def authenticate(url, account, key, by='name', expires=0, timestamp=None, timeout=None, request_type="xml", admin_auth=False, use_password=False, raise_on_error=False): """ Authenticate to the Zimbra server :param url: URL of Zimbra SOAP service :param account: The account to be authenticated against :param key: The preauth key of the domain of the account or a password (if admin_auth or use_password is True) :param by: If the account is specified as a name, an ID or a ForeignPrincipal :param expires: When the token expires (or 0 for default expiration) :param timestamp: When the token was requested (None for "now") :param timeout: Timeout for the communication with the server. Defaults to the urllib2-default :param request_type: Which type of request to use ("xml" (default) or "json") :param admin_auth: This request should authenticate and generate an admin token. The "key"-parameter therefore holds the admin password (implies use_password) :param use_password: The "key"-parameter holds a password. Do a password- based user authentication. :param raise_on_error: Should I raise an exception when an authentication error occurs or just return None? :return: The authentication token or None :rtype: str or None or unicode """ if timestamp is None: timestamp = int(time.time()) * 1000 pak = "" if not admin_auth: pak = preauth.create_preauth(account, key, by, expires, timestamp) if request_type == 'xml': auth_request = RequestXml() else: auth_request = RequestJson() request_data = {'account': {'by': by, '_content': account}} ns = "urn:zimbraAccount" if admin_auth: ns = "urn:zimbraAdmin" request_data['password'] = key elif use_password: request_data['password'] = {"_content": key} else: request_data['preauth'] = { 'timestamp': timestamp, 'expires': expires, '_content': pak } auth_request.add_request('AuthRequest', request_data, ns) server = Communication(url, timeout) if request_type == 'xml': response = ResponseXml() else: response = ResponseJson() server.send_request(auth_request, response) if response.is_fault(): if raise_on_error: raise AuthenticationFailed( "Cannot authenticate user: (%s) %s" % (response.get_fault_code(), response.get_fault_message())) return None return response.get_response()['AuthResponse']['authToken']['_content']
def authenticate(url, account, key, by='name', expires=0, timestamp=None, timeout=None, request_type="xml", admin_auth=False, use_password=False, raise_on_error=False): """ Authenticate to the Zimbra server :param url: URL of Zimbra SOAP service :param account: The account to be authenticated against :param key: The preauth key of the domain of the account or a password (if admin_auth or use_password is True) :param by: If the account is specified as a name, an ID or a ForeignPrincipal :param expires: When the token expires (or 0 for default expiration) :param timestamp: When the token was requested (None for "now") :param timeout: Timeout for the communication with the server. Defaults to the urllib2-default :param request_type: Which type of request to use ("xml" (default) or "json") :param admin_auth: This request should authenticate and generate an admin token. The "key"-parameter therefore holds the admin password (implies use_password) :param use_password: The "key"-parameter holds a password. Do a password- based user authentication. :param raise_on_error: Should I raise an exception when an authentication error occurs or just return None? :return: The authentication token or None :rtype: str or None or unicode """ if timestamp is None: timestamp = int(time.time()) * 1000 pak = "" if not admin_auth: pak = preauth.create_preauth(account, key, by, expires, timestamp) if request_type == 'xml': auth_request = RequestXml() else: auth_request = RequestJson() request_data = { 'account': { 'by': by, '_content': account } } ns = "urn:zimbraAccount" if admin_auth: ns = "urn:zimbraAdmin" request_data['password'] = key elif use_password: request_data['password'] = { "_content": key } else: request_data['preauth'] = { 'timestamp': timestamp, 'expires': expires, '_content': pak } auth_request.add_request( 'AuthRequest', request_data, ns ) server = Communication(url, timeout) if request_type == 'xml': response = ResponseXml() else: response = ResponseJson() server.send_request(auth_request, response) if response.is_fault(): if raise_on_error: raise AuthenticationFailed( "Cannot authenticate user: (%s) %s" % ( response.get_fault_code(), response.get_fault_message() ) ) return None return response.get_response()['AuthResponse']['authToken']
def run_admin_test(self, request_type): """ Actually do the work """ config = get_config() if config.getboolean("admin_request_test", "enabled"): # Run only if enabled token = authenticate( config.get("admin_request_test", "admin_url"), config.get("admin_request_test", "admin_account"), config.get("admin_request_test", "admin_password"), config.get("admin_request_test", "admin_account_by"), admin_auth=True, request_type=request_type ) if token is None: self.fail("Authentication with the configured settings " "was not successful") # Create an account comm = Communication(config.get("admin_request_test", "admin_url")) if request_type == "xml": request = RequestXml() else: request = RequestJson() request.set_auth_token(token) test_account = config.get("admin_request_test", "test_account") if "TEMP" in test_account: # Generate a random number and add it to the test account random.seed() temp_account = random.randint(1000000, 5000000) test_account = test_account.replace("TEMP", str(temp_account)) test_displayname = config.get( "admin_request_test", "test_displayname" ) if sys.version < '3': # Create unicode string for py2 test_displayname = test_displayname.decode("utf-8") request.add_request( "CreateAccountRequest", { "name": test_account, "password": config.get( "admin_request_test", "test_password" ), "a": { "n": "displayName", "_content": test_displayname } }, "urn:zimbraAdmin" ) if request_type == "xml": response = ResponseXml() else: response = ResponseJson() comm.send_request(request, response) if response.is_fault(): self.fail( "CreateAccount faulted. (%s) %s" % ( response.get_fault_code(), response.get_fault_message() ) ) account_id = response.get_response( )["CreateAccountResponse"]["account"]["id"] # Get account from database and compare display name to the setting request.clean() request.set_auth_token(token) response.clean() request.add_request( "GetAccountRequest", { "account": { "by": "name", "_content": test_account } }, "urn:zimbraAdmin" ) comm.send_request(request, response) if response.is_fault(): self.fail( "GetAccount faulted. (%s) %s" % ( response.get_fault_code(), response.get_fault_message() ) ) returned_name = get_value( response.get_response()["GetAccountResponse"]["account"]["a"], "displayName" ) self.assertEqual( returned_name, test_displayname, "Zimbra didn't save the display name as requested." ) # Try to log in as the new account user_token = authenticate( config.get("admin_request_test", "url"), test_account, config.get("admin_request_test", "test_password"), "name", request_type=request_type, use_password=True ) if user_token is None: self.fail("Cannot log in as the test user.") # Remove account request.clean() response.clean() request.set_auth_token(token) request.add_request( "DeleteAccountRequest", { "id": account_id }, "urn:zimbraAdmin" ) comm.send_request(request, response) if response.is_fault(): self.fail( "Cannot remove test account: (%s) %s" % ( response.get_fault_code(), response.get_fault_message() ) )
def run_admin_test(self, request_type): """ Actually do the work """ config = get_config() if config.getboolean("admin_request_test", "enabled"): # Run only if enabled token = authenticate(config.get("admin_request_test", "admin_url"), config.get("admin_request_test", "admin_account"), config.get("admin_request_test", "admin_password"), config.get("admin_request_test", "admin_account_by"), admin_auth=True, request_type=request_type) if token is None: self.fail("Authentication with the configured settings " "was not successful") # Create an account comm = Communication(config.get("admin_request_test", "admin_url")) if request_type == "xml": request = RequestXml() else: request = RequestJson() request.set_auth_token(token) request.add_request( "CreateAccountRequest", { "name": config.get("admin_request_test", "test_account"), "password": config.get("admin_request_test", "test_password") }, "urn:zimbraAdmin") if request_type == "xml": response = ResponseXml() else: response = ResponseJson() comm.send_request(request, response) if response.is_fault(): self.fail( "CreateAccount faulted. (%s) %s" % (response.get_fault_code(), response.get_fault_message())) account_id = response.get_response( )["CreateAccountResponse"]["account"]["id"] # Try to log in as the new account user_token = authenticate(config.get("admin_request_test", "url"), config.get("admin_request_test", "test_account"), config.get("admin_request_test", "test_password"), "name", request_type=request_type, use_password=True) if user_token is None: self.fail("Cannot log in as the test user.") # Remove account request.clean() response.clean() request.set_auth_token(token) request.add_request("DeleteAccountRequest", {"id": account_id}, "urn:zimbraAdmin") comm.send_request(request, response) if response.is_fault(): self.fail( "Cannot remove test account: (%s) %s" % (response.get_fault_code(), response.get_fault_message()))