예제 #1
0
def get_api_key(username, secret, endpoint_url=None):
    # Try to use a client with username/api key
    try:
        client = Client(
            username=username,
            api_key=secret,
            endpoint_url=endpoint_url,
            timeout=5)

        client['Account'].getCurrentUser()
        return secret
    except SoftLayerAPIError as e:
        if 'invalid api token' not in e.faultString.lower():
            raise

    # Try to use a client with username/password
    client = Client(endpoint_url=endpoint_url, timeout=5)
    client.authenticate_with_password(username, secret)

    user_record = client['Account'].getCurrentUser(
        mask='id, apiAuthenticationKeys')
    api_keys = user_record['apiAuthenticationKeys']
    if len(api_keys) == 0:
        return client['User_Customer'].addApiAuthenticationKey(
            id=user_record['id'])
    return api_keys[0]['authenticationKey']
예제 #2
0
파일: auth.py 프로젝트: Elu0/jumpgate
def get_new_token(credentials):
    username = lookup(credentials, 'auth', 'passwordCredentials', 'username')
    credential = lookup(credentials, 'auth', 'passwordCredentials', 'password')

    # If the 'password' is the right length, treat it as an API api_key
    if len(credential) == 64:
        client = Client(username=username, api_key=credential)
        user = client['Account'].getCurrentUser(mask=USER_MASK)
        return {'username': username,
                'api_key': credential,
                'auth_type': 'api_key',
                'tenant_id': str(user['accountId']),
                'expires': time.time() + (60 * 60 * 24)}, user
    else:
        client = Client()
        client.auth = None
        try:
            userId, tokenHash = client.authenticate_with_password(username,
                                                                  credential)
            user = client['Account'].getCurrentUser(mask=USER_MASK)
            return {'userId': userId,
                    'tokenHash': tokenHash,
                    'auth_type': 'token',
                    'tenant_id': str(user['accountId']),
                    'expires': time.time() + (60 * 60 * 24)}, user
        except SoftLayerAPIError as e:
            if e.faultCode == 'SoftLayer_Exception_User_Customer_LoginFailed':
                raise Unauthorized(e.faultString)
            raise
예제 #3
0
def get_api_key(username, secret, endpoint_url=None):
    """ Tries API-Key and password auth to get (and potentially generate) an
        API key. """
    # Try to use a client with username/api key
    try:
        client = Client(username=username, api_key=secret, endpoint_url=endpoint_url, timeout=5)

        client["Account"].getCurrentUser()
        return secret
    except SoftLayerAPIError as ex:
        if "invalid api token" not in ex.faultString.lower():
            raise

    # Try to use a client with username/password
    client = Client(endpoint_url=endpoint_url, timeout=5)
    client.authenticate_with_password(username, secret)

    user_record = client["Account"].getCurrentUser(mask="id, apiAuthenticationKeys")
    api_keys = user_record["apiAuthenticationKeys"]
    if len(api_keys) == 0:
        return client["User_Customer"].addApiAuthenticationKey(id=user_record["id"])
    return api_keys[0]["authenticationKey"]
예제 #4
0
def authenticate_with_password(username, password, question_id=None,
                               answer=None):
    client = Client()
    try:
        (user_id, user_hash) = client.authenticate_with_password(username,
                                                                 password,
                                                                 question_id,
                                                                 answer)
        session['sl_user_id'] = user_id
        session['sl_user_hash'] = user_hash
    except SoftLayerAPIError as e:
        c = 'SoftLayer_Exception_User_Customer_InvalidSecurityQuestionAnswer'
        if e.faultCode == c:
            return 'security_question'

        return False

    return True
예제 #5
0
def authenticate_with_password(username,
                               password,
                               question_id=None,
                               answer=None):
    client = Client()
    try:
        (user_id, user_hash) = client.authenticate_with_password(
            username, password, question_id, answer)
        session['sl_user_id'] = user_id
        session['sl_user_hash'] = user_hash
    except SoftLayerAPIError as e:
        c = 'SoftLayer_Exception_User_Customer_InvalidSecurityQuestionAnswer'
        if e.faultCode == c:
            return 'security_question'

        return False

    return True
예제 #6
0
def get_new_token_v3(credentials):

    credential = lookup(credentials, 'auth', 'identity', 'password', 'user',
                        'password')
    username = lookup(credentials, 'auth', 'identity', 'password', 'user',
                      'name')

    def assert_tenant(user):
        tenant = lookup(credentials, 'auth', 'tenantId')
        if tenant and str(user['accountId']) != tenant:
            raise Unauthorized('Invalid username, password or tenant id')

    # If the 'password' is the right length, treat it as an API api_key
    if len(credential) == 64:
        client = Client(username=username, api_key=credential)
        user = client['Account'].getCurrentUser(mask=USER_MASK)
        assert_tenant(user)
        return {
            'username': username,
            'api_key': credential,
            'auth_type': 'api_key',
            'tenant_id': str(user['accountId']),
            'expires': time.time() + (60 * 60 * 24)
        }, user
    else:
        client = Client()
        client.auth = None
        try:
            userId, tokenHash = client.authenticate_with_password(
                username, credential)
            user = client['Account'].getCurrentUser(mask=USER_MASK)
            assert_tenant(user)
            return {
                'userId': userId,
                'tokenHash': tokenHash,
                'auth_type': 'token',
                'tenant_id': str(user['accountId']),
                'expires': time.time() + (60 * 60 * 24)
            }, user
        except SoftLayerAPIError as e:
            if e.faultCode == 'SoftLayer_Exception_User_Customer_LoginFailed':
                raise Unauthorized(e.faultString)
            raise
예제 #7
0
    def authenticate(self, creds):
        username = lookup(creds, "auth", "passwordCredentials", "username")
        credential = lookup(creds, "auth", "passwordCredentials", "password")
        token_id = lookup(creds, "auth", "token", "id")
        if token_id:
            token = identity.token_id_driver().token_from_id(token_id)
            token_driver = identity.token_driver()
            token_driver.validate_token(token)
            username = token_driver.username(token)
            credential = token_driver.credential(token)

        def assert_tenant(user):
            tenant = lookup(creds, "auth", "tenantId") or lookup(creds, "auth", "tenantName")
            if tenant and str(user["accountId"]) != tenant:
                raise Unauthorized("Invalid username, password or tenant id")

        # If the 'password' is the right length, treat it as an API api_key
        if len(credential) == 64:
            client = Client(
                username=username,
                api_key=credential,
                endpoint_url=cfg.CONF["softlayer"]["endpoint"],
                proxy=cfg.CONF["softlayer"]["proxy"],
            )
            user = client["Account"].getCurrentUser(mask=USER_MASK)
            assert_tenant(user)
            return {"user": user, "credential": credential, "auth_type": "api_key"}
        else:
            client = Client(endpoint_url=cfg.CONF["softlayer"]["endpoint"], proxy=cfg.CONF["softlayer"]["proxy"])
            client.auth = None
            try:
                userId, tokenHash = client.authenticate_with_password(username, credential)
                user = client["Account"].getCurrentUser(mask=USER_MASK)
                assert_tenant(user)
                return {"user": user, "credential": tokenHash, "auth_type": "token"}
            except SoftLayerAPIError as e:
                if e.faultCode == "SoftLayer_Exception_User_Customer" "_LoginFailed":
                    raise Unauthorized(e.faultString)
                raise