def standalone():
if len(sys.argv) != 2:
print USAGE
return
csv_filename = sys.argv[1]
csv_filename_prefix = string.replace(csv_filename, ".csv", "")
output_filename = "%s_prepared.csv" % (csv_filename_prefix)
print "Preparing %s for bulk provisioning..." % (csv_filename)
try:
with open(csv_filename, 'rb') as csv_file, \
open(output_filename, 'w') as output_file:
reader = csv.reader(csv_file)
for row in reader:
if len(row) >= 4:
[public_id, private_id, realm, password] = row[0:4]
# Hash and then encrypt the password.
hash = utils.md5("%s:%s:%s" %
(private_id, realm, password))
encrypted_hash = utils.encrypt_password(
hash, settings.PASSWORD_ENCRYPTION_KEY)
output_file.write("%s,%s,%s,%s,%s\n" %
(public_id, private_id, encrypted_hash,
SIMSERVS, INITIAL_FILTER_CRITERIA))
else:
print 'Error: row "%s" contains <4 entries - ignoring'
print "Bulk provisioning input created"
print "- BulkProvision %s homer" % (output_filename)
print "- BulkProvision %s homestead" % (output_filename)
except IOError as e:
print "Failed to read/write to %s:" % (e.filename, )
traceback.print_exc()
def standalone():
if len(sys.argv) != 2:
print USAGE
return
csv_filename = sys.argv[1]
csv_filename_prefix = string.replace(csv_filename, ".csv", "")
output_filename = "%s_prepared.csv" % (csv_filename_prefix)
print "Preparing %s for bulk provisioning..." % (csv_filename)
try:
with open(csv_filename, 'rb') as csv_file, \
open(output_filename, 'w') as output_file:
reader = csv.reader(csv_file)
for row in reader:
if len(row) >= 4:
[public_id, private_id, realm, password] = row[0:4]
# Hash and then encrypt the password.
hash = utils.md5("%s:%s:%s" % (private_id, realm, password))
encrypted_hash = utils.encrypt_password(hash, settings.PASSWORD_ENCRYPTION_KEY)
output_file.write("%s,%s,%s,%s,%s\n" % (public_id, private_id, encrypted_hash, SIMSERVS, INITIAL_FILTER_CRITERIA))
else:
print 'Error: row "%s" contains <4 entries - ignoring'
print "Bulk provisioning input created"
print "- BulkProvision %s homer" % (output_filename)
print "- BulkProvision %s homestead" % (output_filename)
except IOError as e:
print "Failed to read/write to %s:" % (e.filename,)
traceback.print_exc();
def test_encrypt_password(self):
a = encrypt_password(u"foo", "bar")
b = encrypt_password(u"foo", "bar")
self.assertTrue(b[0] == a[0] == 'b')
self.assertNotEqual(a, b)
self.assertNotEqual(a, "foo")
ad = decrypt_password(unicode(a), "bar")
bd = decrypt_password(b, "bar")
self.assertEquals(ad, u"foo")
self.assertEquals(bd, u"foo")
try:
bdw = decrypt_password(b, "bar2")
except:
# May fail to decode the unicode.
pass
else:
self.assertNotEqual(bdw, "foo")
def test_encrypt_password(self):
a = encrypt_password(u"foo", "bar")
b = encrypt_password(u"foo", "bar")
self.assertTrue(b[0] == a[0] == 'b')
self.assertNotEqual(a, b)
self.assertNotEqual(a, "foo")
ad = decrypt_password(unicode(a), "bar")
bd = decrypt_password(b, "bar")
self.assertEquals(ad, u"foo")
self.assertEquals(bd, u"foo")
try:
bdw = decrypt_password(b, "bar2")
except:
# May fail to decode the unicode.
pass
else:
self.assertNotEqual(bdw, "foo")
def put(self, private_id):
response = {}
pw_hash = self.request_data.get("digest", None)
encrypted_hash = utils.encrypt_password(pw_hash, settings.PASSWORD_ENCRYPTION_KEY)
yield self.cass.insert(column_family=self.table,
key=private_id,
column=self.column,
value=encrypted_hash)
self.finish(response)
def put(self, private_id):
response = {}
pw_hash = self.request_data.get("digest", None)
encrypted_hash = utils.encrypt_password(pw_hash, settings.PASSWORD_ENCRYPTION_KEY)
yield self.cass.insert(column_family=self.table,
key=private_id,
column=self.column,
value=encrypted_hash)
self.finish(response)
class AssociatedCredentialsHandler(AssociatedURIsHandler):
"""
Handler for getting Credentials, & confirming associated public ID.
"""
@defer.inlineCallbacks
def get(self, private_id, public_id):
try:
exists = False
db_data = yield self.ha_get_slice(key=private_id,
column_family=config.PUBLIC_IDS_TABLE,
start=public_id,
finish=public_id)
for column in db_data:
if column.column.name == public_id:
exists = True
if not exists:
raise NotFoundException()
encrypted_hash = yield self.ha_get(column_family=self.table,
key=private_id,
column=self.column)
digest = utils.decrypt_password(encrypted_hash.column.value,
settings.PASSWORD_ENCRYPTION_KEY)
except NotFoundException, e:
if not settings.HSS_ENABLED:
raise HTTPError(httplib.NOT_FOUND)
# Either the digest or the association doesn't exist in the DB, attempt an
# import from the HSS
try:
digest = yield self.application.hss_gateway.get_digest(private_id, public_id)
public_ids = yield self.application.hss_gateway.get_public_ids(private_id, public_id)
except HSSNotFound, e:
raise HTTPError(httplib.NOT_FOUND)
# Have result from HSS, store in Cassandra
encrypted_hash = utils.encrypt_password(digest, settings.PASSWORD_ENCRYPTION_KEY)
_log.info("Got digest from HSS")
yield self.cass.insert(column_family=self.table,
key=private_id,
column=self.column,
value=encrypted_hash)
_log.info("Got associated public identities from HSS: %s" % public_ids)
for p in public_ids:
yield self.insert_in_both_tables(private_id, p)
def standalone():
if len(sys.argv) != 2:
print USAGE
return
csv_filename = sys.argv[1]
csv_filename_prefix = string.replace(csv_filename, ".csv", "")
homestead_filename = "%s.create_homestead.sh" % (csv_filename_prefix, )
homestead_casscli_filename = "%s.create_homestead.casscli" % (
csv_filename_prefix, )
xdm_filename = "%s.create_xdm.sh" % (csv_filename_prefix, )
xdm_cqlsh_filename = "%s.create_xdm.cqlsh" % (csv_filename_prefix, )
print "Generating bulk provisioning scripts for users in %s..." % (
csv_filename, )
try:
with open(csv_filename, 'rb') as csv_file, \
open(homestead_filename, 'w') as homestead_file, \
open(homestead_casscli_filename, 'w') as homestead_casscli_file, \
open(xdm_filename, 'w') as xdm_file, \
open(xdm_cqlsh_filename, 'w') as xdm_cqlsh_file:
# Write Homestead/CQL header
homestead_file.write("#!/bin/bash\n")
homestead_file.write(
"# Homestead bulk provisioning script for users in %s\n" %
(csv_filename, ))
homestead_file.write(
"# Run this script on any node in your Homestead deployment to create the users\n"
)
homestead_file.write(
"# The %s file must also be present on this system\n" %
(homestead_casscli_filename, ))
homestead_file.write(
"# You must also run %s on any node in your Homer deployment\n"
% (xdm_filename, ))
homestead_file.write("\n")
homestead_file.write(
"[ -f %s ] || echo \"The %s file must be present on this system.\"\n"
% (homestead_casscli_filename, homestead_casscli_filename))
homestead_file.write("cassandra-cli -B -f %s\n" %
(homestead_casscli_filename, ))
homestead_casscli_file.write("USE homestead;\n")
# Write Homer/CQL header
xdm_file.write("#!/bin/bash\n")
xdm_file.write(
"# Homer bulk provisioning script for users in %s\n" %
(csv_filename, ))
xdm_file.write(
"# Run this script on any node in your Homer deployment to create the users\n"
)
xdm_file.write(
"# The %s file must also be present on this system\n" %
(xdm_cqlsh_filename, ))
xdm_file.write(
"# You must also run %s on any node in your Homestead deployment\n"
% (homestead_filename, ))
xdm_file.write("\n")
xdm_file.write(
"[ -f %s ] || echo \"The %s file must be present on this system.\"\n"
% (xdm_cqlsh_filename, xdm_cqlsh_filename))
xdm_file.write("cqlsh -3 -f %s\n" % (xdm_cqlsh_filename, ))
xdm_cqlsh_file.write("USE homer;\n")
reader = csv.reader(csv_file)
for row in reader:
if len(row) >= 4:
[public_id, private_id, realm, password] = row[0:4]
# Hash and then encrypt the password.
hash = utils.md5("%s:%s:%s" %
(private_id, realm, password))
encrypted_hash = utils.encrypt_password(
hash, settings.PASSWORD_ENCRYPTION_KEY)
# Add the user to the SIP digest, associated IDs and filter criteria tables on Homestead.
homestead_casscli_file.write(
"SET sip_digests['%s']['private_id'] = '%s';\n" %
(private_id, private_id))
homestead_casscli_file.write(
"SET sip_digests['%s']['digest'] = '%s';\n" %
(private_id, encrypted_hash))
homestead_casscli_file.write(
"SET public_ids['%s']['%s'] = '%s';\n" %
(private_id, public_id, public_id))
homestead_casscli_file.write(
"SET private_ids['%s']['%s'] = '%s';\n" %
(public_id, private_id, private_id))
homestead_casscli_file.write(
"SET filter_criteria['%s']['public_id'] = '%s';\n" %
(public_id, public_id))
homestead_casscli_file.write(
"SET filter_criteria['%s']['value'] = '%s';\n" %
(public_id, INITIAL_FILTER_CRITERIA))
# Add the simservs document for the user to the documents table on Homer
xdm_cqlsh_file.write(
"INSERT INTO simservs (user, value) VALUES ('%s', '%s');\n"
% (public_id, SIMSERVS))
else:
print 'Error: row "%s" contains <4 entries - ignoring'
print "Generated bulk provisioning scripts written to"
print "- %-46s - run this script on Homestead" % (homestead_filename, )
print "- %-46s - copy this file onto Homestead" % (
homestead_casscli_filename, )
print "- %-46s - run this script on Homer" % (xdm_filename, )
print "- %-46s - copy this file onto Homer" % (xdm_cqlsh_filename, )
except IOError as e:
print "Failed to read/write to %s:" % (e.filename, )
traceback.print_exc()
def standalone():
if len(sys.argv) != 2:
print USAGE
return
csv_filename = sys.argv[1]
csv_filename_prefix = string.replace(csv_filename, ".csv", "")
homestead_filename = "%s.create_homestead.sh" % (csv_filename_prefix,)
homestead_cqlsh_filename = "%s.create_homestead.cqlsh" % (csv_filename_prefix,)
xdm_filename = "%s.create_xdm.sh" % (csv_filename_prefix,)
xdm_cqlsh_filename = "%s.create_xdm.cqlsh" % (csv_filename_prefix,)
print "Generating bulk provisioning scripts for users in %s..." % (csv_filename,)
try:
with open(csv_filename, 'rb') as csv_file, \
open(homestead_filename, 'w') as homestead_file, \
open(homestead_cqlsh_filename, 'w') as homestead_cqlsh_file, \
open(xdm_filename, 'w') as xdm_file, \
open(xdm_cqlsh_filename, 'w') as xdm_cqlsh_file:
# Write Homestead/CQL header
homestead_file.write("#!/bin/bash\n")
homestead_file.write("# Homestead bulk provisioning script for users in %s\n" % (csv_filename,))
homestead_file.write("# Run this script on any node in your Homestead deployment to create the users\n")
homestead_file.write("# The %s file must also be present on this system\n" % (homestead_cqlsh_filename,))
homestead_file.write("# You must also run %s on any node in your Homer deployment\n" % (xdm_filename,))
homestead_file.write("\n")
homestead_file.write("[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (homestead_cqlsh_filename, homestead_cqlsh_filename))
homestead_file.write("cqlsh -3 -f %s\n" % (homestead_cqlsh_filename,))
homestead_cqlsh_file.write("USE homestead;\n");
# Write Homer/CQL header
xdm_file.write("#!/bin/bash\n")
xdm_file.write("# Homer bulk provisioning script for users in %s\n" % (csv_filename,))
xdm_file.write("# Run this script on any node in your Homer deployment to create the users\n")
xdm_file.write("# The %s file must also be present on this system\n" % (xdm_cqlsh_filename,))
xdm_file.write("# You must also run %s on any node in your Homestead deployment\n" % (homestead_filename,))
xdm_file.write("\n")
xdm_file.write("[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (xdm_cqlsh_filename, xdm_cqlsh_filename))
xdm_file.write("cqlsh -3 -f %s\n" % (xdm_cqlsh_filename,))
xdm_cqlsh_file.write("USE homer;\n")
reader = csv.reader(csv_file)
for row in reader:
if len(row) >= 4:
[public_id, private_id, realm, password] = row[0:4]
# Hash and then encrypt the password.
hash = utils.md5("%s:%s:%s" % (private_id, realm, password))
encrypted_hash = utils.encrypt_password(hash, settings.PASSWORD_ENCRYPTION_KEY)
# Add the user to the SIP digests and filter criteria tables on Homestead.
homestead_cqlsh_file.write("INSERT INTO sip_digests (private_id, digest) VALUES ('%s', '%s');\n" % (private_id, encrypted_hash))
homestead_cqlsh_file.write("INSERT INTO filter_criteria (public_id, value) VALUES ('%s', '%s');\n" % (public_id, INITIAL_FILTER_CRITERIA))
# Add the simservs document for the user to the documents table on Homer
xdm_cqlsh_file.write("INSERT INTO simservs (user, value) VALUES ('%s', '%s');\n" % (public_id, SIMSERVS))
else:
print 'Error: row "%s" contains <4 entries - ignoring'
print "Generated bulk provisioning scripts written to"
print "- %-46s - run this script on Homestead" % (homestead_filename,)
print "- %-46s - copy this file onto Homestead" % (homestead_cqlsh_filename,)
print "- %-46s - run this script on Homer" % (xdm_filename,)
print "- %-46s - copy this file onto Homer" % (xdm_cqlsh_filename,)
except IOError as e:
print "Failed to read/write to %s:" % (e.filename,)
traceback.print_exc();
