def connect_to_thrift(conf):
"""
Connect to a thrift endpoint as determined by the 'conf' parameter.
Note that this does *not* open the transport.
Returns a tuple of (service, protocol, transport)
"""
if conf.transport_mode == 'http':
mode = THttpClient(conf.http_url)
mode.set_verify(conf.validate)
else:
if conf.use_ssl:
try:
from ssl import PROTOCOL_TLS
PROTOCOL_SSLv23 = PROTOCOL_TLS
except ImportError:
try:
from ssl import PROTOCOL_SSLv23 as PROTOCOL_TLS
PROTOCOL_SSLv23 = PROTOCOL_TLS
except ImportError:
PROTOCOL_SSLv23 = PROTOCOL_TLS = 2
mode = TSSLSocketWithWildcardSAN(conf.host, conf.port, validate=conf.validate, ca_certs=conf.ca_certs,
keyfile=conf.keyfile, certfile=conf.certfile, ssl_version=PROTOCOL_SSLv23)
else:
mode = TSocket(conf.host, conf.port)
if conf.timeout_seconds:
# Thrift trivia: You can do this after the fact with
# _grab_transport_from_wrapper(self.wrapped.transport).setTimeout(seconds*1000)
mode.setTimeout(conf.timeout_seconds * 1000.0)
if conf.transport_mode == 'http':
if conf.use_sasl and conf.mechanism != 'PLAIN':
mode.set_kerberos_auth(service=conf.kerberos_principal)
else:
mode.set_basic_auth(conf.username, conf.password)
if conf.transport_mode == 'socket' and conf.use_sasl:
def sasl_factory():
saslc = sasl.Client()
saslc.setAttr("host", str(conf.host))
saslc.setAttr("service", str(conf.kerberos_principal))
if conf.mechanism == 'PLAIN':
saslc.setAttr("username", str(conf.username))
saslc.setAttr("password", str(conf.password)) # Defaults to 'hue' for a non-empty string unless using LDAP
else:
saslc.setAttr("maxbufsize", SASL_MAX_BUFFER.get())
saslc.init()
return saslc
transport = TSaslClientTransport(sasl_factory, conf.mechanism, mode)
elif conf.transport == 'framed':
transport = TFramedTransport(mode)
else:
transport = TBufferedTransport(mode)
protocol = TBinaryProtocol(transport)
if conf.multiple:
protocol = TMultiplexedProtocol(protocol, conf.service_name)
service = conf.klass(protocol)
return service, protocol, transport
def connect_to_thrift(conf):
"""
Connect to a thrift endpoint as determined by the 'conf' parameter.
Note that this does *not* open the transport.
Returns a tuple of (service, protocol, transport)
"""
if conf.transport_mode == 'http':
mode = THttpClient(conf.http_url)
mode.set_verify(conf.validate)
else:
if conf.use_ssl:
try:
from ssl import PROTOCOL_TLS
PROTOCOL_SSLv23 = PROTOCOL_TLS
except ImportError:
try:
from ssl import PROTOCOL_SSLv23 as PROTOCOL_TLS
PROTOCOL_SSLv23 = PROTOCOL_TLS
except ImportError:
PROTOCOL_SSLv23 = PROTOCOL_TLS = 2
mode = TSSLSocketWithWildcardSAN(conf.host,
conf.port,
validate=conf.validate,
ca_certs=conf.ca_certs,
keyfile=conf.keyfile,
certfile=conf.certfile,
ssl_version=PROTOCOL_SSLv23)
else:
mode = TSocket(conf.host, conf.port)
if conf.timeout_seconds:
# Thrift trivia: You can do this after the fact with
# _grab_transport_from_wrapper(self.wrapped.transport).setTimeout(seconds*1000)
mode.setTimeout(conf.timeout_seconds * 1000.0)
if conf.transport_mode == 'http':
if conf.use_sasl and conf.mechanism != 'PLAIN':
mode.set_kerberos_auth(service=conf.kerberos_principal)
elif USE_THRIFT_HTTP_JWT.get():
from desktop.auth.backend import find_user, rewrite_user # Cyclic dependency
user = rewrite_user(find_user(conf.username))
if user is None:
raise Exception("JWT: User not found.")
if ENABLE_ORGANIZATIONS.get() and user.token:
token = user.token
elif user.profile.data.get('jwt_access_token'):
token = user.profile.data['jwt_access_token']
else:
raise Exception(
"JWT: Could not retrive saved token from user.")
mode.set_bearer_auth(token)
else:
mode.set_basic_auth(conf.username, conf.password)
if conf.transport_mode == 'socket' and conf.use_sasl:
def sasl_factory():
saslc = sasl.Client()
saslc.setAttr("host", str(conf.host))
saslc.setAttr("service", str(conf.kerberos_principal))
if conf.mechanism == 'PLAIN':
saslc.setAttr("username", str(conf.username))
saslc.setAttr(
"password", str(conf.password)
) # Defaults to 'hue' for a non-empty string unless using LDAP
else:
saslc.setAttr("maxbufsize", SASL_MAX_BUFFER.get())
saslc.init()
return saslc
transport = TSaslClientTransport(sasl_factory, conf.mechanism, mode)
elif conf.transport == 'framed':
transport = TFramedTransport(mode)
else:
transport = TBufferedTransport(mode)
protocol = TBinaryProtocol(transport)
if conf.multiple:
protocol = TMultiplexedProtocol(protocol, conf.service_name)
service = conf.klass(protocol)
return service, protocol, transport