def server_check(arg):
"""Check and format --server arg
"""
if arg.startswith(('http://', 'https://', 'http+unix://')):
return arg
if arg.startswith('./'):
arg = os.path.abspath(arg)
elif not arg.startswith('/'):
raise argparse.ArgumentTypeError(
'Unix socket path must start with / or ./')
# assume it is a unix socket
return 'http+unix://{}'.format(url_escape(arg, ''))
def server_check(arg):
"""Check and format --server arg
"""
if arg.startswith(('http://', 'https://', 'http+unix://')):
return arg
if arg.startswith('./'):
arg = os.path.abspath(arg)
elif not arg.startswith('/'):
raise argparse.ArgumentTypeError(
'Unix socket path must start with / or ./')
# assume it is a unix socket
return 'http+unix://{}'.format(url_escape(arg, ''))
def parse_config(args):
parser = ConfigParser(interpolation=ExtendedInterpolation())
parser.optionxform = str
with args.configfile as f:
parser.read_file(f)
config = dict()
for s in CONFIG_SPECIALS:
config[s] = dict()
# add env
parser['ENV'] = {
k: v.replace('$', '$$') for k, v in os.environ.items()
if not set(v).intersection('\r\n\x00')}
# parse globals first
if parser.has_section('global'):
for opt, val in parser.items('global'):
if opt in CONFIG_SPECIALS:
raise ValueError('"%s" is an invalid '
'[global] option' % opt)
config[opt] = val
config['tls_verify_client'] = parser.getboolean(
'global', 'tls_verify_client', fallback=False)
config['debug'] = parser.getboolean(
'global', 'debug', fallback=False)
if args.debug:
config['debug'] = True
config['auditlog'] = os.path.abspath(
config.get('auditlog', 'custodia.audit.log'))
config['umask'] = int(config.get('umask', '027'), 8)
url = config.get('server_url')
sock = config.get('server_socket')
if bool(url) == bool(sock):
raise ValueError("Exactly one of 'server_url' or "
"'server_socket' is required.")
if sock:
server_socket = os.path.abspath(sock)
config['server_url'] = 'http+unix://{}/'.format(
url_escape(server_socket, ''))
# set umask before any plugin gets a chance to create a file
os.umask(config['umask'])
for s in parser.sections():
if s in {'ENV', 'global'}:
# ENV section is only used for interpolation
continue
if s.startswith('/'):
menu = 'consumers'
name = s
else:
if s.startswith('auth:'):
menu = 'authenticators'
name = s[5:]
elif s.startswith('authz:'):
menu = 'authorizers'
name = s[6:]
elif s.startswith('store:'):
menu = 'stores'
name = s[6:]
else:
raise ValueError('Invalid section name [%s].\n' % s)
try:
config[menu][name] = _create_plugin(parser, s, menu)
except Exception as e:
raise RuntimeError(menu, name, e)
# Attach stores to other plugins
attach_store('auth:', config['authenticators'], config['stores'])
attach_store('authz:', config['authorizers'], config['stores'])
attach_store('', config['consumers'], config['stores'])
attach_store('store:', config['stores'], config['stores'])
return config
def parse_config(args):
defaults = {
# Do not use getfqdn(). Internaly it calls gethostbyaddr which might
# perform a DNS query.
'hostname': socket.gethostname(),
}
parser = ConfigParser(interpolation=ExtendedInterpolation(),
defaults=defaults)
parser.optionxform = str
with args.configfile as f:
parser.read_file(f)
config = dict()
for s in CONFIG_SPECIALS:
config[s] = dict()
# add env
parser['ENV'] = {
k: v.replace('$', '$$')
for k, v in os.environ.items() if not set(v).intersection('\r\n\x00')
}
# parse globals first
if parser.has_section('global'):
for opt, val in parser.items('global'):
if opt in CONFIG_SPECIALS:
raise ValueError('"%s" is an invalid ' '[global] option' % opt)
config[opt] = val
config['tls_verify_client'] = parser.getboolean('global',
'tls_verify_client',
fallback=False)
config['debug'] = parser.getboolean('global', 'debug', fallback=False)
if args.debug:
config['debug'] = True
config['auditlog'] = os.path.abspath(
config.get('auditlog', 'custodia.audit.log'))
config['umask'] = int(config.get('umask', '027'), 8)
url = config.get('server_url')
sock = config.get('server_socket')
if bool(url) == bool(sock):
raise ValueError("Exactly one of 'server_url' or "
"'server_socket' is required.")
if sock:
server_socket = os.path.abspath(sock)
config['server_url'] = 'http+unix://{}/'.format(
url_escape(server_socket, ''))
# set umask before any plugin gets a chance to create a file
os.umask(config['umask'])
for s in parser.sections():
if s in {'ENV', 'global'}:
# ENV section is only used for interpolation
continue
if s.startswith('/'):
menu = 'consumers'
name = s
else:
if s.startswith('auth:'):
menu = 'authenticators'
name = s[5:]
elif s.startswith('authz:'):
menu = 'authorizers'
name = s[6:]
elif s.startswith('store:'):
menu = 'stores'
name = s[6:]
else:
raise ValueError('Invalid section name [%s].\n' % s)
try:
config[menu][name] = _create_plugin(parser, s, menu)
except Exception as e:
raise RuntimeError(menu, name, e)
# Attach stores to other plugins
attach_store('auth:', config['authenticators'], config['stores'])
attach_store('authz:', config['authorizers'], config['stores'])
attach_store('', config['consumers'], config['stores'])
attach_store('store:', config['stores'], config['stores'])
return config