def inbound_sync_listener():
    """Initialize a delta inbound sync between the inbound queue and sawtooth."""
    LOGGER.info("Starting inbound sync listener...")

    LOGGER.info("Connecting to RethinkDB...")
    connect_to_db()
    LOGGER.info("Successfully connected to RethinkDB!")

    while True:
        try:
            queue_entry = peek_at_queue(INBOUND_QUEUE)
            LOGGER.info(
                "Received queue entry %s from outbound queue...", queue_entry["id"]
            )

            data_type = queue_entry["data_type"]
            LOGGER.info("Putting %s into Sawtooth...", data_type)
            # TODO: Validate queue_entry.
            # TODO: Transform or reject invalid entries.
            # TODO: Get queue_entry object from NEXT state table.
            # TODO: Update object or create if it doesn't exist.
            LOGGER.debug(queue_entry)

            LOGGER.info("Putting queue entry into changelog...")
            put_entry_changelog(queue_entry, DIRECTION)

            LOGGER.info("Deleting queue entry from outbound queue...")
            entry_id = queue_entry["id"]
            delete_entry_queue(entry_id, INBOUND_QUEUE)
        except ExpectedError as err:
            time.sleep(DELAY)
        except Exception as err:
            LOGGER.exception(err)
            raise err
def outbound_sync_listener():
    """Initialize a delta outbound sync with Azure Active Directory."""
    LOGGER.info("Starting outbound sync listener...")

    LOGGER.info("Connecting to RethinkDB...")
    connect_to_db()
    LOGGER.info("Successfully connected to RethinkDB!")

    while True:
        try:
            queue_entry = peek_at_queue(OUTBOUND_QUEUE, TENANT_ID)
            LOGGER.info("Received queue entry %s from outbound queue...",
                        queue_entry["id"])

            data_type = queue_entry["data_type"]
            LOGGER.info("Putting %s into aad...", data_type)
            if is_entry_in_aad(queue_entry):
                update_entry_aad(queue_entry)
            else:
                create_entry_aad(queue_entry)

            LOGGER.info("Putting queue entry into changelog...")
            put_entry_changelog(queue_entry, "outbound")

            LOGGER.info("Deleting queue entry from outbound queue...")
            entry_id = queue_entry["id"]
            delete_entry_queue(entry_id, OUTBOUND_QUEUE)
        except ExpectedError as err:
            LOGGER.debug(
                ("%s Repolling after %s seconds...", err.__str__, DELAY))
            time.sleep(DELAY)
        except Exception as err:
            LOGGER.exception(err)
            raise err
def create_user_aad(queue_entry):
    """Creates a given user in AAD."""
    headers = AUTH.check_token("POST")
    if headers:
        url = ("%s/%s/users", GRAPH_URL, GRAPH_VERSION)
        try:
            aad_user = outbound_user_creation_filter(queue_entry["data"],
                                                     "azure")
        except ValueError:
            LOGGER.warning(
                "Unable to create user in AAD, displayName and email required: %s",
                queue_entry,
            )
            raise ExpectedError(
                "Unable to create user without display name and email.")
        aad_user["passwordProfile"] = {
            "password": str(uuid4())[:16],
            "forceChangePasswordNextSignIn": True,
        }
        response = requests.post(url=url, headers=headers, json=aad_user)
        if response.status_code == 201:
            delete_entry_queue(queue_entry["id"], OUTBOUND_QUEUE)
        else:
            LOGGER.warning("Unable to create user in AAD: %s", queue_entry)
            raise ExpectedError("Unable to create user.")
예제 #4
0
def process_ldap_outbound():
    """
        While there are items in OUTBOUND_QUEUE table, get earliest entry in table.
        Check if entry is in ldap and process the entry accordingly. Once processed,
        record entry in changelog and delete the entry from the outbound queue.
    """
    connect_to_db()
    ldap_conn = connect_to_ldap()

    while not r.table(OUTBOUND_QUEUE).filter({"provider_id": LDAP_DC}).is_empty().run():
        queue_entry = peek_at_queue(table_name=OUTBOUND_QUEUE, provider_id=LDAP_DC)
        if is_entry_in_ad(queue_entry, ldap_conn):
            update_entry_ldap(queue_entry, ldap_conn)
        else:
            create_entry_ldap(queue_entry, ldap_conn)
        put_entry_changelog(queue_entry, DIRECTION)
        queue_entry_id = queue_entry["id"]
        delete_entry_queue(queue_entry_id, OUTBOUND_QUEUE)
def create_group_aad(queue_entry):
    """Creates a given group in aad."""
    headers = AUTH.check_token("POST")
    if headers:
        url = ("%s/%s/groups", GRAPH_URL, GRAPH_VERSION)
        try:
            aad_group = outbound_group_creation_filter(queue_entry["data"],
                                                       "azure")
        except ValueError:
            LOGGER.warning("Unable to create group in AAD, mailNickname: %s",
                           queue_entry)
            raise ExpectedError(
                "Unable to create group without display name and email.")
        response = requests.post(url=url, headers=headers, json=aad_group)
        if response.status_code == 201:
            delete_entry_queue(queue_entry["id"], OUTBOUND_QUEUE)
        else:
            LOGGER.warning("Unable to create group in AAD: %s", queue_entry)
            raise ExpectedError("Unable to create group.")