示例#1
0
文件: client.py 项目: ndawe/pyAMI
    def __init__(self, verbose=False, verbose_format='text'):

        self.verbose = verbose
        self.verbose_format = verbose_format
        self.config = AMIConfig()
        # AMI web service locator
        self.ami_service_locator = AMISecureWebServiceServiceLocator()
        self.cert_info = None
        # AMI Secure Web Service instance
        self.ami_service = None
示例#2
0
文件: auth.py 项目: ndawe/pyAMI
def create_auth_config():

    config = AMIConfig()
    # warn user about encoded password
    config.add_comment('AMI', 'Your password is only base64 encoded here and can be decoded.')
    config.add_comment('AMI', 'Please do not share this file publicly.')
    config.set('AMI', 'AMIUser', raw_input('Username: '******'AMI', 'AMIPass', base64.b64encode(getpass()))
    f = open(AMI_CONFIG, 'w')
    config.write(f)
    f.close()
    # only allow user to read and write
    os.chmod(AMI_CONFIG, 0600)
示例#3
0
文件: client.py 项目: ndawe/pyAMI
class AMIClient(object):
    """
    AMIClient handles sending a command to the AMI server and receiving the
    response.
    """
    def __init__(self, verbose=False, verbose_format='text'):

        self.verbose = verbose
        self.verbose_format = verbose_format
        self.config = AMIConfig()
        # AMI web service locator
        self.ami_service_locator = AMISecureWebServiceServiceLocator()
        self.cert_info = None
        # AMI Secure Web Service instance
        self.ami_service = None

    """
    User/password authentication
    ----------------------------
    """
    def auth(self, user, password):

        self.reset_cert_auth()
        self.authenticate(user, password)

    def is_authenticated(self):
        """
		Returns `True` if user is authenticated, `False` otherwise.
		"""
        return ((self.config.get('AMI', 'AMIPass') != '') and
                (self.config.get('AMI', 'AMIUser') != ''))

    def authenticate(self, user, password):
        """
		Sets User ID and password with *user* and *password* parameters
        respectively.
		"""
        self.config.set('AMI', 'AMIUser', user)
        self.config.set('AMI', 'AMIPass', base64.b64encode(password))

    """
	Certificate authentication
	--------------------------
	"""
    def reset_cert_auth(self):

        self.ami_service = self.ami_service_locator.getAMISecureWebService(
                url=None)

    def set_cert_auth(self):

        try:
            if hasattr(os, "geteuid"):
                user_id = os.geteuid()
            else:
                user_id = -1
        except:
            # in case client isn't running on linux system
            user_id = -1
        options = {}
        #options['capath']= "/etc/grid-security/certificates"
        if user_id == 0:
            # we are running as root, use host certificate
            options['cert_file'] = "/etc/grid-security/hostcert.pem"
            options['key_file'] = "/etc/grid-security/hostkey.pem"
        else:
            proxy_fname = "/tmp/x509up_u%d" % user_id
            # look for a proxy in X509_USER_PROXY env variable
            if (os.environ.has_key("X509_USER_PROXY") and
                    os.path.exists(os.environ['X509_USER_PROXY'])):
                options['cert_file'] = os.environ['X509_USER_PROXY']
                options['key_file'] = os.environ['X509_USER_PROXY']
            # look for a proxy
            elif os.path.exists(proxy_fname):
                options['cert_file'] = proxy_fname
                options['key_file'] = proxy_fname
            # no configured environment
            # using https with no client authentication
            else:
                options = None
        self.cert_info = options
        self.ami_service = self.ami_service_locator.getAMISecureWebService(
                url=None,
                transdict=options)

    """
    Authentication from AMICommand arguments
    ----------------------------------------
    """
    def set_user_credentials(self, args):

        password = None
        user = None
        remove = []
        for arg in args:
            save = arg
            value = ""
            if arg.startswith('-'):
                arg = arg[1:]
                if arg.startswith('-'):
                    arg = arg[1:]
            if arg.find('=') > 0:
                value = arg[arg.find('=') + 1:]
                value = value.replace('=', '\=')
                arg = arg[0:arg.find('=')]
            if arg == 'AMIPass':
                remove.append(save)
                password = value
            if arg == 'AMIUser':
                remove.append(save)
                user = value
        if (user is not None) and (password is not None):
            self.authenticate(user, password)
        out = []
        for arg in args:
            if arg not in remove:
                out.append(arg)
        return out

    """
    Authentication checking
    -----------------------
    """
    def check_auth(self):

        try:
            args = ["GetLevelInfo",
                    "levelName=motherDatabase"]
            result = self.execute(args)
            msg = result.output(xslt='xml')
            return msg[msg.find('amiLogin="******" database')]
        except Exception, error:
            return None