def dispatch(self, request, *args, **kwargs): try: token = request.META['HTTP_X_MONOLITH_TOKEN'].strip() api_data = verify_secret(token, 'zentral.contrib.monolith') except (KeyError, ValueError, APIAuthError): return HttpResponseForbidden("No no no!") # machine serial number h_msn = request.META.get("HTTP_X_ZENTRAL_SERIAL_NUMBER") # new way t_msn = api_data.get("machine_serial_number") # old way if h_msn and t_msn and h_msn != t_msn: logger.warning("Serial number mismatch. header: %s, token: %s", h_msn, t_msn) self.machine_serial_number = h_msn or t_msn # priority to h_msn because set in preflight script # business unit, manifest self.meta_business_unit = api_data['business_unit'].meta_business_unit self.manifest = get_object_or_404( Manifest, meta_business_unit=self.meta_business_unit) self.user_agent, self.ip = user_agent_and_ip_address_from_request( request) # machine extra infos self.machine = MetaMachine(self.machine_serial_number) self.tags = self.machine.tags if not self.machine_serial_number: logger.warning("Missing serial number. mbu: %s %s", self.meta_business_unit, self.meta_business_unit.pk) return super().dispatch(request, *args, **kwargs)
def verify_signed_secret(self, enroll_secret): api_secret_data = verify_secret(enroll_secret, SOURCE_MODULE) self.machine_serial_number = api_secret_data.get( 'machine_serial_number', None) if not self.machine_serial_number: raise APIAuthError("No serial number") self.business_unit = api_secret_data.get("business_unit", None)
def check_data_secret(self, data): try: data = verify_secret(data['enroll_secret'], "zentral.contrib.osquery") except KeyError: raise SuspiciousOperation("Osquery enroll request without enroll secret") try: self.machine_serial_number = data['machine_serial_number'] except KeyError: raise SuspiciousOperation("Osquery enroll secret without machine serial number") self.business_unit = data.get('business_unit', None)
def dispatch(self, request, *args, **kwargs): try: token = request.META['HTTP_X_MONOLITH_TOKEN'].strip() api_data = verify_secret(token, 'zentral.contrib.monolith') except (KeyError, ValueError, APIAuthError): return HttpResponseForbidden("No no no!") self.machine_serial_number = api_data.get("machine_serial_number", None) self.user_agent, self.ip = user_agent_and_ip_address_from_request(request) self.machine = MetaMachine(self.machine_serial_number) self.tags = self.machine.tags self.meta_business_unit = api_data['business_unit'].meta_business_unit self.manifest = get_object_or_404(Manifest, meta_business_unit=self.meta_business_unit) return super().dispatch(request, *args, **kwargs)
def verify_signed_machine_id(self): """Verify the secret signature""" # TODO: deprecate and remove data = verify_secret(self.machine_id, "zentral.contrib.santa") self.machine_serial_number = data.get('machine_serial_number', None) self.business_unit = data.get('business_unit', None)
def check_data_secret(self, data): data = verify_secret(data['enroll_secret'], "zentral.contrib.osquery") self.machine_serial_number = data['machine_serial_number'] self.business_unit = data.get('business_unit', None)
def verify_request_secret(self, secret): data = verify_secret(secret, "zentral.contrib.munki") self.machine_serial_number = data.get('machine_serial_number', None) self.business_unit = data.get('business_unit', None)
def check_data_secret(self, data): data = verify_secret(data.pop('zentral_api_secret', None), "zentral.contrib.zendesk") self.business_unit = data.get('business_unit', None)