Esempio n. 1
0
File: main.py Progetto: afcarl/rucio
 def GET(self):
     try:
         pyDict = {}
         data = param_input()
         response = get(str(data.file_location),
                        cert=config_get('webui', 'usercert'),
                        verify=False)
         if not response.ok:
             response.raise_for_status()
         cont = response.content
         file_like_object = BytesIO(cont)
         tar = open(mode='r:gz', fileobj=file_like_object)
         for member in tar.getmembers():
             if member.name == str(data.file_name):
                 try:
                     f = tar.extractfile(member)
                     pyDict['content'] = f.read(16000000)
                     pyDict['size'] = f.tell()
                     jsonResponse = dumps(pyDict)
                     tar.close()
                     return jsonResponse
                 except UnicodeDecodeError:
                     f = tar.extractfile(member)
                     out = GzipFile(fileobj=f)
                     pyDict['content'] = out.read(16000000)
                     pyDict['size'] = out.tell()
                     jsonResponse = dumps(pyDict)
                     tar.close()
                     return jsonResponse
                 return "ok"
     except ConnectionError, err:
         raise generate_http_error(503, str(type(err)), str(err))
Esempio n. 2
0
File: main.py Progetto: afcarl/rucio
 def GET(self):  # pylint:disable=no-self-use,invalid-name
     """ GET """
     params = param_input()
     url = '/r2d2?'
     for key, value in params.items():
         url += key + '=' + value + '&'
     seeother(url[:-1])
Esempio n. 3
0
 def GET(self):
     """ GET """
     render = template.render(join(dirname(__file__), 'templates/'))
     data = param_input()
     if hasattr(data, 'account') and data.account:
         account = data.account
     else:
         account = None
     return render.login(account)
Esempio n. 4
0
 def GET(self):  # pylint:disable=no-self-use,invalid-name
     """ GET """
     data = param_input()
     try:
         return oidc_auth(data.account, data.issuer)
     except:
         raise generate_http_error(
             401, 'CannotAuthenticate',
             'Cannot get token OIDC auth url from the server.')
Esempio n. 5
0
    def POST(self):
        SAML_PATH = config_get('saml', 'config_path')
        request = ctx.env
        data = dict(param_input())
        req = prepare_webpy_request(request, data)
        auth = OneLogin_Saml2_Auth(req, custom_base_path=SAML_PATH)

        auth.process_response()
        errors = auth.get_errors()
        if not errors:
            if auth.is_authenticated():
                setcookie('saml-nameid', value=auth.get_nameid(), path='/')
Esempio n. 6
0
    def POST(self):

        if not EXTRA_MODULES['onelogin']:
            header('X-Rucio-Auth-Token', None)
            return "SAML not configured on the server side."

        SAML_PATH = config_get('saml', 'config_path')
        req = prepare_saml_request(ctx.env, dict(param_input()))
        auth = OneLogin_Saml2_Auth(req, custom_base_path=SAML_PATH)

        auth.process_response()
        errors = auth.get_errors()
        if not errors:
            if auth.is_authenticated():
                setcookie('saml-nameid', value=auth.get_nameid(), path='/')
Esempio n. 7
0
 def GET(self):  # pylint:disable=no-self-use,invalid-name
     """ GET """
     data = param_input()
     try:
         if not MULTI_VO:
             ui_vo = 'def'
         elif hasattr(data, 'vo') and data.vo:
             ui_vo = data.vo
         else:
             ui_vo = None
         return oidc_auth(data.account, data.issuer, ui_vo)
     except:
         raise generate_http_error(
             401, 'CannotAuthenticate',
             'Cannot get token OIDC auth url from the server.')
Esempio n. 8
0
File: main.py Progetto: afcarl/rucio
 def GET(self):
     try:
         data = param_input()
         response = get(str(data.file_location),
                        cert=config_get('webui', 'usercert'),
                        verify=False)
         if not response.ok:
             response.raise_for_status()
         cont = response.content
         file_like_object = BytesIO(cont)
         tar = open(mode='r:gz', fileobj=file_like_object)
         jsonResponse = {}
         for member in tar.getmembers():
             jsonResponse[member.name] = member.size
         header('Content-Type', 'application/json')
         return dumps(jsonResponse)
     except ConnectionError, err:
         raise generate_http_error(503, str(type(err)), str(err))
Esempio n. 9
0
    def GET(self):
        """
        HTTP Success:
            200 OK

        HTTP Error:
            401 Unauthorized

        :param Rucio-VO: VO name as a string (Multi-VO only)
        :param Rucio-Account: Account identifier as a string.
        :param Rucio-Username: Username as a string.
        :param Rucio-Password: Password as a string.
        :param Rucio-AppID: Application identifier as a string.
        :returns: "X-Rucio-SAML-Auth-URL" as a variable-length string header.
        """

        header('Access-Control-Allow-Origin', ctx.env.get('HTTP_ORIGIN'))
        header('Access-Control-Allow-Headers',
               ctx.env.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS'))
        header('Access-Control-Allow-Methods', '*')
        header('Access-Control-Allow-Credentials', 'true')
        header('Access-Control-Expose-Headers', 'X-Rucio-Auth-Token')

        header('Content-Type', 'application/octet-stream')
        header('Cache-Control',
               'no-cache, no-store, max-age=0, must-revalidate')
        header('Cache-Control', 'post-check=0, pre-check=0', False)
        header('Pragma', 'no-cache')

        if not EXTRA_MODULES['onelogin']:
            header('X-Rucio-Auth-Token', None)
            return "SAML not configured on the server side."

        saml_nameid = cookies().get('saml-nameid')
        vo = ctx.env.get('HTTP_X_RUCIO_VO', 'def')
        account = ctx.env.get('HTTP_X_RUCIO_ACCOUNT')
        appid = ctx.env.get('HTTP_X_RUCIO_APPID')
        if appid is None:
            appid = 'unknown'
        ip = ctx.env.get('HTTP_X_FORWARDED_FOR')
        if ip is None:
            ip = ctx.ip

        if saml_nameid:
            try:
                result = get_auth_token_saml(account,
                                             saml_nameid,
                                             appid,
                                             ip,
                                             vo=vo)
            except AccessDenied:
                raise generate_http_error(
                    401, 'CannotAuthenticate',
                    'Cannot authenticate to account %(account)s with given credentials'
                    % locals())
            except RucioException as error:
                raise generate_http_error(500, error.__class__.__name__,
                                          error.args[0])
            except Exception as error:
                print(format_exc())
                raise InternalError(error)

            if not result:
                raise generate_http_error(
                    401, 'CannotAuthenticate',
                    'Cannot authenticate to account %(account)s with given credentials'
                    % locals())

            header('X-Rucio-Auth-Token', result.token)
            header('X-Rucio-Auth-Token-Expires',
                   date_to_str(result.expired_at))
            return str()

        # Path to the SAML config folder
        SAML_PATH = config_get('saml', 'config_path')

        request = ctx.env
        data = dict(param_input())
        req = prepare_saml_request(request, data)
        auth = OneLogin_Saml2_Auth(req, custom_base_path=SAML_PATH)

        header('X-Rucio-SAML-Auth-URL', auth.login())
        return str()
Esempio n. 10
0
 def POST(self):
     """ POST """
     data = param_input()
     return saml_auth("POST", data=data)
Esempio n. 11
0
 def GET(self):
     """ GET """
     data = param_input()
     return saml_auth("GET", data=data)
Esempio n. 12
0
 def POST(self):
     """ POST """
     data = param_input()
     return userpass_auth(data, None)
Esempio n. 13
0
 def GET(self):  # pylint:disable=no-self-use,invalid-name
     """ GET """
     data = param_input()
     return x509token_auth(data)
Esempio n. 14
0
 def POST(self):
     """ POST """
     data = param_input()
     return log_in(data, None)