示例#1
0
    def post(self, namespace=None, key_name=None, key=None):
        if not namespace:
            return api_base.error(400, 'no namespace specified')

        with db.get_lock('namespace', None, 'all', op='Namespace update'):
            rec = db.get_namespace(namespace)
            if not rec:
                rec = {'name': namespace, 'keys': {}}

            # Allow shortcut of creating key at same time as the namespace
            if key_name:
                if not key:
                    return api_base.error(400, 'no key specified')
                if not isinstance(key, str):
                    # Must be a string to encode()
                    return api_base.error(400, 'key is not a string')
                if key_name == 'service_key':
                    return api_base.error(403, 'illegal key name')

                encoded = str(
                    base64.b64encode(
                        bcrypt.hashpw(key.encode('utf-8'), bcrypt.gensalt())),
                    'utf-8')
                rec['keys'][key_name] = encoded

            # Initialise metadata
            db.persist_metadata('namespace', namespace, {})
            db.persist_namespace(namespace, rec)

        return namespace
示例#2
0
def get_api_token(base_url, namespace='system'):
    with db.get_lock('namespace', None, namespace):
        auth_url = base_url + '/auth'
        logutil.info(None,
                     'Fetching %s auth token from %s' % (namespace, auth_url))
        ns = db.get_namespace(namespace)
        if 'service_key' in ns:
            key = ns['service_key']
        else:
            key = ''.join(
                random.choice(string.ascii_lowercase) for i in range(50))
            ns['service_key'] = key
            db.persist_namespace(namespace, ns)

    r = requests.request('POST',
                         auth_url,
                         data=json.dumps({
                             'namespace': namespace,
                             'key': key
                         }),
                         headers={
                             'Content-Type': 'application/json',
                             'User-Agent': get_user_agent()
                         })
    if r.status_code != 200:
        raise Exception('Unauthorized')
    return 'Bearer %s' % r.json()['access_token']
示例#3
0
 def create_namespace(self, namespace, key_name, key):
     encoded = str(
         base64.b64encode(
             bcrypt.hashpw(key.encode('utf-8'), bcrypt.gensalt())), 'utf-8')
     rec = {'name': namespace, 'keys': {key_name: encoded}}
     db.persist_metadata('namespace', namespace, {})
     db.persist_namespace(namespace, rec)
示例#4
0
    def delete(self, namespace, key_name):
        if not namespace:
            return error(400, 'no namespace specified')
        if not key_name:
            return error(400, 'no key name specified')

        with db.get_lock('namespace', None, namespace):
            ns = db.get_namespace(namespace)
            if ns.get('keys') and key_name in ns['keys']:
                del ns['keys'][key_name]
            else:
                return error(404, 'key name not found in namespace')
            db.persist_namespace(namespace, ns)
示例#5
0
def main():
    print('Creating key %s' % sys.argv[1])

    encoded = str(
        base64.b64encode(
            bcrypt.hashpw(sys.argv[2].encode('utf-8'), bcrypt.gensalt())),
        'utf-8')

    db.persist_namespace('system', {
        'name': 'system',
        'keys': {
            sys.argv[1]: encoded
        }
    })
示例#6
0
def bootstrap_system_key(keyname, key):
    click.echo('Creating key %s' % keyname)

    encoded = str(
        base64.b64encode(bcrypt.hashpw(key.encode('utf-8'), bcrypt.gensalt())),
        'utf-8')

    db.persist_namespace('system', {
        'name': 'system',
        'keys': {
            keyname: encoded
        }
    })
    click.echo('Done')
示例#7
0
def _namespace_keys_putpost(namespace=None, key_name=None, key=None):
    if not namespace:
        return api_base.error(400, 'no namespace specified')
    if not key_name:
        return api_base.error(400, 'no key name specified')
    if not key:
        return api_base.error(400, 'no key specified')
    if key_name == 'service_key':
        return api_base.error(403, 'illegal key name')

    with db.get_lock('namespace', None, 'all', op='Namespace key update'):
        rec = db.get_namespace(namespace)
        if not rec:
            return api_base.error(404, 'namespace does not exist')

        encoded = str(
            base64.b64encode(
                bcrypt.hashpw(key.encode('utf-8'), bcrypt.gensalt())), 'utf-8')
        rec['keys'][key_name] = encoded

        db.persist_namespace(namespace, rec)

    return key_name