示例#1
0
def authenticate(url,
                 account,
                 key,
                 by='name',
                 expires=0,
                 timestamp=None,
                 timeout=None,
                 request_type="xml",
                 admin_auth=False,
                 use_password=False,
                 raise_on_error=False):
    """ Authenticate to the Zimbra server

    :param url: URL of Zimbra SOAP service
    :param account: The account to be authenticated against
    :param key: The preauth key of the domain of the account or a password (if
      admin_auth or use_password is True)
    :param by: If the account is specified as a name, an ID or a
      ForeignPrincipal
    :param expires: When the token expires (or 0 for default expiration)
    :param timestamp: When the token was requested (None for "now")
    :param timeout: Timeout for the communication with the server. Defaults
      to the urllib2-default
    :param request_type: Which type of request to use ("xml" (default) or
      "json")
    :param admin_auth: This request should authenticate and generate an admin
      token. The "key"-parameter therefore holds the admin password (implies
      use_password)
    :param use_password: The "key"-parameter holds a password. Do a password-
      based user authentication.
    :param raise_on_error: Should I raise an exception when an authentication
      error occurs or just return None?
    :return: The authentication token or None
    :rtype: str or None or unicode
    """

    if timestamp is None:
        timestamp = int(time.time()) * 1000

    pak = ""
    if not admin_auth:
        pak = preauth.create_preauth(account, key, by, expires, timestamp)

    if request_type == 'xml':

        auth_request = RequestXml()

    else:

        auth_request = RequestJson()

    request_data = {'account': {'by': by, '_content': account}}

    ns = "urn:zimbraAccount"

    if admin_auth:

        ns = "urn:zimbraAdmin"

        request_data['password'] = key

    elif use_password:

        request_data['password'] = {"_content": key}

    else:

        request_data['preauth'] = {
            'timestamp': timestamp,
            'expires': expires,
            '_content': pak
        }

    auth_request.add_request('AuthRequest', request_data, ns)

    server = Communication(url, timeout)

    if request_type == 'xml':

        response = ResponseXml()

    else:

        response = ResponseJson()

    server.send_request(auth_request, response)

    if response.is_fault():

        if raise_on_error:

            raise AuthenticationFailed(
                "Cannot authenticate user: (%s) %s" %
                (response.get_fault_code(), response.get_fault_message()))

        return None

    return response.get_response()['AuthResponse']['authToken']['_content']
示例#2
0
def authenticate(url, account, key, by='name', expires=0, timestamp=None,
                 timeout=None, request_type="xml", admin_auth=False,
                 use_password=False, raise_on_error=False):

    """ Authenticate to the Zimbra server

    :param url: URL of Zimbra SOAP service
    :param account: The account to be authenticated against
    :param key: The preauth key of the domain of the account or a password (if
      admin_auth or use_password is True)
    :param by: If the account is specified as a name, an ID or a
      ForeignPrincipal
    :param expires: When the token expires (or 0 for default expiration)
    :param timestamp: When the token was requested (None for "now")
    :param timeout: Timeout for the communication with the server. Defaults
      to the urllib2-default
    :param request_type: Which type of request to use ("xml" (default) or
      "json")
    :param admin_auth: This request should authenticate and generate an admin
      token. The "key"-parameter therefore holds the admin password (implies
      use_password)
    :param use_password: The "key"-parameter holds a password. Do a password-
      based user authentication.
    :param raise_on_error: Should I raise an exception when an authentication
      error occurs or just return None?
    :return: The authentication token or None
    :rtype: str or None or unicode
    """

    if timestamp is None:
        timestamp = int(time.time()) * 1000

    pak = ""
    if not admin_auth:
        pak = preauth.create_preauth(account, key, by, expires, timestamp)

    if request_type == 'xml':

        auth_request = RequestXml()

    else:

        auth_request = RequestJson()

    request_data = {
        'account': {
            'by': by,
            '_content': account
        }
    }

    ns = "urn:zimbraAccount"

    if admin_auth:

        ns = "urn:zimbraAdmin"

        request_data['password'] = key

    elif use_password:

        request_data['password'] = {
            "_content": key
        }

    else:

        request_data['preauth'] = {
            'timestamp': timestamp,
            'expires': expires,
            '_content': pak
        }

    auth_request.add_request(
        'AuthRequest',
        request_data,
        ns
    )

    server = Communication(url, timeout)

    if request_type == 'xml':

        response = ResponseXml()

    else:

        response = ResponseJson()

    server.send_request(auth_request, response)

    if response.is_fault():

        if raise_on_error:

            raise AuthenticationFailed(
                "Cannot authenticate user: (%s) %s" % (
                    response.get_fault_code(),
                    response.get_fault_message()
                )
            )

        return None

    return response.get_response()['AuthResponse']['authToken']
    def run_admin_test(self, request_type):

        """ Actually do the work
        """

        config = get_config()

        if config.getboolean("admin_request_test", "enabled"):

            # Run only if enabled

            token = authenticate(
                config.get("admin_request_test", "admin_url"),
                config.get("admin_request_test", "admin_account"),
                config.get("admin_request_test", "admin_password"),
                config.get("admin_request_test", "admin_account_by"),
                admin_auth=True,
                request_type=request_type
            )

            if token is None:

                self.fail("Authentication with the configured settings "
                          "was not successful")

            # Create an account

            comm = Communication(config.get("admin_request_test", "admin_url"))

            if request_type == "xml":

                request = RequestXml()

            else:

                request = RequestJson()

            request.set_auth_token(token)

            test_account = config.get("admin_request_test", "test_account")

            if "TEMP" in test_account:

                # Generate a random number and add it to the test account

                random.seed()
                temp_account = random.randint(1000000, 5000000)

                test_account = test_account.replace("TEMP", str(temp_account))

            test_displayname = config.get(
                "admin_request_test",
                "test_displayname"
            )

            if sys.version < '3':

                # Create unicode string for py2

                test_displayname = test_displayname.decode("utf-8")

            request.add_request(
                "CreateAccountRequest",
                {
                    "name": test_account,
                    "password": config.get(
                        "admin_request_test",
                        "test_password"
                    ),
                    "a": {
                        "n": "displayName",
                        "_content": test_displayname
                    }
                },
                "urn:zimbraAdmin"
            )

            if request_type == "xml":

                response = ResponseXml()

            else:

                response = ResponseJson()

            comm.send_request(request, response)

            if response.is_fault():

                self.fail(
                    "CreateAccount faulted. (%s) %s" % (
                        response.get_fault_code(),
                        response.get_fault_message()
                    )
                )

            account_id = response.get_response(
            )["CreateAccountResponse"]["account"]["id"]

            # Get account from database and compare display name to the setting

            request.clean()
            request.set_auth_token(token)
            response.clean()

            request.add_request(
                "GetAccountRequest",
                {
                    "account": {
                        "by": "name",
                        "_content": test_account
                    }
                },
                "urn:zimbraAdmin"
            )

            comm.send_request(request, response)

            if response.is_fault():

                self.fail(
                    "GetAccount faulted. (%s) %s" % (
                        response.get_fault_code(),
                        response.get_fault_message()
                    )
                )

            returned_name = get_value(
                response.get_response()["GetAccountResponse"]["account"]["a"],
                "displayName"
            )

            self.assertEqual(
                returned_name,
                test_displayname,
                "Zimbra didn't save the display name as requested."
            )

            # Try to log in as the new account

            user_token = authenticate(
                config.get("admin_request_test", "url"),
                test_account,
                config.get("admin_request_test", "test_password"),
                "name",
                request_type=request_type,
                use_password=True
            )

            if user_token is None:

                self.fail("Cannot log in as the test user.")

            # Remove account

            request.clean()
            response.clean()
            request.set_auth_token(token)

            request.add_request(
                "DeleteAccountRequest",
                {
                    "id": account_id
                },
                "urn:zimbraAdmin"
            )

            comm.send_request(request, response)

            if response.is_fault():

                self.fail(
                    "Cannot remove test account: (%s) %s" % (
                        response.get_fault_code(),
                        response.get_fault_message()
                    )
                )
示例#4
0
    def run_admin_test(self, request_type):
        """ Actually do the work
        """

        config = get_config()

        if config.getboolean("admin_request_test", "enabled"):

            # Run only if enabled

            token = authenticate(config.get("admin_request_test", "admin_url"),
                                 config.get("admin_request_test",
                                            "admin_account"),
                                 config.get("admin_request_test",
                                            "admin_password"),
                                 config.get("admin_request_test",
                                            "admin_account_by"),
                                 admin_auth=True,
                                 request_type=request_type)

            if token is None:

                self.fail("Authentication with the configured settings "
                          "was not successful")

            # Create an account

            comm = Communication(config.get("admin_request_test", "admin_url"))

            if request_type == "xml":

                request = RequestXml()

            else:

                request = RequestJson()

            request.set_auth_token(token)

            request.add_request(
                "CreateAccountRequest", {
                    "name": config.get("admin_request_test", "test_account"),
                    "password": config.get("admin_request_test",
                                           "test_password")
                }, "urn:zimbraAdmin")

            if request_type == "xml":

                response = ResponseXml()

            else:

                response = ResponseJson()

            comm.send_request(request, response)

            if response.is_fault():

                self.fail(
                    "CreateAccount faulted. (%s) %s" %
                    (response.get_fault_code(), response.get_fault_message()))

            account_id = response.get_response(
            )["CreateAccountResponse"]["account"]["id"]

            # Try to log in as the new account

            user_token = authenticate(config.get("admin_request_test", "url"),
                                      config.get("admin_request_test",
                                                 "test_account"),
                                      config.get("admin_request_test",
                                                 "test_password"),
                                      "name",
                                      request_type=request_type,
                                      use_password=True)

            if user_token is None:

                self.fail("Cannot log in as the test user.")

            # Remove account

            request.clean()
            response.clean()
            request.set_auth_token(token)

            request.add_request("DeleteAccountRequest", {"id": account_id},
                                "urn:zimbraAdmin")

            comm.send_request(request, response)

            if response.is_fault():

                self.fail(
                    "Cannot remove test account: (%s) %s" %
                    (response.get_fault_code(), response.get_fault_message()))