def test(self, instance_name, username, password): instance = self.get_instance(instance_name) try: yield step_log('Testing oauth server @ {}'.format(instance['server']['dns'])) yield message_log('Checking server health') try: status = requests.get(instance['server']['dns'], verify=True).status_code except requests.exceptions.SSLError: yield error_log('SSL certificate verification failed') yield message_log('Continuing test without certificate check') try: status = requests.get(instance['server']['dns'], verify=False).status_code except requests.ConnectionError: yield raising_error_log('Connection error, check nginx is running, and dns resolves as expected.') except: yield raising_error_log('Unknown error trying to access oauth server. Check params and try again') else: if status == 500: yield raising_error_log('Error on oauth server, Possible causes:\n - ldap configuration error (bad server url?)\n - Mongodb configuration error (bad replicaset name or hosts list?)\nCheck osiris log for more information.') elif status == 502: yield raising_error_log('Server not respoding at {}. Check that:\n - osiris process is running\n - nginx upstream definition is pointing to the right host:port.'.format(instance['server']['dns'])) elif status == 504: yield raising_error_log('Gateway timeout. Probably oauth server is giving timeout trying to contact ldap server') elif status == 404: yield raising_error_log('There\'s no oauth server at {}. Chech there\'s an nginx entry for this server.'.format(instance['server']['dns'])) elif status != 200: yield raising_error_log('Server {} responded with {} code. Check osiris logs.'.format(instance['server']['dns'], status)) yield message_log('Retrieving token for "{}"'.format(username)) token = self.get_token(instance['server']['dns'], username, password) succeeded_retrieve_token = token is not None if not succeeded_retrieve_token: yield raising_error_log('Error retreiving token. Check username/password and try again') yield message_log('Checking retreived token') succeeded_check_token = self.check_token(instance['server']['dns'], username, token) if not succeeded_check_token: yield raising_error_log('Error retreiving token') if succeeded_check_token and succeeded_retrieve_token: yield success_log('Oauth server check passed') else: yield raising_error_log('Oauth server check failed') except StepError as error: yield error_log(error.message)
def remove_bypass_allowed_ip(self, ip): configured_ips = self.get_instance_allowed_ips() allowed_ips = list(set(configured_ips) - set([ip])) if not set(allowed_ips).symmetric_difference(set(configured_ips)): return message_log('No changes to allowed ips on {}/customizeme.cfg'.format(self.buildout.folder)) customizations = { 'osiris-config': { 'allowed_ips': allowed_ips, } } self.buildout.configure_file('customizeme.cfg', customizations) return success_log('Succesfully updated allowed ips on {}/customizeme.cfg'.format(self.buildout.folder))
def reload_nginx_configuration(self): yield step_log('Reloading nginx configuration') yield message_log('Testing configuration') yield self.test_nginx() yield self.reload_nginx()