def do_verify(environ, start_response, _): query = parse_qs(get_post(environ)) logger.debug("do_verify: %s" % query) try: _ok, user = verify_username_and_password(query) except KeyError: _ok = False user = None if not _ok: resp = Unauthorized("Unknown user or wrong password") else: uid = rndstr(24) IDP.cache.uid2user[uid] = user IDP.cache.user2uid[user] = uid logger.debug("Register %s under '%s'" % (user, uid)) kaka = set_cookie("idpauthn", "/", uid, query["authn_reference"][0]) lox = "%s?id=%s&key=%s" % (query["redirect_uri"][0], uid, query["key"][0]) logger.debug("Redirect => %s" % lox) resp = Redirect(lox, headers=[kaka], content="text/html") return resp(environ, start_response)
def unpack_post(self): _dict = parse_qs(get_post(self.environ)) logger.debug("unpack_post:: %s", _dict) try: return dict([(k, v[0]) for k, v in _dict.items()]) except Exception: return None
def do_verify(environ, start_response, _, session): query = parse_qs(get_post(environ)) logger.debug("do_verify: %s" % query) try: _ok, user = verify_username_and_password(query) except KeyError: _ok = False user = None if not _ok: resp = Unauthorized("Unknown user or wrong password") else: uid = rndstr(24) IDP.cache.uid2user[uid] = user IDP.cache.user2uid[user] = uid logger.debug("Register %s under '%s'" % (user, uid)) cval = {"uid": user, "authn_ref": query["authn_reference"][0]} headers = [CookieHandler.create_cookie("%s" % (cval,), "sso", COOKIE_NAME)] lox = "%s?id=%s&key=%s" % (query["redirect_uri"][0], uid, query["key"][0]) logger.debug("Redirect => %s" % lox) resp = Redirect(lox, content="text/html", headers=headers) return resp(environ, start_response)
def do_verify(environ, start_response, _): query = parse_qs(get_post(environ)) logger.debug("do_verify: %s", query) try: _ok, user = verify_username_and_password(query) except KeyError: _ok = False user = None if not _ok: resp = Unauthorized("Unknown user or wrong password") else: uid = rndstr(24) IDP.cache.uid2user[uid] = user IDP.cache.user2uid[user] = uid logger.debug("Register %s under '%s'", user, uid) kaka = set_cookie("idpauthn", "/", uid, query["authn_reference"][0]) lox = "%s?id=%s&key=%s" % (query["redirect_uri"][0], uid, query["key"][0]) logger.debug("Redirect => %s", lox) resp = Redirect(lox, headers=[kaka], content="text/html") return resp(environ, start_response)
def unpack_post(self): _dict = parse_qs(get_post(self.environ)) logger.debug("unpack_post:: %s" % _dict) try: return dict([(k, v[0]) for k, v in list(_dict.items())]) except Exception: return None
def handle(self, environ, tester, service, binding): _sh = tester.sh qs = get_post(environ).decode('utf8') resp = dict([(k, v[0]) for k, v in parse_qs(qs).items()]) filename = self.kwargs['profile_handler'](_sh).log_path( _sh['conv'].test_id) return tester.do_next(resp, filename)
def unpack_post(self): post_body = get_post(self.environ).decode("utf-8") _dict = parse_qs(post_body) logger.debug("unpack_post:: %s" % _dict) try: return dict([(k, v[0]) for k, v in _dict.items()]) except IOError: return None
def unpack_post(self): post_data = get_post(self.environ) _dict = parse_qs(post_data if isinstance(post_data, str) else post_data .decode('utf-8')) logger.debug("unpack_post:: %s", _dict) try: return dict([(k, v[0]) for k, v in _dict.items()]) except Exception: return None
def unpack_soap(environ): """ Unpacks a SAML soap request query string. :param environ: whiskey application environment. :return: A dictionary with parameters. """ try: query = get_post(environ) return {"SAMLResponse": query, "RelayState": ""} except IOError: return None
def urlhandler_acs_post(self, sh, environ, local_webenv, path, start_response, tester, webio): formdata = get_post(environ).decode('utf8') resp = dict([(k, v[0]) for k, v in parse_qs(formdata).items()]) try: test_id = sh['conv'].test_id except KeyError as err: test_id = None if not test_id: """ Do we have been initialized already, or is the user just on the wrong page ? """ if not resp: return tester.display_test_list() """ In other words: we've been contacted by robobrowser and are in a different environment now, than the code expects us to be. .... Hopefully, trickery and recreating of the environment will lead mostly to more intended effects than unintended ones. This is unfinished business: You can add other bindings here, to expand what RB can be used to test. """ try: txt = resp['SAMLResponse'] xmlstr = Entity.unravel(txt, BINDING_HTTP_POST) except Exception as e: msg = 'Decoding not supported in the SP' raise Exception(msg) rsp = samlp.any_response_from_string(xmlstr) original_request_id = rsp.in_response_to requester_session = self.session_store.get_session_by_conv_id(original_request_id) # recreating the environment. lets hope it is somewhat reentrant resistant sh = requester_session webio = WebIO(session=sh, **local_webenv) webio.environ = environ webio.start_response = start_response tester = Tester(webio, sh, **local_webenv) profile_handler = local_webenv['profile_handler'] _sh = profile_handler(sh) # filename = self.webenv['profile_handler'](sh).log_path(test_id) # _sh.session.update({'conv': 'foozbar'}) logfilename = _sh.log_path(test_id) content = do_next(tester, resp, sh, webio, logfilename, path) return content
def unpack_post(environ): """ Unpacks a post request query string. :param environ: whiskey application environment. :return: A dictionary with parameters. """ post_body = get_post(environ).decode("utf-8") data = None if environ["CONTENT_TYPE"] == "application/x-www-form-urlencoded": data = dict(parse_qsl(post_body)) elif environ["CONTENT_TYPE"] == "application/json": data = json.loads(post_body) LOGGER.debug("unpack_post:: %s", data) return data
def do_verify(environ, start_response, _user): query = parse_qs(get_post(environ)) logger.debug("do_verify: %s" % query) _ok, user = verify_username_and_password(query) if not _ok: resp = Unauthorized("Unknown user or wrong password") else: id = rndstr() IDP.authn[id] = user logger.debug("Register %s under '%s'" % (user, id)) kaka = set_cookie("idpauthn", "/", id) lox = "http://%s%s?id=%s&key=%s" % (environ["HTTP_HOST"], query["came_from"][0], id, query["key"][0]) logger.debug("Redirect => %s" % lox) resp = Redirect(lox, headers=[kaka], content="text/html") return resp(environ, start_response)
def unpack_soap(self): try: query = get_post(self.environ) return {"SAMLRequest": query, "RelayState": ""} except Exception: return None
def unpack_soap(self): try: query = get_post(self.environ) return {"SAMLResponse": query, "RelayState": ""} except IOError: return None
def unpack_post(self): _dict = parse_qs(get_post(self.environ).decode('utf8')) logger.debug("unpack_post:: %s", _dict) return dict([(k, v[0]) for k, v in _dict.items()])
def unpack_post(self): _dict = parse_qs(get_post(self.environ).decode("utf8")) logger.debug("unpack_post:: %s", _dict) return dict([(k, v[0]) for k, v in _dict.items()])
def unpack_post(environ): try: return dict([(k,v[0]) for k,v in parse_qs(get_post(environ))]) except Exception: return None
def application(self, environ, start_response): LOGGER.info("Connection from: %s" % environ["REMOTE_ADDR"]) session = environ['beaker.session'] path = environ.get('PATH_INFO', '').lstrip('/') LOGGER.info("path: %s" % path) try: sh = session['session_info'] except KeyError: sh = SessionHandler(**self.webenv) sh.session_init() session['session_info'] = sh webio = WebIO(session=sh, **self.webenv) webio.environ = environ webio.start_response = start_response tester = Tester(webio, sh, **self.webenv) if path == "robots.txt": return webio.static("static/robots.txt") elif path == "favicon.ico": return webio.static("static/favicon.ico") elif path.startswith('acs/site/static'): path = path[4:] return webio.static(path) elif path.startswith("site/static/") or path.startswith('static/'): return webio.static(path) elif path.startswith("export/"): return webio.static(path) if path == "" or path == "/": # list return tester.display_test_list() elif "flow_names" not in sh: sh.session_init() if path == "logs": return webio.display_log("log", issuer="", profile="", testid="") elif path.startswith("log"): if path == "log" or path == "log/": _cc = webio.conf.CLIENT try: _iss = _cc["srv_discovery_url"] except KeyError: _iss = _cc["provider_info"]["issuer"] parts = [quote_plus(_iss)] else: parts = [] while path != "log": head, tail = os.path.split(path) # tail = tail.replace(":", "%3A") # if tail.endswith("%2F"): # tail = tail[:-3] parts.insert(0, tail) path = head return webio.display_log("log", *parts) elif path.startswith("tar"): path = path.replace(":", "%3A") return webio.static(path) elif path.startswith("test_info"): p = path.split("/") try: return webio.test_info(p[1]) except KeyError: return webio.not_found() elif path == "continue": return tester.cont(environ, self.webenv) elif path == 'reset': for param in ['flow', 'flow_names', 'index', 'node', 'profile', 'sequence', 'test_info', 'test_id', 'tests']: del sh[param] return tester.display_test_list() elif path == "opresult": if tester.conv is None: return webio.sorry_response("", "No result to report") return webio.opresult(tester.conv, sh) # expected path format: /<testid>[/<endpoint>] elif path in sh["flow_names"]: resp = tester.run(path, **self.webenv) store_test_state(sh, sh['conv'].events) filename = self.webenv['profile_handler'](sh).log_path(path) if isinstance(resp, Response): res = Result(sh, self.webenv['profile_handler']) res.store_test_info() res.print_info(path, tester.fname(path)) return webio.respond(resp) else: return webio.flow_list(filename) elif path == "acs/post": qs = get_post(environ).decode('utf8') resp = dict([(k, v[0]) for k, v in parse_qs(qs).items()]) filename = self.webenv['profile_handler'](sh).log_path(tester.conv.test_id) return do_next(tester, resp, sh, webio, filename, path) elif path == "acs/redirect": qs = environ['QUERY_STRING'] resp = dict([(k, v[0]) for k, v in parse_qs(qs).items()]) filename = self.webenv['profile_handler'](sh).log_path(tester.conv.test_id) return do_next(tester, resp, sh, webio, filename, path) elif path == "acs/artifact": pass elif path == "ecp": pass elif path == "disco": pass elif path == "slo": pass else: resp = BadRequest() return resp(environ, start_response)