def authorize(self, scheme, **params): identifier = self.getIdentifierInRealm(params["realm"]) if identifier: log.debug("Using idenitifier {0} for realm {1[realm]}".format( identifier, params), system=repr(self)) cred = {"challenge": params["challenge"], "realm": params["realm"], "id": identifier, } log.debug("Signing challenge with {0.key.id}".format(self)) try: cred["signature"] = yield self.signAuth(cred) log.debug("Signed challenge") auth = ", ".join(["{0}=\"{1}\"".format(*i) for i in cred.items()]) authorization = "{0} {1}".format(scheme, auth) log.debug("Authorization: {0}".format(authorization)) except: log.err() raise else: log.debug("{0.key.id} has no idenitifier in realm {1}".format( self, params["realm"]), system=repr(self)) authorization = None yield succeed(True) returnValue(authorization)
def agentDetached(self, agent, reason): log.debug("Detached from SSH agent: {0}".format(agent)) try: self.agents.remove(agent) except: log.err() self._pruneAgentKeys(agent)
def _buildKey(self, key, comment): if isinstance(key, basestring): try: key = crypto.Key.fromString(key) except: log.err() raise ValueError("Invalid key data") if not isinstance(key, crypto.Key): raise ValueError("Invalid key") return PublicKey(key, self.id, comment, self.config, self.agent)
def _handleErrors(self, open, request): try: rsp = yield open(request) except Exception, err: log.err() if isinstance(err, (EntityNotFound, KeyNotFound, KeyAlreadyExists, EntityAlreadyExists)): request.setResponseCode(http.BAD_REQUEST) else: request.setResponseCode(http.INTERNAL_SERVER_ERROR) request.setHeader("Content-type", "application/json") self.jsonize({"error": err}, request) request.finish()
def _compileRealmRegexes(self, authenticators): # Need to use a copy of the list if we need to remove() items. for authSpec in list(authenticators): try: if "realms" in authSpec: for realmSpec in authSpec["realms"]: if "realm" in realmSpec: realmSpec["pattern"] = pattern = realmSpec["realm"] realmSpec["realm"] = re.compile(pattern) except: authenticators.remove(authSpec) log.err() return authenticators
def registerKey(self, key, comment): url = self.baseUrl.click("keys/") pubKey = self._buildKey(key, comment) try: rsp = yield self.agent.open(url, method="POST", data=ws.jsonize({"key": pubKey})) except WebError, err: if int(err.status) == http.BAD_REQUEST: try: errInfo = json.loads(err.response.content)["error"] except: log.err() raise err else: log.debug("Decoded JSON error") if errInfo.get("type") == "KeyAlreadyExists": raise iface.KeyAlreadyExists(pubKey) log.err() raise
def registerEntity(self, entId, species, key): url = self.baseUrl.click("entities/") ent = self._buildEntity(entId, species, key.id) pubKey = self._buildKey(key, entId, "primary") try: rsp = yield self.agent.open(url, method="POST", data=ws.jsonize({"entity": ent, "key": pubKey, })) except WebError, err: if int(err.status) == http.BAD_REQUEST: try: errInfo = json.loads(err.response.content)["error"] except: log.err() raise err else: log.debug("Decoded JSON error") if errInfo.get("type") == "EntityAlreadyExists": raise iface.EntityAlreadyExists(entId) log.err() raise