Exemplo n.º 1
0
    def test(self, instance_name, username, password):
        instance = self.get_instance(instance_name)
        try:
            yield step_log('Testing oauth server @ {}'.format(instance['server']['dns']))

            yield message_log('Checking server health')

            try:
                status = requests.get(instance['server']['dns'], verify=True).status_code
            except requests.exceptions.SSLError:
                yield error_log('SSL certificate verification failed')
                yield message_log('Continuing test without certificate check')

            try:
                status = requests.get(instance['server']['dns'], verify=False).status_code
            except requests.ConnectionError:
                yield raising_error_log('Connection error, check nginx is running, and dns resolves as expected.')
            except:
                yield raising_error_log('Unknown error trying to access oauth server. Check params and try again')
            else:
                if status == 500:
                    yield raising_error_log('Error on oauth server, Possible causes:\n  - ldap configuration error (bad server url?)\n  - Mongodb configuration error (bad replicaset name or hosts list?)\nCheck osiris log for more information.')
                elif status == 502:
                    yield raising_error_log('Server not respoding at {}. Check that:\n  - osiris process is running\n  - nginx upstream definition is pointing to the right host:port.'.format(instance['server']['dns']))
                elif status == 504:
                    yield raising_error_log('Gateway timeout. Probably oauth server is giving timeout trying to contact ldap server')
                elif status == 404:
                    yield raising_error_log('There\'s no oauth server at {}. Chech there\'s an nginx entry for this server.'.format(instance['server']['dns']))
                elif status != 200:
                    yield raising_error_log('Server {} responded with {} code. Check osiris logs.'.format(instance['server']['dns'], status))

            yield message_log('Retrieving token for "{}"'.format(username))
            token = self.get_token(instance['server']['dns'], username, password)
            succeeded_retrieve_token = token is not None

            if not succeeded_retrieve_token:
                yield raising_error_log('Error retreiving token. Check username/password and try again')

            yield message_log('Checking retreived token')
            succeeded_check_token = self.check_token(instance['server']['dns'], username, token)

            if not succeeded_check_token:
                yield raising_error_log('Error retreiving token')

            if succeeded_check_token and succeeded_retrieve_token:
                yield success_log('Oauth server check passed')
            else:
                yield raising_error_log('Oauth server check failed')

        except StepError as error:
            yield error_log(error.message)
Exemplo n.º 2
0
    def remove_bypass_allowed_ip(self, ip):
        configured_ips = self.get_instance_allowed_ips()
        allowed_ips = list(set(configured_ips) - set([ip]))

        if not set(allowed_ips).symmetric_difference(set(configured_ips)):
            return message_log('No changes to allowed ips on {}/customizeme.cfg'.format(self.buildout.folder))

        customizations = {
            'osiris-config': {
                'allowed_ips': allowed_ips,
            }
        }

        self.buildout.configure_file('customizeme.cfg', customizations)
        return success_log('Succesfully updated allowed ips on {}/customizeme.cfg'.format(self.buildout.folder))
Exemplo n.º 3
0
    def reload_nginx_configuration(self):
        yield step_log('Reloading nginx configuration')
        yield message_log('Testing configuration')

        yield self.test_nginx()
        yield self.reload_nginx()