def authenticate():
token_to_sign = random_token()
cmd = Command.new(ws, action='authenticate', token=token_to_sign)
response = cmd.send()
context['cluster'] = cluster = response['cluster']
client_pubkey = db.get_pub_key(cluster)
client_apikey = APIKey(client_pubkey['pubkey'])
# Verify the client correctly signed the token:
try:
client_apikey.verify_message(token_to_sign, response.get('signature'))
except:
response.respond(message='Bad Signature of token for authentication', done=True)
log.error('client provided bad signature for auth token')
raise
response.respond(authenticated=True, done=True)
# Client will ask us to authenticate too:
command = receive_data(ws)
assert command.get('action') == 'authenticate'
data = {'signature' :context['apikey'].sign_message(command['token'])}
response = command.respond(**data)
if response.get('authenticated') != True:
raise UnauthenticatedError("Our peer could not validate our signed auth token")
def authenticate():
token_to_sign = random_token()
cmd = Command.new(ws, action='authenticate', token=token_to_sign)
response = cmd.send()
context['cluster'] = cluster = response['cluster']
client_pubkey = db.get_pub_key(cluster)
client_apikey = APIKey(client_pubkey['pubkey'])
# Verify the client correctly signed the token:
try:
client_apikey.verify_message(token_to_sign,
response.get('signature'))
except:
response.respond(
message='Bad Signature of token for authentication', done=True)
log.error('client provided bad signature for auth token')
raise
response.respond(authenticated=True, done=True)
# Client will ask us to authenticate too:
command = receive_data(ws)
assert command.get('action') == 'authenticate'
data = {'signature': context['apikey'].sign_message(command['token'])}
response = command.respond(**data)
if response.get('authenticated') != True:
raise UnauthenticatedError(
"Our peer could not validate our signed auth token")
def connect(self):
"""Connect to the endpoint and return the opened websocket"""
log.debug("Connecting to {ws_endpoint} ...".format(ws_endpoint=self.ws_endpoint))
ws = self.ws = WebSocket()
ws.connect(self.ws_endpoint)
# Alias websocket-client's recv command to receive so that
# it's compatible with gevent-websocket:
ws.receive = ws.recv
# Authenticate:
cmd = receive_data(ws)
self.__authenticate(cmd)
self.__server_synced = True
return ws
def connect(self):
"""Connect to the endpoint and return the opened websocket"""
log.debug("Connecting to {ws_endpoint} ...".format(ws_endpoint=self.ws_endpoint))
ws = self.ws = WebSocket()
ws.connect(self.ws_endpoint)
# Alias websocket-client's recv command to receieve so that
# it's compatible with gevent-websocket:
ws.receive = ws.recv
# Authenticate:
cmd = receive_data(ws)
self.__authenticate(cmd)
self.__server_synced = True
return ws
# In the event of a socket error, we always want to commit
# what we have of the artifact to the database. Better to
# have something than nothing. It's the client's
# responsibility to resend artifacts that failed.
db.update_test_artifact(command['test_id'], command['kind'], tmp, command['name'])
command.respond(message='stream_received', done=True, sha256=sha.hexdigest())
# Client and Server both authenticate to eachother:
authenticate()
try:
# Dispatch on client commands:
while True:
command = receive_data(ws)
assert command['type'] == 'command'
if command['action'] == 'get_work':
console_publish(context['cluster'], {'ctl':'WAIT'})
get_work(command)
elif command['action'] == 'test_done':
console_publish(context['cluster'], {'ctl':'DONE'})
test_done(command)
elif command['action'] == 'stream':
receive_stream(command)
elif command['action'] == 'chunk-stream-query':
receive_artifact_chunk_query(command)
elif command['action'] == 'chunk-stream':
receive_artifact_chunk_object(command)
elif command['action'] == 'chunk-stream-complete':
receive_artifact_chunk_complete(command)
# responsibility to resend artifacts that failed.
db.update_test_artifact(command['test_id'], command['kind'], tmp,
command['name'])
command.respond(message='stream_received',
done=True,
sha256=sha.hexdigest())
# Client and Server both authenticate to eachother:
authenticate()
try:
# Dispatch on client commands:
while True:
command = receive_data(ws)
assert command['type'] == 'command'
if command['action'] == 'get_work':
console_publish(context['cluster'], {'ctl': 'WAIT'})
get_work(command)
elif command['action'] == 'test_done':
console_publish(context['cluster'], {'ctl': 'DONE'})
test_done(command)
elif command['action'] == 'stream':
receive_stream(command)
elif command['action'] == 'good_bye':
log.info("client said good_bye. Closing socket.")
break
finally:
console_publish(context['cluster'], {'ctl': 'GOODBYE'})
