def _download_config(self, *args): """ Downloads the SMTP config for the given provider """ leap_assert(self._provider_config, "We need a provider configuration!") logger.debug("Downloading SMTP config for %s" % (self._provider_config.get_domain(),)) headers = {} mtime = get_mtime(os.path.join(self._smtp_config .get_path_prefix(), "leap", "providers", self._provider_config.get_domain(), "smtp-service.json")) if self._download_if_needed and mtime: headers['if-modified-since'] = mtime api_version = self._provider_config.get_api_version() # there is some confusion with this uri, config_uri = "%s/%s/config/smtp-service.json" % ( self._provider_config.get_api_uri(), api_version) logger.debug('Downloading SMTP config from: %s' % config_uri) srp_auth = SRPAuth(self._provider_config) session_id = srp_auth.get_session_id() cookies = None if session_id: cookies = {"_session_id": session_id} res = self._session.get(config_uri, verify=self._provider_config .get_ca_cert_path(), headers=headers, cookies=cookies) res.raise_for_status() self._smtp_config.set_api_version(api_version) # Not modified if res.status_code == 304: logger.debug("SMTP definition has not been modified") self._smtp_config.load(os.path.join( "leap", "providers", self._provider_config.get_domain(), "smtp-service.json")) else: smtp_definition, mtime = get_content(res) self._smtp_config.load(data=smtp_definition, mtime=mtime) self._smtp_config.save(["leap", "providers", self._provider_config.get_domain(), "smtp-service.json"])
def update_modification_ts(path): """ Sets modification time of a file to current time. :param path: the path to set ts to. :type path: str :returns: modification time :rtype: datetime object """ os.utime(path, None) return get_mtime(path)
def _download_config(self, *args): """ Downloads the EIP config for the given provider """ leap_assert(self._provider_config, "We need a provider configuration!") logger.debug("Downloading EIP config for %s" % (self._provider_config.get_domain(),)) api_version = self._provider_config.get_api_version() self._eip_config = EIPConfig() self._eip_config.set_api_version(api_version) headers = {} mtime = get_mtime(os.path.join(self._eip_config .get_path_prefix(), "leap", "providers", self._provider_config.get_domain(), "eip-service.json")) if self._download_if_needed and mtime: headers['if-modified-since'] = mtime # there is some confusion with this uri, # it's in 1/config/eip, config/eip and config/1/eip... config_uri = "%s/%s/config/eip-service.json" % ( self._provider_config.get_api_uri(), api_version) logger.debug('Downloading eip config from: %s' % config_uri) res = self._session.get(config_uri, verify=self._provider_config .get_ca_cert_path(), headers=headers, timeout=REQUEST_TIMEOUT) res.raise_for_status() # Not modified if res.status_code == 304: logger.debug("EIP definition has not been modified") else: eip_definition, mtime = get_content(res) self._eip_config.load(data=eip_definition, mtime=mtime) self._eip_config.save(["leap", "providers", self._provider_config.get_domain(), "eip-service.json"])
def download_service_config(provider_config, service_config, session, download_if_needed=True): """ Downloads config for a given service. :param provider_config: an instance of ProviderConfig :type provider_config: ProviderConfig :param service_config: an instance of a particular Service config. :type service_config: BaseConfig :param session: an instance of a fetcher.session (currently we're using requests only, but it can be anything that implements that interface) :type session: requests.sessions.Session """ service_name = service_config.name service_json = "{0}-service.json".format(service_name) headers = {} mtime = get_mtime(os.path.join(util.get_path_prefix(), "leap", "providers", provider_config.get_domain(), service_json)) if download_if_needed and mtime: headers['if-modified-since'] = mtime api_version = provider_config.get_api_version() config_uri = "%s/%s/config/%s-service.json" % ( provider_config.get_api_uri(), api_version, service_name) logger.debug('Downloading %s config from: %s' % ( service_name.upper(), config_uri)) # XXX make and use @with_srp_auth decorator srp_auth = SRPAuth(provider_config) session_id = srp_auth.get_session_id() token = srp_auth.get_token() cookies = None if session_id is not None: cookies = {"_session_id": session_id} # API v2 will only support token auth, but in v1 we can send both if token is not None: headers["Authorization"] = 'Token token="{0}"'.format(token) verify = provider_config.get_ca_cert_path() if verify: verify = verify.encode(sys.getfilesystemencoding()) res = session.get(config_uri, verify=verify, headers=headers, timeout=REQUEST_TIMEOUT, cookies=cookies) res.raise_for_status() service_config.set_api_version(api_version) # Not modified service_path = ("leap", "providers", provider_config.get_domain(), service_json) if res.status_code == 304: logger.debug( "{0} definition has not been modified".format( service_name.upper())) service_config.load(os.path.join(*service_path)) else: service_definition, mtime = get_content(res) service_config.load(data=service_definition, mtime=mtime) service_config.save(service_path)
def _download_provider_info(self, *args): """ Downloads the provider.json defition """ leap_assert(self._domain, "Cannot download provider info without a domain") logger.debug("Downloading provider info for %r" % (self._domain)) # -------------------------------------------------------------- # TODO factor out with the download routines in services. # Watch out! We're handling the verify paramenter differently here. headers = {} domain = self._domain.encode(sys.getfilesystemencoding()) provider_json = os.path.join(util.get_path_prefix(), get_provider_path(domain)) if domain in PinnedProviders.domains() and \ not os.path.exists(provider_json): mkdir_p(os.path.join(os.path.dirname(provider_json), "keys", "ca")) cacert = os.path.join(os.path.dirname(provider_json), "keys", "ca", "cacert.pem") PinnedProviders.save_hardcoded(domain, provider_json, cacert) mtime = get_mtime(provider_json) if self._download_if_needed and mtime: headers['if-modified-since'] = mtime uri = "https://%s/%s" % (self._domain, "provider.json") verify = self.verify if mtime: # the provider.json exists # So, we're getting it from the api.* and checking against # the provider ca. try: provider_config = ProviderConfig() provider_config.load(provider_json) uri = provider_config.get_api_uri() + '/provider.json' verify = provider_config.get_ca_cert_path() except MissingCACert: # no ca? then download from main domain again. pass if verify: verify = verify.encode(sys.getfilesystemencoding()) logger.debug("Requesting for provider.json... " "uri: {0}, verify: {1}, headers: {2}".format( uri, verify, headers)) res = self._session.get(uri.encode('idna'), verify=verify, headers=headers, timeout=REQUEST_TIMEOUT) res.raise_for_status() logger.debug("Request status code: {0}".format(res.status_code)) min_client_version = res.headers.get(self.MIN_CLIENT_VERSION, '0') # Not modified if res.status_code == 304: logger.debug("Provider definition has not been modified") # -------------------------------------------------------------- # end refactor, more or less... # XXX Watch out, have to check the supported api yet. else: if flags.APP_VERSION_CHECK: # TODO split if not provider.supports_client(min_client_version): self._signaler.signal( self._signaler.prov_unsupported_client) raise UnsupportedClientVersionError() provider_definition, mtime = get_content(res) provider_config = ProviderConfig() provider_config.load(data=provider_definition, mtime=mtime) provider_config.save(["leap", "providers", domain, "provider.json"]) if flags.API_VERSION_CHECK: # TODO split api_version = provider_config.get_api_version() if provider.supports_api(api_version): logger.debug("Provider definition has been modified") else: api_supported = ', '.join(provider.SUPPORTED_APIS) error = ('Unsupported provider API version. ' 'Supported versions are: {0}. ' 'Found: {1}.').format(api_supported, api_version) logger.error(error) self._signaler.signal(self._signaler.prov_unsupported_api) raise UnsupportedProviderAPI(error)
def httpRequest(agent, url, values=None, headers=None, method='POST', token=None, saveto=None): if values is None: values = {} if headers is None: headers = {} data = '' mtime = None if values: data = urllib.urlencode(values) headers['Content-Type'] = ['application/x-www-form-urlencoded'] isfile = os.path.isfile if saveto is not None and isfile(saveto): # TODO - I think we need a force parameter, because we might have a # malformed file. Or maybe just remove the file if sanity check does # not pass. mtime = get_mtime(saveto) if mtime is not None: headers['if-modified-since'] = [mtime] if token: headers['Authorization'] = ['Token token="%s"' % (bytes(token))] def handle_response(response): log.debug("RESPONSE %s %s %s" % (method, response.code, url)) if response.code == 204: d = defer.succeed('') elif response.code == 401: raise Forbidden() if saveto and mtime and response.code == 304: log.debug('304 (Not modified): %s' % url) raise Unchanged() else: class SimpleReceiver(protocol.Protocol): def __init__(s, d): s.buf = '' s.d = d def dataReceived(s, data): s.buf += data def connectionLost(s, reason): # TODO: test if reason is twisted.web.client.ResponseDone, # if not, do an errback s.d.callback(s.buf) d = defer.Deferred() response.deliverBody(SimpleReceiver(d)) return d def passthru(failure): failure.trap(Unchanged, Forbidden) d = agent.request(method, url, Headers(headers), StringProducer(data) if data else None) d.addCallback(handle_response) if saveto: d.addCallback(lambda body: _write_to_file(body, saveto)) d.addErrback(passthru) return d
def _download_provider_info(self, *args): """ Downloads the provider.json defition """ leap_assert(self._domain, "Cannot download provider info without a domain") logger.debug("Downloading provider info for %r" % (self._domain)) # -------------------------------------------------------------- # TODO factor out with the download routines in services. # Watch out! We're handling the verify paramenter differently here. headers = {} domain = self._domain.encode(sys.getfilesystemencoding()) provider_json = os.path.join(util.get_path_prefix(), get_provider_path(domain)) if domain in PinnedProviders.domains() and \ not os.path.exists(provider_json): mkdir_p(os.path.join(os.path.dirname(provider_json), "keys", "ca")) cacert = os.path.join(os.path.dirname(provider_json), "keys", "ca", "cacert.pem") PinnedProviders.save_hardcoded(domain, provider_json, cacert) mtime = get_mtime(provider_json) if self._download_if_needed and mtime: headers['if-modified-since'] = mtime uri = "https://%s/%s" % (self._domain, "provider.json") verify = self.verify if mtime: # the provider.json exists # So, we're getting it from the api.* and checking against # the provider ca. try: provider_config = ProviderConfig() provider_config.load(provider_json) uri = provider_config.get_api_uri() + '/provider.json' verify = provider_config.get_ca_cert_path() except MissingCACert: # no ca? then download from main domain again. pass if verify: verify = verify.encode(sys.getfilesystemencoding()) logger.debug("Requesting for provider.json... " "uri: {0}, verify: {1}, headers: {2}".format( uri, verify, headers)) res = self._session.get(uri.encode('idna'), verify=verify, headers=headers, timeout=REQUEST_TIMEOUT) res.raise_for_status() logger.debug("Request status code: {0}".format(res.status_code)) min_client_version = res.headers.get(self.MIN_CLIENT_VERSION, '0') # Not modified if res.status_code == 304: logger.debug("Provider definition has not been modified") # -------------------------------------------------------------- # end refactor, more or less... # XXX Watch out, have to check the supported api yet. else: if flags.APP_VERSION_CHECK: # TODO split if not provider.supports_client(min_client_version): if self._signaler is not None: self._signaler.signal( self._signaler.prov_unsupported_client) raise UnsupportedClientVersionError() provider_definition, mtime = get_content(res) provider_config = ProviderConfig() provider_config.load(data=provider_definition, mtime=mtime) provider_config.save( ["leap", "providers", domain, "provider.json"]) if flags.API_VERSION_CHECK: # TODO split api_version = provider_config.get_api_version() if provider.supports_api(api_version): logger.debug("Provider definition has been modified") else: api_supported = ', '.join(provider.SUPPORTED_APIS) error = ('Unsupported provider API version. ' 'Supported versions are: {0}. ' 'Found: {1}.').format(api_supported, api_version) logger.error(error) if self._signaler is not None: self._signaler.signal( self._signaler.prov_unsupported_api) raise UnsupportedProviderAPI(error)
def _download_provider_info(self, *args): """ Downloads the provider.json defition """ leap_assert(self._domain, "Cannot download provider info without a domain") logger.debug("Downloading provider info for %s" % (self._domain)) headers = {} provider_json = os.path.join( ProviderConfig().get_path_prefix(), "leap", "providers", self._domain, "provider.json") mtime = get_mtime(provider_json) if self._download_if_needed and mtime: headers['if-modified-since'] = mtime uri = "https://%s/%s" % (self._domain, "provider.json") verify = not self._bypass_checks if mtime: # the provider.json exists provider_config = ProviderConfig() provider_config.load(provider_json) try: verify = provider_config.get_ca_cert_path() uri = provider_config.get_api_uri() + '/provider.json' except MissingCACert: # get_ca_cert_path fails if the certificate does not exists. pass logger.debug("Requesting for provider.json... " "uri: {0}, verify: {1}, headers: {2}".format( uri, verify, headers)) res = self._session.get(uri, verify=verify, headers=headers, timeout=REQUEST_TIMEOUT) res.raise_for_status() logger.debug("Request status code: {0}".format(res.status_code)) # Not modified if res.status_code == 304: logger.debug("Provider definition has not been modified") else: provider_definition, mtime = get_content(res) provider_config = ProviderConfig() provider_config.load(data=provider_definition, mtime=mtime) provider_config.save(["leap", "providers", self._domain, "provider.json"]) api_version = provider_config.get_api_version() if SupportedAPIs.supports(api_version): logger.debug("Provider definition has been modified") else: api_supported = ', '.join(SupportedAPIs.SUPPORTED_APIS) error = ('Unsupported provider API version. ' 'Supported versions are: {}. ' 'Found: {}.').format(api_supported, api_version) logger.error(error) raise UnsupportedProviderAPI(error)