def twitter_headers(http_method,
url,
callback_url,
param_list,
auth_token="",
auth_token_secret=""):
#adds all the oauth parameters to a list
oauth_consumer_key = 'oauth_consumer_key=JfBWgICkZxiJijXeNpAb6F6bo'
oauth_signature_method = 'oauth_signature_method=HMAC-SHA1'
oauth_timestamp = 'oauth_timestamp=' + str(int(time.time()))
oauth_token = 'oauth_token=' + quote_plus(auth_token)
oauth_nonce = 'oauth_nonce=' + utils.make_salt()
oauth_version = 'oauth_version=1.0'
oauth_callback = 'oauth_callback=' + quote_plus(callback_url)
param_list.extend((oauth_consumer_key, oauth_nonce, oauth_signature_method,
oauth_timestamp, oauth_version, oauth_token))
oauth_signature = 'oauth_signature=' + sign_request(
param_list, http_method, url, auth_token_secret)
param_list.append(oauth_signature)
param_list = change_param_list(param_list)
#removes all empty items in the parameter list
for item in param_list:
if item.split("=")[1] == "" or item.split("=")[1] == None:
param_list.remove(item)
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': 'OAuth ' + ','.join(param_list)
}
logging.info(headers)
return headers
def new_session(cls, user_id, username):
session_id = utils.make_salt(25)
s = cls(session_id=session_id, user_id=user_id, username=username)
#if the cache is successfull, write to db
#may prevent some concurrency issues
if s.cache():
s.put()
logging.debug("NEW SESSION DB WRITE")
return s
def add_user(self, username, pubkey, hostname,
shell=None, homedir=None, password=None, uid=None,
lastchange=-1, nextchange=99999, warning=7, raw_passwd=None):
if not homedir:
homedir = "/home/{0}".format(username)
if hostname not in self.list_servers():
raise UNKNOWN_HOST(hostname)
if uid is None:
uid = self.next_uid()
else:
assert(uid >= self.min_uid)
assert(uid <= self.max_uid)
gid = uid
if lastchange < 0:
lastchange = int(time.time() / 86400)
if password is None:
password = '******'
elif raw_passwd:
password = '******' + raw_passwd
else:
password = '******' + crypt.crypt(password, "$6${0}".format(make_salt()))
ml = {
'objectClass': [ 'account',
'inetLocalMailRecipient',
'ldapPublicKey',
'posixAccount',
'shadowAccount',
'top' ],
'uid': [ username ],
'cn': [ username],
'uidNumber': [ str(uid) ],
'gidNumber': [ str(gid) ],
'loginShell': [ shell or self.default_shell ],
'homeDirectory': [ homedir ],
'shadowLastChange': [ str(lastchange) ],
'shadowMax': [ str(nextchange) ],
'shadowWarning': [ str(warning) ],
'shadowInactive': [ str(99999) ],
'shadowExpire': [ str(99999) ],
'userPassword': [ str(password) ],
'sshPublicKey': [ str(pubkey) ],
'host': [ str(hostname) ],
'mailRoutingAddress': [ '{0}@hashbang.sh'.format(username) ],
'mailHost': [ str('smtp:' + hostname) ],
}
ml = ldap.modlist.addModlist(ml)
self.con.add_s("uid={0},{1}".format(username, self.user_base), ml)
self.add_group(username, gid)
def post(self):
username = self.request.get("username")
password = self.request.get("password")
verifyPassword = self.request.get("verifyPassword")
email = self.request.get("email")
errors = {}
errorKeys = ["uError", "pError", "pvError", "eError"]
for errorKey in errorKeys:
errors[errorKey] = ""
success = True
if not username or hasSpace(username):
errors["uError"] = "Enter a valid username."
success = False
if not password or hasSpace(password):
errors["pError"] = "Enter a valid password."
success = False
if not verifyPassword or password != verifyPassword:
errors["pvError"] = "Passwords must match."
success = False
if email and not validEmail(email):
errors["eError"] = "Invalid email."
success = False
if User.user_already_exists(username):
errors["uError"] = "User already exists."
success = False
if success:
salt = make_salt()
password_hash = make_pw_hash(username, password, salt)
user = User(username=username, password_hash=password_hash, salt=salt, email=email)
user.put()
self.set_cookie("user_id", user.key().id())
self.redirect("/")
else:
self.render("signup.html", username=username, password=password, verifyPassword=verifyPassword, email=email,
**errors)
def modify_user(self, username, pubkeys=None,
shell=None, homedir=None, password=None,
uid=None, gid=None, lastchange=None,
nextchange=None, warning=None, raw_passwd=None,
hostname=None, name=None):
old = self.get_user(username)
new = copy.deepcopy(old)
if 'shadowAccount' not in new['objectClass']:
new['objectClass'].append('shadowAccount')
if 'inetLocalMailRecipient' not in new['objectClass']:
new['objectClass'].append('inetLocalMailRecipient')
if pubkeys:
if 'sshPublicKey' in new:
del(new['sshPublicKey'])
new['sshPublicKey'] = pubkeys
if shell:
if 'loginShell' in new:
del(new['loginShell'])
new['loginShell'] = [ str(shell) ]
if name:
if 'cn' in new:
del(new['cn'])
new['cn'] = [ str(name) ]
if homedir:
if 'homeDirectory' in new:
del(new['homeDirectory'])
new['homeDirectory'] = [ str(homedir) ]
if password:
password = '******' + crypt.crypt(password, "$6${0}".format(make_salt()))
if 'userPassword' in new:
del(new['userPassword'])
new['userPassword'] = [ str(password) ]
if 'shadowLastChange' in new:
del(new['shadowLastChange'])
new['shadowLastChange'] = [ str(int(time.time() / 86400)) ]
if raw_passwd:
password = '******' + raw_passwd
if 'userPassword' in new:
del(new['userPassword'])
new['userPassword'] = [ str(password) ]
if 'shadowLastChange' in new:
del(new['shadowLastChange'])
new['shadowLastChange'] = [ str(int(time.time() / 86400)) ]
if lastchange:
if 'shadowLastChange' in new:
del(new['shadowLastChange'])
new['shadowLastChange'] = [ str(int(time.time() / 86400)) ]
if uid:
if 'uidNumber' in new:
del(new['uidNumber'])
new['uidNumber'] = [ str(uid) ]
if gid:
if 'gidNumber' in new:
del(new['gidNumber'])
new['gidNumber'] = [ str(gid) ]
if 'shadowInactive' not in new:
new['shadowInactive'] = [ '99999' ]
if 'shadowExpire' not in new:
new['shadowExpire'] = [ '99999']
if hostname:
if hostname not in self.list_servers():
raise UNKNOWN_HOST(hostname)
if 'host' in new:
del(new['host'])
new['host'] = str(hostname)
if 'mailRoutingAddress' in new:
del(new['mailRoutingAddress'])
new['mailRoutingAddress'] = [ '{0}@hashbang.sh'.format(username) ]
if 'mailHost' in new:
del(new['mailHost'])
new['mailHost'] = [ 'smtp:{0}'.format(hostname) ]
ml = ldap.modlist.modifyModlist(old, new)
self.con.modify_s("uid={0},{1}".format(username, self.user_base), ml)
def add_user(self,
username,
pubkey,
hostname,
shell=None,
homedir=None,
password=None,
uid=None,
lastchange=-1,
nextchange=99999,
warning=7,
raw_passwd=None):
if not homedir:
homedir = "/home/{0}".format(username)
if hostname not in self.list_servers():
raise UNKNOWN_HOST(hostname)
if uid is None:
uid = self.next_uid()
else:
assert (uid >= self.min_uid)
assert (uid <= self.max_uid)
gid = uid
if lastchange < 0:
lastchange = int(time.time() / 86400)
if password is None:
password = '******'
elif raw_passwd:
password = '******' + raw_passwd
else:
password = '******' + crypt.crypt(password, "$6${0}".format(
make_salt()))
ml = {
'objectClass': [
'account', 'inetLocalMailRecipient', 'ldapPublicKey',
'posixAccount', 'shadowAccount', 'top'
],
'uid': [username],
'cn': [username],
'uidNumber': [str(uid)],
'gidNumber': [str(gid)],
'loginShell': [shell or self.default_shell],
'homeDirectory': [homedir],
'shadowLastChange': [str(lastchange)],
'shadowMax': [str(nextchange)],
'shadowWarning': [str(warning)],
'shadowInactive': [str(99999)],
'shadowExpire': [str(99999)],
'userPassword': [str(password)],
'sshPublicKey': [str(pubkey)],
'host': [str(hostname)],
'mailRoutingAddress': ['{0}@hashbang.sh'.format(username)],
'mailHost': [str('smtp:' + hostname)],
}
ml = ldap.modlist.addModlist(ml)
self.con.add_s("uid={0},{1}".format(username, self.user_base), ml)
self.add_group(username, gid)
def modify_user(self,
username,
pubkeys=None,
shell=None,
homedir=None,
password=None,
lastchange=None,
nextchange=None,
warning=None,
raw_passwd=None,
hostname=None,
name=None):
old = self.get_user(username)
new = copy.deepcopy(old)
if 'shadowAccount' not in new['objectClass']:
new['objectClass'].append('shadowAccount')
if 'inetLocalMailRecipient' not in new['objectClass']:
new['objectClass'].append('inetLocalMailRecipient')
if pubkeys:
if 'sshPublicKey' in new:
del (new['sshPublicKey'])
new['sshPublicKey'] = pubkeys
if shell:
if 'loginShell' in new:
del (new['loginShell'])
new['loginShell'] = [str(shell)]
if name:
if 'cn' in new:
del (new['cn'])
new['cn'] = [str(name)]
if homedir:
if 'homeDirectory' in new:
del (new['homeDirectory'])
new['homeDirectory'] = [str(homedir)]
if password:
password = '******' + crypt.crypt(password, "$6${0}".format(
make_salt()))
if 'userPassword' in new:
del (new['userPassword'])
new['userPassword'] = [str(password)]
if 'shadowLastChange' in new:
del (new['shadowLastChange'])
new['shadowLastChange'] = [str(int(time.time() / 86400))]
if raw_passwd:
password = '******' + raw_passwd
if 'userPassword' in new:
del (new['userPassword'])
new['userPassword'] = [str(password)]
if 'shadowLastChange' in new:
del (new['shadowLastChange'])
new['shadowLastChange'] = [str(int(time.time() / 86400))]
if lastchange:
if 'shadowLastChange' in new:
del (new['shadowLastChange'])
new['shadowLastChange'] = [str(int(time.time() / 86400))]
if 'shadowInactive' not in new:
new['shadowInactive'] = ['99999']
if 'shadowExpire' not in new:
new['shadowExpire'] = ['99999']
if hostname:
if hostname not in self.list_servers():
raise UNKNOWN_HOST(hostname)
if 'host' in new:
del (new['host'])
new['host'] = str(hostname)
if 'mailRoutingAddress' in new:
del (new['mailRoutingAddress'])
new['mailRoutingAddress'] = ['{0}@hashbang.sh'.format(username)]
if 'mailHost' in new:
del (new['mailHost'])
new['mailHost'] = ['smtp:{0}'.format(hostname)]
ml = ldap.modlist.modifyModlist(old, new)
self.con.modify_s("uid={0},{1}".format(username, self.user_base), ml)