Пример #1
0
def handle_login():
    session = bottle.request.environ.get('beaker.session')
    conf_man.update_creds_from_metadata_server(request.app)
    access_token  = request.params.get("access_token")
    expires_in    = request.params.get("expires_in")
    aws_client_id = request.app.config["server.aws_client_id"]

    
    user_id, name, email = identity.get_identity_from_token(access_token, aws_client_id);
    user_info = identity.find_user_role(request.app, user_id)
    
    if not user_info :
        return template("./views/login_reject.tpl",
                        title="Turing - Login Rejected!",
                        username = name,
                        user_id  = user_id,                    
                        email    = email,
                        session  = session)

    
    session["logged_in"] = True
    session["user_id"]   = user_id
    session["username"]  = name
    session["email"]     = user_info["email"] #email
    session["user_role"] = user_info["role"]

    print session
    return template("./views/login_confirm.tpl",
                    title="Turing - Login Success!",
                    session=session)
Пример #2
0
def get_temp_keys():
    session  = bottle.request.environ.get('beaker.session')
    require_login(session)
    
    username = session["username"]
    try:
        user_info = identity.find_user_role(request.app, session["user_id"])
        # This is a vulnerability. We need to check everytime if the access_tokens 
        # are valid and alive with the api.amazon.com
        print user_info
        role      = "klab_public"
        creds     = sts.get_temp_creds(role)
        return template('./views/tempkeys.tpl',
                        username        = username,
                        session         = session,
                        AccessKeyId     = creds["AccessKeyId"],
                        SecretAccessKey = creds["SecretAccessKey"],
                        Token           = creds["SessionToken"],
                        Expiration      = creds["Expiration"],
                        title="Temporary keys",
                        alert=False)
        
    except Exception as e:
        return template('./views/logout.tpl',
                    username=username,
                    session=session,
                    title="Failed to get temporary keys",
                    alert=False)
Пример #3
0
def handle_login():
    session = bottle.request.environ.get('beaker.session')
    conf_man.update_creds_from_metadata_server(request.app)
    access_token = request.params.get("access_token")
    expires_in = request.params.get("expires_in")
    aws_client_id = request.app.config["server.aws_client_id"]

    user_id, name, email = identity.get_identity_from_token(
        access_token, aws_client_id)
    user_info = identity.find_user_role(request.app, user_id)

    if not user_info:
        return template("./views/login_reject.tpl",
                        title="Turing - Login Rejected!",
                        username=name,
                        user_id=user_id,
                        email=email,
                        session=session)

    session["logged_in"] = True
    session["user_id"] = user_id
    session["username"] = name
    session["email"] = user_info["email"]  #email
    session["user_role"] = user_info["role"]

    print session
    return template("./views/login_confirm.tpl",
                    title="Turing - Login Success!",
                    session=session)
Пример #4
0
def get_temp_keys():
    session = bottle.request.environ.get('beaker.session')
    require_login(session)

    username = session["username"]
    try:
        user_info = identity.find_user_role(request.app, session["user_id"])
        # This is a vulnerability. We need to check everytime if the access_tokens
        # are valid and alive with the api.amazon.com
        print user_info
        role = "klab_public"
        creds = sts.get_temp_creds(role)
        return template('./views/tempkeys.tpl',
                        username=username,
                        session=session,
                        AccessKeyId=creds["AccessKeyId"],
                        SecretAccessKey=creds["SecretAccessKey"],
                        Token=creds["SessionToken"],
                        Expiration=creds["Expiration"],
                        title="Temporary keys",
                        alert=False)

    except Exception as e:
        return template('./views/logout.tpl',
                        username=username,
                        session=session,
                        title="Failed to get temporary keys",
                        alert=False)
Пример #5
0
def validate_session(app, access_token):

    if not access_token:
        return None

    aws_client_id = request.app.config["server.aws_client_id"]
    user_id, name, email = identity.get_identity_from_token(
        access_token, aws_client_id)
    if not user_id or not name:
        return None

    print "User_id : ", user_id
    print "Name    : ", name
    print "Email   : ", email
    user_info = identity.find_user_role(request.app, user_id)

    info = {
        "user_id": user_id,
        "name": name,
        "username": name,
        "email": user_info["email"],  #email
        "user_role": user_info["role"]
    }

    return info
Пример #6
0
def validate_session(app ,access_token):
                    
    if not access_token:
        return None

    aws_client_id        = request.app.config["server.aws_client_id"]
    user_id, name, email = identity.get_identity_from_token(access_token, aws_client_id);
    if not user_id or not name:
        return None

    print "User_id : ", user_id
    print "Name    : ", name
    print "Email   : ", email
    user_info = identity.find_user_role(request.app, user_id)
    
    info = {"user_id"   : user_id,
            "name"      : name,
            "username"  : name,
            "email"     : user_info["email"], #email
            "user_role" : user_info["role"] }

    return info