def _check_user_identity( self) -> Tuple[bool, Optional[UserIdentityNegotiation]]: """Check the user's response to a User Identity request. Returns ------- bool True if the user identity has been confirmed, False otherwise. pdu_primitives.UserIdentityNegotiation or None The negotiation response, if a positive response is requested, otherwise None. """ # pylint: disable=broad-except # The UserIdentityNegotiation (request) item req = self.requestor.user_identity if req is None: return True, None try: rsp = evt.trigger( self.assoc, evt.EVT_USER_ID, { "user_id_type": req.user_identity_type, "primary_field": req.primary_field, "secondary_field": req.secondary_field, }) except NotImplementedError: # If the user hasn't implemented identity negotiation then # default to accepting the association return True, None except Exception as exc: # If the user has implemented identity negotiation but an exception # occurred then reject the association LOGGER.error("Exception in handler bound to 'evt.EVT_USER_ID'") LOGGER.exception(exc) return False, None identity_verified, response = cast(Tuple[bool, Optional[bytes]], rsp) if not identity_verified: # Reject association as the user isn't authorised return False, None if req.user_identity_type in [3, 4, 5]: if req.positive_response_requested and response is not None: try: rsp = UserIdentityNegotiation() rsp.server_response = response return True, rsp except Exception as exc: # > If the acceptor doesn't support user identification it # > will accept the association without making a positive # > response LOGGER.error( "Unable to set the User Identity Negotiation's " "'server_response'") LOGGER.exception(exc) return True, None return True, None
def add_user_identity(self, primitive, id_type, primary, secondary, response): """Add User Identity to the A-ASSOCIATE primitive.""" item = UserIdentityNegotiation() item.user_identity_type = id_type item.primary_field = primary item.secondary_field = secondary item.positive_response_requested = response primitive.user_information.append(item)
def test_conversion(self): """ Check converting to PDU item works correctly """ primitive = UserIdentityNegotiation() # -RQ primitive.user_identity_type = 1 primitive.primary_field = b'test' item = primitive.from_primitive() primitive.user_identity_type = 2 primitive.secondary_field = b'' with pytest.raises(ValueError): item = primitive.from_primitive() # -AC primitive = UserIdentityNegotiation() primitive.server_response = b'Test' item = primitive.from_primitive() assert item.encode() == b'\x59\x00\x00\x06\x00\x04\x54\x65\x73\x74'
def test_string(self): """Check string output.""" primitive = UserIdentityNegotiation() primitive.user_identity_type = 1 primitive.positive_response_requested = True primitive.primary_field = b'\x00\x01' primitive.secondary_field = b'\x00\x21' assert 'requested: True' in primitive.__str__() assert 'type: 1' in primitive.__str__() assert 'Primary' in primitive.__str__() assert 'Secondary' in primitive.__str__() primitive.server_response = b'\x00\x31' assert 'Server response' in primitive.__str__()
def test_assignment_and_exceptions(self): """ Check incorrect types/values for properties raise exceptions """ primitive = UserIdentityNegotiation() for type_no in [1, 2, 3, 4, 5]: primitive.user_identity_type = type_no assert primitive.user_identity_type == type_no with pytest.raises(ValueError): primitive.user_identity_type = 6 with pytest.raises(TypeError): primitive.user_identity_type = 'a' primitive.positive_response_requested = True assert primitive.positive_response_requested with pytest.raises(TypeError): primitive.positive_response_requested = 'test' primitive.primary_field = b'\x00\x01' assert primitive.primary_field == b'\x00\x01' with pytest.raises(TypeError): primitive.primary_field = ['test'] primitive.secondary_field = b'\x00\x21' assert primitive.secondary_field == b'\x00\x21' primitive.secondary_field = None assert primitive.secondary_field is None with pytest.raises(TypeError): primitive.secondary_field = ['test'] primitive.server_response = b'\x00\x31' assert primitive.server_response == b'\x00\x31' with pytest.raises(TypeError): primitive.server_response = ['test'] primitive = UserIdentityNegotiation() with pytest.raises(ValueError): primitive.from_primitive() primitive.user_identity_type = 2 with pytest.raises(ValueError): primitive.from_primitive()
def test_string(self): """Check string output.""" primitive = UserIdentityNegotiation() primitive.user_identity_type = 1 primitive.positive_response_requested = True primitive.primary_field = b"\x00\x01" primitive.secondary_field = b"\x00\x21" assert "requested: True" in primitive.__str__() assert "type: 1" in primitive.__str__() assert "Primary" in primitive.__str__() assert "Secondary" in primitive.__str__() primitive.server_response = b"\x00\x31" assert "Server response" in primitive.__str__()
def add_user_identity_rsp(self, primitive): """Add User Identity (rsp) to the A-ASSOCIATE primitive.""" item = UserIdentityNegotiation() item.server_response = b'this is the response' primitive.user_information.append(item)
from pynetdicom import (AE, StoragePresentationContexts, QueryRetrievePresentationContexts, build_role) from pynetdicom.pdu_primitives import UserIdentityNegotiation ae = AE() # Contexts proposed as a QR SCU ae.requested_contexts = QueryRetrievePresentationContexts # Contexts supported as a Storage SCP - requires Role Selection ae.requested_contexts = StoragePresentationContexts # Add role selection items for the storage contexts we will be supporting # as an SCP negotiation_items = [] for context in StoragePresentationContexts: role = build_role(context.abstract_syntax, scp_role=True) negotiation_items.append(role) # Add user identity negotiation request user_identity = UserIdentityNegotiation() user_identity.user_identity_type = 2 user_identity.primary_field = b'username' user_identity.secondary_field = b'password' negotiation_items.append(user_identity) # Associate with the peer at IP address 127.0.0.1 and port 11112 assoc = ae.associate('127.0.0.1', 11112, ext_neg=negotiation_items) if assoc.is_established: assoc.release()
def _check_user_identity(self): """Check the user's response to a User Identity request. Returns ------- bool True if the user identity has been confirmed, False otherwise. pdu_primitives.UserIdentityNegotiation or None The negotiation response, if a positive response is requested, otherwise None. """ # pylint: disable=broad-except # The UserIdentityNegotiation (request) item req = self.assoc.requestor.user_identity try: default = evt.get_default_handler(evt.EVT_USER_ID) if self.assoc.get_handlers(evt.EVT_USER_ID) != default: identity_verified, response = evt.trigger( self.assoc, evt.EVT_USER_ID, { 'user_id_type' : req.user_identity_type, 'primary_field' : req.primary_field, 'secondary_field' : req.secondary_field, } ) else: identity_verified, response = self.assoc.ae.on_user_identity( req.user_identity_type, req.primary_field, req.secondary_field, { 'requestor' : self.assoc.requestor.info, } ) except NotImplementedError: # If the user hasn't implemented identity negotiation then # default to accepting the association return True, None except Exception as exc: # If the user has implemented identity negotiation but an exception # occurred then reject the association LOGGER.error("Exception in handling user identity negotiation") LOGGER.exception(exc) return False, None if not identity_verified: # Reject association as the user isn't authorised return False, None if req.user_identity_type in [3, 4, 5]: if req.positive_response_requested and response is not None: try: rsp = UserIdentityNegotiation() rsp.server_response = response return True, rsp except Exception as exc: # > If the acceptor doesn't support user identification it # > will accept the association without making a positive # > response LOGGER.error( "Unable to set the User Identity Negotiation's " "'server_response'" ) LOGGER.exception(exc) return True, None return True, None