def trans(request, idService, idTransport):
try:
res = getService(request, idService, idTransport)
if res is not None:
ip, ads, iads, trans, itrans = res
return itrans.getLink(ads, trans, ip, request.os, request.user, webPassword(request), request)
except Exception, e:
logger.exception("Exception")
return errors.exceptionView(request, e)
def trans(request, idService, idTransport):
try:
res = getService(request, idService, idTransport)
if res is not None:
ip, ads, iads, trans, itrans = res
return itrans.getLink(ads, trans, ip, request.os, request.user,
webPassword(request), request)
except Exception, e:
logger.exception("Exception")
return errors.exceptionView(request, e)
def transcomp(request, idTransport, componentId):
try:
# We got translated first id
trans = Transport.objects.get(uuid=idTransport.upper())
itrans = trans.getInstance()
res = itrans.getHtmlComponent(trans.uuid, OsDetector.getOsFromRequest(request), componentId)
response = HttpResponse(res[1], content_type=res[0])
response['Content-Length'] = len(res[1])
return response
except Exception, e:
return errors.exceptionView(request, e)
def service(request, idService, idTransport):
try:
res = getService(request, idService, idTransport)
if res is not None:
ip, ads, iads, trans, itrans = res
transportHtml = itrans.renderAsHtml(ads, trans, ip, request)
return render_to_response(theme.template('show_transport.html'), {'transport': transportHtml, 'nolang': True}, context_instance=RequestContext(request))
except Exception, e:
logger.exception("Exception")
return errors.exceptionView(request, e)
def transcomp(request, idTransport, componentId):
try:
# We got translated first id
trans = Transport.objects.get(uuid=idTransport.upper())
itrans = trans.getInstance()
res = itrans.getHtmlComponent(trans.uuid,
OsDetector.getOsFromRequest(request),
componentId)
response = HttpResponse(res[1], content_type=res[0])
response['Content-Length'] = len(res[1])
return response
except Exception, e:
return errors.exceptionView(request, e)
def service(request, idService, idTransport):
try:
res = getService(request, idService, idTransport)
if res is not None:
ip, ads, iads, trans, itrans = res
transportHtml = itrans.renderAsHtml(ads, trans, ip, request)
return render_to_response(theme.template('show_transport.html'), {
'transport': transportHtml,
'nolang': True
},
context_instance=RequestContext(request))
except Exception, e:
logger.exception("Exception")
return errors.exceptionView(request, e)
def authCallback(request, authName):
'''
This url is provided so external SSO authenticators can get an url for
redirecting back the users.
This will invoke authCallback of the requested idAuth and, if this represents
an authenticator that has an authCallback
'''
from uds.core import auths
try:
authenticator = Authenticator.objects.get(name=authName)
params = request.GET.copy()
params.update(request.POST)
params['_request'] = request
# params['_session'] = request.session
# params['_user'] = request.user
logger.debug('Auth callback for {0} with params {1}'.format(
authenticator, params.keys()))
user = authenticateViaCallback(authenticator, params)
os = OsDetector.getOsFromUA(request.META['HTTP_USER_AGENT'])
if user is None:
authLogLogin(request, authenticator, '{0}'.format(params),
'Invalid at auth callback')
raise auths.Exceptions.InvalidUserException()
response = HttpResponseRedirect(reverse('Index'))
webLogin(request, response, user,
'') # Password is unavailable in this case
request.session['OS'] = os
# Now we render an intermediate page, so we get Java support from user
# It will only detect java, and them redirect to Java
return response
except auths.Exceptions.Redirect as e:
return HttpResponseRedirect(request.build_absolute_uri(str(e)))
except auths.Exceptions.Logout as e:
return webLogout(request, request.build_absolute_uri(str(e)))
except Exception as e:
logger.exception('authCallback')
return errors.exceptionView(request, e)
# Will never reach this
raise RuntimeError('Unreachable point reached!!!')
def authCallback(request, authName):
"""
This url is provided so external SSO authenticators can get an url for
redirecting back the users.
This will invoke authCallback of the requested idAuth and, if this represents
an authenticator that has an authCallback
"""
from uds.core import auths
try:
authenticator = Authenticator.objects.get(name=authName)
params = request.GET.copy()
params.update(request.POST)
params['_request'] = request
# params['_session'] = request.session
# params['_user'] = request.user
logger.debug('Auth callback for {0} with params {1}'.format(authenticator, params.keys()))
user = authenticateViaCallback(authenticator, params)
os = OsDetector.getOsFromUA(request.META['HTTP_USER_AGENT'])
if user is None:
authLogLogin(request, authenticator, '{0}'.format(params), 'Invalid at auth callback')
raise auths.Exceptions.InvalidUserException()
response = HttpResponseRedirect(reverse('Index'))
webLogin(request, response, user, '') # Password is unavailable in this case
request.session['OS'] = os
# Now we render an intermediate page, so we get Java support from user
# It will only detect java, and them redirect to Java
return response
except auths.Exceptions.Redirect as e:
return HttpResponseRedirect(request.build_absolute_uri(str(e)))
except auths.Exceptions.Logout as e:
return webLogout(request, request.build_absolute_uri(str(e)))
except Exception as e:
logger.exception('authCallback')
return errors.exceptionView(request, e)
# Will never reach this
raise RuntimeError('Unreachable point reached!!!')
def transportOwnLink(request, idService, idTransport):
try:
res = userServiceManager().getService(request.user, request.ip,
idService, idTransport)
ip, userService, iads, trans, itrans = res # @UnusedVariable
# This returns a response object in fact
return itrans.getLink(userService, trans, ip, request.os, request.user,
webPassword(request), request)
except ServiceNotReadyError as e:
return render(request, theme.template('service_not_ready.html'), {
'fromLauncher': False,
'code': e.code
})
except Exception as e:
logger.exception("Exception")
return errors.exceptionView(request, e)
# Will never reach this
raise RuntimeError('Unreachable point reached!!!')
def transportOwnLink(request, idService, idTransport):
try:
res = userServiceManager().getService(request.user, request.ip, idService, idTransport)
ip, userService, iads, trans, itrans = res # @UnusedVariable
# This returns a response object in fact
return itrans.getLink(userService, trans, ip, request.os, request.user, webPassword(request), request)
except ServiceNotReadyError as e:
return render(request,
theme.template('service_not_ready.html'),
{
'fromLauncher': False,
'code': e.code
}
)
except Exception as e:
logger.exception("Exception")
return errors.exceptionView(request, e)
# Will never reach this
raise RuntimeError('Unreachable point reached!!!')
def ticketAuth(request, ticketId):
'''
Used to authenticate an user via a ticket
'''
ticket = Ticket(ticketId)
logger.debug('Ticket: {}'.format(ticket))
try:
try:
# Extract ticket.data from ticket.data storage, and remove it if success
username = ticket.data['username']
groups = ticket.data['groups']
auth = ticket.data['auth']
realname = ticket.data['realname']
servicePool = ticket.data['servicePool']
password = ticket.data['password']
transport = ticket.data['transport']
except:
logger.error('Ticket stored is not valid')
raise InvalidUserException()
# Remove ticket
ticket.delete()
auth = Authenticator.objects.get(uuid=auth)
# If user does not exists in DB, create it right now
# Add user to groups, if they exists...
grps = []
for g in groups:
try:
grps.append(auth.groups.get(uuid=g))
except Exception:
logger.debug('Group list has changed since ticket assignement')
if len(grps) == 0:
logger.error('Ticket has no valid groups')
raise Exception('Invalid ticket authentication')
usr = auth.getOrCreateUser(username, realname)
if usr is None or State.isActive(
usr.state) is False: # If user is inactive, raise an exception
raise InvalidUserException()
# Add groups to user (replace existing groups)
usr.groups = grps
# Right now, we assume that user supports java, let's see how this works
# Force cookie generation
webLogin(request, None, usr, password)
request.user = usr # Temporarily store this user as "authenticated" user, next requests will be done using session
# Check if servicePool is part of the ticket
if servicePool is not None:
servicePool = DeployedService.objects.get(uuid=servicePool)
# Check if service pool can't be accessed by groups
servicePool.validateUser(usr)
if servicePool.isInMaintenance():
raise ServiceInMaintenanceMode()
transport = Transport.objects.get(uuid=transport)
response = service(
request, 'F' + servicePool.uuid,
transport.uuid) # 'A' Indicates 'assigned service'
else:
response = HttpResponsePermanentRedirect(
reverse('uds.web.views.index'))
# Now ensure uds cookie is at response
getUDSCookie(request, response, True)
return response
except Authenticator.DoesNotExist:
logger.error('Ticket has an non existing authenticator')
return errors.error(request, InvalidUserException())
except DeployedService.DoesNotExist:
logger.error('Ticket has an invalid Service Pool')
return errors.error(request, InvalidServiceException())
except Exception as e:
logger.exception('Exception')
return errors.exceptionView(request, e)
def ticketAuth(request, ticketId):
"""
Used to authenticate an user via a ticket
"""
try:
data = TicketStore.get(ticketId, invalidate=True)
try:
# Extract ticket.data from ticket.data storage, and remove it if success
username = data['username']
groups = data['groups']
auth = data['auth']
realname = data['realname']
servicePool = data['servicePool']
password = cryptoManager().decrypt(data['password'])
transport = data['transport']
except Exception:
logger.error('Ticket stored is not valid')
raise InvalidUserException()
auth = Authenticator.objects.get(uuid=auth)
# If user does not exists in DB, create it right now
# Add user to groups, if they exists...
grps = []
for g in groups:
try:
grps.append(auth.groups.get(uuid=g))
except Exception:
logger.debug('Group list has changed since ticket assignment')
if len(grps) == 0:
logger.error('Ticket has no valid groups')
raise Exception('Invalid ticket authentication')
usr = auth.getOrCreateUser(username, realname)
if usr is None or State.isActive(usr.state) is False: # If user is inactive, raise an exception
raise InvalidUserException()
# Add groups to user (replace existing groups)
usr.groups.set(grps)
# Force cookie generation
webLogin(request, None, usr, password)
request.user = usr # Temporarily store this user as "authenticated" user, next requests will be done using session
request.session['ticket'] = '1' # Store that user access is done using ticket
logger.debug("Service & transport: {}, {}".format(servicePool, transport))
for v in DeployedService.objects.all():
logger.debug("{} {}".format(v.uuid, v.name))
# Check if servicePool is part of the ticket
if servicePool is not None:
# If service pool is in there, also is transport
res = userServiceManager().getService(request.user, request.ip, 'F' + servicePool, transport, False)
_x, userService, _x, transport, _x = res
transportInstance = transport.getInstance()
if transportInstance.ownLink is True:
link = reverse('TransportOwnLink', args=('A' + userService.uuid, transport.uuid))
else:
link = html.udsAccessLink(request, 'A' + userService.uuid, transport.uuid)
response = render(
request,
theme.template('simpleLauncher.html'),
{
'link': link
}
)
else:
response = HttpResponsePermanentRedirect(reverse('uds.web.views.index'))
# Now ensure uds cookie is at response
getUDSCookie(request, response, True)
return response
except ServiceNotReadyError as e:
return render(
request,
theme.template('service_not_ready.html'),
{
'fromLauncher': True,
'code': e.code
}
)
except TicketStore.InvalidTicket:
return render(
request,
theme.template('simpleLauncherAlreadyLaunched.html')
)
except Authenticator.DoesNotExist:
logger.error('Ticket has an non existing authenticator')
return errors.exceptionView(request, InvalidUserException())
except DeployedService.DoesNotExist:
logger.error('Ticket has an invalid Service Pool')
return errors.exceptionView(request, InvalidServiceException())
except Exception as e:
logger.exception('Exception')
return errors.exceptionView(request, e)
def ticketAuth(request, ticketId):
"""
Used to authenticate an user via a ticket
"""
try:
data = TicketStore.get(ticketId, invalidate=True)
try:
# Extract ticket.data from ticket.data storage, and remove it if success
username = data['username']
groups = data['groups']
auth = data['auth']
realname = data['realname']
servicePool = data['servicePool']
password = data['password']
transport = data['transport']
except Exception:
logger.error('Ticket stored is not valid')
raise InvalidUserException()
auth = Authenticator.objects.get(uuid=auth)
# If user does not exists in DB, create it right now
# Add user to groups, if they exists...
grps = []
for g in groups:
try:
grps.append(auth.groups.get(uuid=g))
except Exception:
logger.debug('Group list has changed since ticket assignment')
if len(grps) == 0:
logger.error('Ticket has no valid groups')
raise Exception('Invalid ticket authentication')
usr = auth.getOrCreateUser(username, realname)
if usr is None or State.isActive(usr.state) is False: # If user is inactive, raise an exception
raise InvalidUserException()
# Add groups to user (replace existing groups)
usr.groups.set(grps)
# Force cookie generation
webLogin(request, None, usr, password)
request.user = usr # Temporarily store this user as "authenticated" user, next requests will be done using session
request.session['ticket'] = '1' # Store that user access is done using ticket
logger.debug("Service & transport: {}, {}".format(servicePool, transport))
for v in DeployedService.objects.all():
logger.debug("{} {}".format(v.uuid, v.name))
# Check if servicePool is part of the ticket
if servicePool is not None:
# If service pool is in there, also is transport
res = userServiceManager().getService(request.user, request.ip, 'F' + servicePool, transport, False)
_x, userService, _x, transport, _x = res
transportInstance = transport.getInstance()
if transportInstance.ownLink is True:
link = reverse('TransportOwnLink', args=('A' + userService.uuid, transport.uuid))
else:
link = html.udsAccessLink(request, 'A' + userService.uuid, transport.uuid)
response = render(
request,
theme.template('simpleLauncher.html'),
{
'link': link
}
)
else:
response = HttpResponsePermanentRedirect(reverse('uds.web.views.index'))
# Now ensure uds cookie is at response
getUDSCookie(request, response, True)
return response
except ServiceNotReadyError as e:
return render(
request,
theme.template('service_not_ready.html'),
{
'fromLauncher': True,
'code': e.code
}
)
except TicketStore.InvalidTicket:
return render(
request,
theme.template('simpleLauncherAlreadyLaunched.html')
)
except Authenticator.DoesNotExist:
logger.error('Ticket has an non existing authenticator')
return errors.exceptionView(request, InvalidUserException())
except DeployedService.DoesNotExist:
logger.error('Ticket has an invalid Service Pool')
return errors.exceptionView(request, InvalidServiceException())
except Exception as e:
logger.exception('Exception')
return errors.exceptionView(request, e)