def fetch_auth_results(req): try: jbox_cookie = req.get_cookie(AuthHandler.AUTH_COOKIE) if jbox_cookie is None: return None jbox_cookie = json.loads(base64.b64decode(jbox_cookie)) sign = signstr(jbox_cookie['s'] + jbox_cookie['t'], AuthHandler._config['sesskey']) if sign != jbox_cookie['x']: AuthHandler.log_info("signature mismatch for " + jbox_cookie['s']) d = isodate.parse_datetime(jbox_cookie['t']) age = (datetime.datetime.now(pytz.utc) - d).total_seconds() if age > AuthHandler.AUTH_VALID_SECS: AuthHandler.log_info("cookie older than allowed days: " + jbox_cookie['t']) return None jbox_cookie['creds'] = AuthHandler.CRED_STORE[ jbox_cookie['s']].to_json() return jbox_cookie except: AuthHandler.log_error( "exception while converting cookie to auth results") traceback.print_exc() return None
def _extract_msg(msg): srep = json.dumps([msg['cmd'], msg['data']]) sign = signstr(srep, JBoxAsyncJob.ENCKEY) if sign == msg['sign']: return msg['cmd'], msg['data'] JBoxAsyncJob.log_error("signature mismatch. expected [%s], got [%s], srep [%s]", sign, msg['sign'], srep) raise ValueError("invalid signature for cmd: %s, data: %s" % (msg['cmd'], msg['data']))
def set_session_cookie(self, user_id): t = datetime.datetime.now(pytz.utc).isoformat() sign = signstr(user_id + t, self.config('sesskey')) jbox_cookie = {'u': user_id, 't': t, 'x': sign} self.set_cookie(AuthHandler.AUTH_COOKIE, base64.b64encode(json.dumps(jbox_cookie)))
def chk_and_launch_docker(self, sessname, creds, authtok, user_id): cont = JBoxContainer.get_by_name(sessname) nhops = int(self.get_argument('h', 0)) self.log_debug("got hop " + repr(nhops) + " for session " + repr(sessname)) self.log_debug("have existing container for " + repr(sessname) + ": " + repr(None != cont)) if cont is not None: self.log_debug("container running: " + str(cont.is_running())) if ((None == cont) or (not cont.is_running())) and (not CloudHelper.should_accept_session()): if None != cont: cont.backup() cont.delete() self.clear_container_cookies() self.set_header('Connection', 'close') self.request.connection.no_keep_alive = True if nhops > self.config('numhopmax', 0): self.rendertpl("index.tpl", cfg=self.config(), state=self.state( error="Maximum number of JuliaBox instances active. Please try after sometime.", success='')) else: self.redirect('/?h=' + str(nhops + 1)) else: cont = JBoxContainer.launch_by_name(sessname, user_id, True) (shellport, uplport, ipnbport) = cont.get_host_ports() sign = signstr(sessname + str(shellport) + str(uplport) + str(ipnbport), self.config("sesskey")) self.set_container_cookies({ "sessname": sessname, "hostshell": shellport, "hostupload": uplport, "hostipnb": ipnbport, "sign": sign }) self.set_lb_tracker_cookie() self.rendertpl("ipnbsess.tpl", sessname=sessname, cfg=self.config(), creds=creds, authtok=authtok, user_id=user_id)
def _make_msg(cmd, data): srep = json.dumps([cmd, data]) sign = signstr(srep, JBoxAsyncJob.ENCKEY) msg = { 'cmd': cmd, 'data': data, 'sign': sign } return msg
def set_loading_state(self, user_id): sessname = unique_sessname(user_id) sign = signstr(sessname + '000', self.config("sesskey")) self.set_container_cookies({ "sessname": sessname, "hostshell": 0, "hostupload": 0, "hostipnb": 0, "loading": 1, "sign": sign }) self.set_lb_tracker_cookie()
def do_monitor_loading(self, user_id): sessname = unique_sessname(user_id) self.log_debug("Monitoring loading of session [%s] user[%s]...", sessname, user_id) cont = JBoxContainer.get_by_name(sessname) if (cont is None) or (not cont.is_running()): loading_step = int(self.get_cookie("loading", 0)) if loading_step > 30: self.log_error("Could not start instance. Session [%s] for user [%s] didn't load.", sessname, user_id) self.clear_container_cookies() self.rendertpl("index.tpl", cfg=self.config(), state=self.state( error='Could not start your instance! Please try again.', pending_activation=False, user_id=user_id)) return else: loading_step += 1 self.set_cookie("loading", str(loading_step)) self.rendertpl("loading.tpl", user_id=user_id) else: if self.config("gauth"): jbuser = JBoxUserV2(user_id) creds = jbuser.get_gtok() if creds is not None: try: creds_json = json.loads(base64.b64decode(creds)) creds_json = self.renew_creds(creds_json) authtok = creds_json['access_token'] except: self.log_warn("stale stored creds. will renew on next use. user: "******"sesskey")) self.clear_cookie("loading") self.set_container_cookies({ "sessname": sessname, "hostshell": shellport, "hostupload": uplport, "hostipnb": ipnbport, "sign": sign }) self.set_lb_tracker_cookie() self.rendertpl("ipnbsess.tpl", sessname=sessname, cfg=self.config(), creds=creds, authtok=authtok, user_id=user_id)
def chk_and_launch_docker(self, sessname, creds, authtok, user_id): cont = JBoxContainer.get_by_name(sessname) nhops = int(self.get_argument('h', 0)) self.log_debug("got hop " + repr(nhops) + " for session " + repr(sessname)) self.log_debug("have existing container for " + repr(sessname) + ": " + repr(None != cont)) if cont is not None: self.log_debug("container running: " + str(cont.is_running())) if ((None == cont) or (not cont.is_running())) and ( not CloudHelper.should_accept_session()): if None != cont: cont.backup() cont.delete() self.clear_container_cookies() self.set_header('Connection', 'close') self.request.connection.no_keep_alive = True if nhops > self.config('numhopmax', 0): self.rendertpl( "index.tpl", cfg=self.config(), state=self.state( error= "Maximum number of JuliaBox instances active. Please try after sometime.", success='')) else: self.redirect('/?h=' + str(nhops + 1)) else: cont = JBoxContainer.launch_by_name(sessname, True) (shellport, uplport, ipnbport) = cont.get_host_ports() sign = signstr( sessname + str(shellport) + str(uplport) + str(ipnbport), self.config("sesskey")) self.set_container_cookies({ "sessname": sessname, "hostshell": shellport, "hostupload": uplport, "hostipnb": ipnbport, "sign": sign }) self.set_lb_tracker_cookie() self.rendertpl("ipnbsess.tpl", sessname=sessname, cfg=self.config(), creds=creds, authtok=authtok, user_id=user_id)
def is_valid_req(cls, req): sessname = req.get_cookie("sessname") if None == sessname: return False sessname = sessname.replace('"', '') hostshell = req.get_cookie("hostshell").replace('"', '') hostupl = req.get_cookie("hostupload").replace('"', '') hostipnb = req.get_cookie("hostipnb").replace('"', '') signval = req.get_cookie("sign").replace('"', '') sign = signstr(sessname + hostshell + hostupl + hostipnb, cls._config["sesskey"]) if sign != signval: cls.log_info('not valid req. signature not matching') return False if not JBoxContainer.is_valid_container("/" + sessname, (hostshell, hostupl, hostipnb)): cls.log_info('not valid req. container deleted or ports not matching') return False return True
def is_valid_req(cls, req): sessname = req.get_cookie("sessname") if None == sessname: return False sessname = sessname.replace('"', '') hostshell = req.get_cookie("hostshell").replace('"', '') hostupl = req.get_cookie("hostupload").replace('"', '') hostipnb = req.get_cookie("hostipnb").replace('"', '') signval = req.get_cookie("sign").replace('"', '') sign = signstr(sessname + hostshell + hostupl + hostipnb, cls._config["sesskey"]) if sign != signval: cls.log_info('not valid req. signature not matching') return False if not JBoxContainer.is_valid_container( "/" + sessname, (hostshell, hostupl, hostipnb)): cls.log_info( 'not valid req. container deleted or ports not matching') return False return True
def get_session_cookie(req): try: jbox_cookie = req.get_cookie(AuthHandler.AUTH_COOKIE) if jbox_cookie is None: return None jbox_cookie = json.loads(base64.b64decode(jbox_cookie)) sign = signstr(jbox_cookie['u'] + jbox_cookie['t'], AuthHandler._config['sesskey']) if sign != jbox_cookie['x']: AuthHandler.log_info("signature mismatch for " + jbox_cookie['u']) return None d = isodate.parse_datetime(jbox_cookie['t']) age = (datetime.datetime.now(pytz.utc) - d).total_seconds() if age > AuthHandler.AUTH_VALID_SECS: AuthHandler.log_info("cookie older than allowed days: " + jbox_cookie['t']) return None return jbox_cookie except: AuthHandler.log_error("exception while reading cookie") traceback.print_exc() return None
def fetch_auth_results(req): try: jbox_cookie = req.get_cookie(JBoxHandler.AUTH_COOKIE) if jbox_cookie is None: return None jbox_cookie = json.loads(base64.b64decode(jbox_cookie)) sign = signstr(jbox_cookie['s'] + jbox_cookie['t'], AuthHandler._config['sesskey']) if sign != jbox_cookie['x']: AuthHandler.log_info("signature mismatch for " + jbox_cookie['s']) d = isodate.parse_datetime(jbox_cookie['t']) age = (datetime.datetime.now(pytz.utc) - d).total_seconds() if age > JBoxHandler.AUTH_VALID_SECS: AuthHandler.log_info("cookie older than allowed days: " + jbox_cookie['t']) return None jbox_cookie['creds'] = AuthHandler.CRED_STORE[jbox_cookie['s']].to_json() return jbox_cookie except: AuthHandler.log_error("exception while converting cookie to auth results") traceback.print_exc() return None
def get_session_cookie(self): try: jbox_cookie = self.get_cookie(JBoxHandler.AUTH_COOKIE) if jbox_cookie is None: return None jbox_cookie = json.loads(base64.b64decode(jbox_cookie)) sign = signstr(jbox_cookie['u'] + jbox_cookie['t'], JBoxHandler._config['sesskey']) if sign != jbox_cookie['x']: self.log_info("signature mismatch for " + jbox_cookie['u']) return None d = isodate.parse_datetime(jbox_cookie['t']) age = (datetime.datetime.now(pytz.utc) - d).total_seconds() if age > JBoxHandler.AUTH_VALID_SECS: self.log_info("cookie older than allowed days: " + jbox_cookie['t']) return None return jbox_cookie except: self.log_error("exception while reading cookie") traceback.print_exc() return None
def do_monitor_loading(self, user_id): sessname = unique_sessname(user_id) self.log_debug("Monitoring loading of session [%s] user[%s]...", sessname, user_id) cont = JBoxContainer.get_by_name(sessname) if (cont is None) or (not cont.is_running()): loading_step = int(self.get_cookie("loading", 0)) if loading_step > 30: self.log_error( "Could not start instance. Session [%s] for user [%s] didn't load.", sessname, user_id) self.clear_container_cookies() self.rendertpl( "index.tpl", cfg=self.config(), state=self.state( error= 'Could not start your instance! Please try again.', pending_activation=False, user_id=user_id)) return else: loading_step += 1 self.set_cookie("loading", str(loading_step)) self.rendertpl("loading.tpl", user_id=user_id) else: if self.config("gauth"): jbuser = JBoxUserV2(user_id) creds = jbuser.get_gtok() if creds is not None: try: creds_json = json.loads(base64.b64decode(creds)) creds_json = self.renew_creds(creds_json) authtok = creds_json['access_token'] except: self.log_warn( "stale stored creds. will renew on next use. user: "******"sesskey")) self.clear_cookie("loading") self.set_container_cookies({ "sessname": sessname, "hostshell": shellport, "hostupload": uplport, "hostipnb": ipnbport, "sign": sign }) self.set_lb_tracker_cookie() self.rendertpl("ipnbsess.tpl", sessname=sessname, cfg=self.config(), creds=creds, authtok=authtok, user_id=user_id)
def set_lb_tracker_cookie(self): self.set_cookie('lb', signstr(CloudHost.instance_id(), self.config('sesskey')), expires_days=30)
def set_lb_tracker_cookie(self): self.set_cookie('lb', signstr(CloudHelper.instance_id(), self.config('sesskey')), expires_days=30)
def _make_msg(cmd, data): srep = json.dumps([cmd, data]) sign = signstr(srep, JBoxAsyncJob.ENCKEY) msg = {"cmd": cmd, "data": data, "sign": sign} return msg