def submitcsr(self):
msg = ''
if self.environ.get('REQUEST_METHOD') == 'POST':
if int(self.environ.get('CONTENT_LENGTH', 0)) != 0:
fd = self.environ['wsgi.input']
params = {}
for exp in fd.readline().split('&'):
tmp2 = exp.split('=')
params[tmp2[0]] = urllib.unquote('='.join(
tmp2[1:])).strip()
if not csrf(params):
msg = "Try again from our fine server please."
elif params.get('csr'):
ca = CertAuthority(CONFIG['ca'])
tmp = params['csr'].split('\n')
csr = '\n'.join([
urllib.unquote_plus(tmp[0]), '\n'.join(tmp[1:-1]),
urllib.unquote_plus(tmp[-1])
])
try:
self.ca.submit(csr)
except:
msg = "Fail<br />please submit a valid Certificate Signing Request containing your email."
else:
msg = "Success<br />Your request will be reviewed soon."
return send_template(self.resp,
'certify.html',
isadmin=authorized(self.environ,
CONFIG['admins']),
csrf=getcsrf(),
msg=msg)
def __init__(self, environ, start_response):
self.ca = CertAuthority(CONFIG['ca'])
self.environ = environ
self.resp = start_response
self.action = self.environ.get('REQUEST_URI').split('/')[2]
if not self.action.isalnum():
raise
# parse params
tmp = environ.get('REQUEST_URI').split('?')
self.params = {}
if len(tmp) > 1:
for exp in '?'.join(tmp[1:]).split('&'):
tmp2 = exp.split('=')
self.params[tmp2[0]] = '='.join(tmp2[1:])
from cryptography.fernet import Fernet
from functools import wraps
BASE_PATH = os.path.dirname(os.path.realpath(__file__))
DB_PATH = os.path.join(BASE_PATH, "db.db")
UPLOAD_FOLDER = os.path.join(BASE_PATH, "upload")
application = Flask(__name__)
application.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER
application.secret_key = 'CHANGE THIS IN PRODUCTION'
application.debug = True
from tlsauth import CertAuthority
import flask_tlsauth as tlsauth
ca = CertAuthority('sub-ca')
users = ["Users"]
application.jinja_loader = jinja2.ChoiceLoader([
application.jinja_loader,
jinja2.FileSystemLoader(os.path.join(BASE_PATH,'templates')),
])
application.add_url_rule('/tlsauth/cert/', 'cert', tlsauth.renderCert(ca))
application.add_url_rule('/tlsauth/test/', 'test', tlsauth.testAuth)
def connect_to_database():
return sqlite3.connect(DB_PATH, detect_types=sqlite3.PARSE_DECLTYPES)
def get_db():
#!/usr/bin/env python
# run with
# env/bin/uwsgi --socket 127.0.0.1:8080 --chdir $PWD/demo -pp $PWD -w tlsauth_wsgi -p 1 --virtualenv $PWD/env --py-autoreload 1
# also create a ca in ../../x509-ca - for more info see tlsauth README
from flask import Flask, Response
import os
app = Flask(__name__)
app.secret_key = 'zxcvzxcvz'
#app.debug = True
from tlsauth import CertAuthority
import flask_tlsauth as tlsauth
ca=CertAuthority('../../x509-ca')
app.debug = True
adminOs=['CA admins']
tlsauth.tlsauth_init(app, ca, groups=adminOs)
@app.route('/hello')
@tlsauth.tlsauth(groups=adminOs)
def hello():
return Response("hello world")
