def galaxyGetSecurityHelper():
from galaxy.web.security import SecurityHelper
config = GalaxyConfigParser()
id_secret = config.getWithDefault('proto_id_secret',
'USING THE DEFAULT IS ALSO NOT SECURE!',
section='galaxy_proto')
return SecurityHelper(id_secret=id_secret)
def __init__(self):
self.config = bunch.Bunch(tool_secret="awesome_secret", )
self.model = mapping.init("/tmp",
"sqlite:///:memory:",
create_tables=True)
self.toolbox = TestToolbox()
self.datatypes_registry = TestDatatypesRegistry()
self.security = SecurityHelper(id_secret="testing")
def __init__(self, test_directory, mock_model=True):
# The following line is needed in order to create
# HistoryDatasetAssociations - ideally the model classes would be
# usable without the ORM infrastructure in place.
in_memomry_model = mapping.init("/tmp",
"sqlite:///:memory:",
create_tables=True)
self.datatypes_registry = Bunch(
integrated_datatypes_configs=
'/galaxy/integrated_datatypes_configs.xml',
get_datatype_by_extension=lambda ext: Bunch(),
)
self.config = Bunch(
outputs_to_working_directory=False,
commands_in_new_shell=True,
new_file_path=os.path.join(test_directory, "new_files"),
tool_data_path=os.path.join(test_directory, "tools"),
root=os.path.join(test_directory, "galaxy"),
admin_users="*****@*****.**",
len_file_path=os.path.join('tool-data', 'shared', 'ucsc', 'chrom'),
builds_file_path=os.path.join('tool-data', 'shared', 'ucsc',
'builds.txt.sample'),
migrated_tools_config=os.path.join(test_directory,
"migrated_tools_conf.xml"),
)
# Setup some attributes for downstream extension by specific tests.
self.job_config = Bunch(dynamic_params=None, )
# Two ways to handle model layer, one is to stub out some objects that
# have an interface similar to real model (mock_model) and can keep
# track of 'persisted' objects in a map. The other is to use a real
# sqlalchemy layer but target an in memory database. Depending on what
# is being tested.
if mock_model:
# Create self.model to mimic app.model.
self.model = Bunch(context=MockContext())
for module_member_name in dir(galaxy.model):
module_member = getattr(galaxy.model, module_member_name)
if type(module_member) == type:
self.model[module_member_name] = module_member
else:
self.model = in_memomry_model
self.genome_builds = GenomeBuilds(self)
self.toolbox = None
self.object_store = None
self.security = SecurityHelper(id_secret="testing")
from galaxy.security import GalaxyRBACAgent
self.job_queue = NoopQueue()
self.security_agent = GalaxyRBACAgent(self.model)
self.tool_data_tables = {}
self.dataset_collections_service = None
self.container_finder = NullContainerFinder()
self.name = "galaxy"
def run():
#id_secret='cff03377815197df' # 567cc1640266789c'
id_secret = '0123456789abcdef'
cipher = Blowfish.new(smart_str(id_secret), mode=Blowfish.MODE_ECB)
message = '*****@*****.**'
s = smart_str(message)
# Pad to a multiple of 8 with leading "!"
s = (b"!" * (8 - len(s) % 8)) + s
print "S: " + s
# Encrypt
encrypted = cipher.encrypt(s)
print "Encrypted: " + encrypted
encoded = codecs.encode(encrypted, "hex")
print "Encoded: " + encoded
#print unicodify(codecs.encode(cipher.encrypt(s), 'hex'))
print unicodify(encoded)
security = SecurityHelper(id_secret=id_secret)
print security.encode_guid(message)
parser.add_argument('action', metavar='ACTION', type=str,
default=None,
help='decode|encode')
parser.add_argument('value', metavar='VALUE', type=str,
default=None,
help='value to encode or decode')
populate_config_args(parser)
args = parser.parse_args()
app_properties = app_properties_from_args(args)
helper = SecurityHelper(id_secret=app_properties.get('id_secret'))
# We need the ID secret for configuring the security helper to decrypt
# galaxysession cookies.
if "id_secret" not in app_properties:
log.warning('No ID_SECRET specified. Please set the "id_secret" in your galaxy.yml.')
id_secret = app_properties.get('id_secret', 'dangerous_default')
security_helper = SecurityHelper(id_secret=id_secret)
# And get access to the models
# Login manager to manage current_user functionality
if args.action == 'decode':
sys.stdout.write(security_helper.decode_guid(args.value.lstrip('F')))
elif args.action == 'encode':
sys.stdout.write(security_helper.encode_guid(args.value))
else:
sys.stdout.write("Unknown argument")
sys.stdout.write('\n')
parser = argparse.ArgumentParser()
parser.add_argument('action',
metavar='ACTION',
type=str,
default=None,
help='decode|encode')
parser.add_argument('value',
metavar='VALUE',
type=str,
default=None,
help='value to encode or decode')
populate_config_args(parser)
args = parser.parse_args()
app_properties = app_properties_from_args(args)
helper = SecurityHelper(id_secret=app_properties.get('id_secret'))
# We need the ID secret for configuring the security helper to decrypt
# galaxysession cookies.
if "id_secret" not in app_properties:
log.warning(
'No ID_SECRET specified. Please set the "id_secret" in your galaxy.yml.'
)
id_secret = app_properties.get('id_secret', 'dangerous_default')
security_helper = SecurityHelper(id_secret=id_secret)
# And get access to the models
# Login manager to manage current_user functionality
if args.action == 'decode':
app_properties = app_properties_from_args(args)
config = galaxy.config.Configuration(**app_properties)
model = galaxy.config.init_models_from_config(config)
sa_session = model.context.current
# We need the ID secret for configuring the security helper to decrypt
# galaxysession cookies.
if "id_secret" not in app_properties:
log.warning(
'No ID_SECRET specified. Please set the "id_secret" in your galaxy.ini.'
)
id_secret = app_properties.get('id_secret', 'dangerous_default')
security_helper = SecurityHelper(id_secret=id_secret)
# And get access to the models
# Login manager to manage current_user functionality
login_manager = flask_login.LoginManager()
app = Flask(__name__)
app.config['SECRET_KEY'] = id_secret
login_manager.init_app(app)
socketio = SocketIO(app)
@login_manager.request_loader
def findUserByCookie(request):
cookie_value = request.cookies.get('galaxysession')
if not cookie_value:
return None
parser = argparse.ArgumentParser()
parser.add_argument('action', metavar='ACTION', type=str,
default=None,
help='decode|encode')
parser.add_argument('value', metavar='VALUE', type=str,
default=None,
help='value to encode or decode')
populate_config_args(parser)
args = parser.parse_args()
app_properties = app_properties_from_args(args)
# We need the ID secret for configuring the security helper to decrypt
# galaxysession cookies.
if "id_secret" not in app_properties:
log.warning('No ID_SECRET specified. Please set the "id_secret" in your galaxy.yml.')
id_secret = app_properties.get('id_secret', 'dangerous_default')
security_helper = SecurityHelper(id_secret=id_secret)
# And get access to the models
# Login manager to manage current_user functionality
if args.action == 'decode':
sys.stdout.write(security_helper.decode_guid(args.value.lstrip('F')))
elif args.action == 'encode':
sys.stdout.write(unicodify(security_helper.encode_guid(args.value)))
else:
sys.stdout.write("Unknown argument")
sys.stdout.write('\n')