cannot authenticate to account %(account)s with given credentials'
% locals())
except RucioException as error:
raise generate_http_error(500, error.__class__.__name__,
error.args[0])
except Exception as error:
print(format_exc())
raise InternalError(error)
if not result:
raise generate_http_error(
401, 'CannotAuthenticate',
'Cannot authenticate to account %(account)s with given credentials'
% locals())
header('X-Rucio-Auth-Token', result.token)
header('X-Rucio-Auth-Token-Expires',
date_to_str(result.expired_at))
return str()
# Path to the SAML config folder
SAML_PATH = config_get('saml', 'config_path')
request = ctx.env
data = dict(param_input())
req = prepare_saml_request(request, data)
auth = OneLogin_Saml2_Auth(req, custom_base_path=SAML_PATH)
header('X-Rucio-SAML-Auth-URL', auth.login())
return str()
def POST(self):
""" POST """
data = param_input()
return saml_auth("POST", data=data)
def GET(self):
""" GET """
data = param_input()
return saml_auth("GET", data=data)
def POST(self):
""" POST """
data = param_input()
return userpass_auth(data, None)
def GET(self): # pylint:disable=no-self-use,invalid-name
""" GET """
data = param_input()
return x509token_auth(data)
def POST(self):
""" POST """
data = param_input()
return log_in(data, None)
