Changeset 1999


Ignore:
Timestamp:
13/01/07 15:26:26 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py: added config parser so that params can be set from a configuration file.

python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.
py and python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg: added config parser + prompt for passwords where not set in config.

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:
AA client code - added documentation and changed getAttCert so that an AttCert?
type can be passed in as well as a string for userAttCert arg.

Location:
TI12-security/trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/AttAuthority/__init__.py

    r1990 r1999  
    3030from AttAuthority_services import AttAuthorityServiceLocator 
    3131from ndg.security.common.wsSecurity import SignatureHandler 
    32  
     32from ndg.security.common.AttCert import AttCertParse 
    3333 
    3434#_____________________________________________________________________________ 
     
    183183                         doc="Password protecting client private key file") 
    184184 
     185 
    185186    #_________________________________________________________________________ 
    186187    def __getSrvCert(self): 
     
    211212    #_________________________________________________________________________ 
    212213    def initService(self, uri=None): 
    213         """Set the WS proxy for the Attribute Authority""" 
     214        """Set the WS proxy for the Attribute Authority 
     215         
     216        @type uri: string 
     217        @param uri: URI for service to invoke""" 
    214218        if uri: 
    215219            self.__setURI(uri) 
     
    237241                                     
    238242    #_________________________________________________________________________ 
    239     def getHostInfo(self, clntPriKeyPwd=None): 
     243    def getHostInfo(self): 
    240244        """Get host information for the data provider which the  
    241245        Attribute Authority represents 
    242246         
     247        @rtype dict 
     248        @return dictionary of host information for the target attribute 
     249        authority 
    243250        """ 
    244251 
     
    256263                                     
    257264    #_________________________________________________________________________ 
    258     def getTrustedHostInfo(self, role=None, clntPriKeyPwd=None): 
     265    def getTrustedHostInfo(self, role=None): 
    259266        """Get list of trusted hosts for an Attribute Authority 
    260267         
     268        @type role: string 
     269        @param role: get information for trusted hosts that have a mapping to 
     270        this role 
     271         
     272        @rtype dict 
     273        @return dictionary of trusted hosts indexed by hostname 
    261274        """ 
    262275 
     
    275288 
    276289    #_________________________________________________________________________ 
    277     def getAttCert(self,  
    278                    proxyCert,  
    279                    userAttCert=None,  
    280                    clntPriKeyPwd=None): 
     290    def getAttCert(self, proxyCert, userAttCert=None): 
    281291        """Request attribute certificate from NDG Attribute Authority Web  
    282         Service.""" 
     292        Service. 
     293         
     294        @type proxyCert: string 
     295        @param proxyCert: certificate containing Distinguished Name of user 
     296        to request an Attribute Certificate for 
     297         
     298        @type userAttCert: string / AttCert 
     299        @param userAttCert: user attribute certificate from which to make a  
     300        mapped certificate at the target attribute authority.  userAttCert 
     301        must have been issued from a trusted host to the target 
     302         
     303        @rtype AttCert 
     304        @return attribute certificate for user""" 
    283305 
    284306 
     
    286308        self.__getSrvX509Cert() 
    287309 
    288  
     310        # Ensure cert is serialized before passing over web service interface 
     311        if isinstance(userAttCert, AttCert): 
     312            userAttCert = str(userAttCert) 
     313             
    289314        try:    
    290             resp = self.__srv.getAttCert(proxyCert) 
     315            attCert = AttCertParse(self.__srv.getAttCert(proxyCert,  
     316                                                         userAttCert)) 
    291317                                       
    292318        except Exception, e: 
    293             raise AttAuthorityClientError, "Error: " + str(e) 
    294              
    295         return resp 
     319            raise AttAuthorityClientError, \ 
     320                                "requesting attribute certificate: " + str(e) 
     321             
     322        return attCert 
    296323 
    297324                                     
    298325    #_________________________________________________________________________ 
    299326    def getX509Cert(self): 
    300         """Retrieve the public key of the Attribute Authority""" 
     327        """Retrieve the X.509 certificate of the Attribute Authority 
     328         
     329        @rtype: string 
     330        @return X.509 certificate for Attribute Authority""" 
    301331         
    302332        try:    
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py

    r1967 r1999  
    1515 
    1616import unittest 
    17 import os 
    18 import sys 
     17import os, sys, getpass 
     18from ConfigParser import SafeConfigParser 
    1919 
    2020from ndg.security.common.AttAuthority import AttAuthorityClient 
     
    2323     
    2424    def setUp(self): 
    25         # Session Manager WSDL 
    26         self.uri = 'http://127.0.0.1:5700/AttributeAuthority' 
     25         
     26        configParser = SafeConfigParser() 
     27        configParser.read("./attAuthorityClientTest.cfg") 
     28         
     29        self.cfg = {} 
     30        for section in configParser.sections(): 
     31            self.cfg[section] = dict(configParser.items(section)) 
    2732 
    2833        # Instantiate WS proxy 
    29         self.clnt = AttAuthorityClient(self.uri, tracefile=sys.stderr) 
     34        self.clnt = AttAuthorityClient(self.cfg['setUp']['uri'],  
     35                                       tracefile=sys.stderr) 
    3036    
    3137     
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py

    r1998 r1999  
    77NERC Data Grid Project 
    88 
    9 P J Kershaw 23/02/06 
     9@author P J Kershaw  
     10 
     1123/02/06 
    1012 
    1113Renamed from SessionClientTest.py 27/0/4/06 
    1214Moved and renamed SessionMgrClientTest.py 23/11/06 
    1315 
    14 Copyright (C) 2006 CCLRC & NERC 
    15  
    16 This software may be distributed under the terms of the Q Public License, 
    17 version 1.0 or later. 
     16@copyright (C) 2007 CCLRC & NERC 
     17 
     18@license This software may be distributed under the terms of the Q Public 
     19License, version 1.0 or later. 
    1820""" 
    1921import unittest 
    2022import os, sys, getpass 
    21   
     23from ConfigParser import SafeConfigParser 
     24 
    2225from ndg.security.common.SessionMgr import SessionMgrClient 
    2326from ndg.security.common.SessionCookie import SessionCookie 
     
    3639 
    3740        tracefile = sys.stderr 
     41 
     42        clntPriKeyPwd = self.cfg['setUp'].get('clntprikeypwd') or \ 
     43            getpass.getpass(prompt="\nsetUp - client private key password: ") 
    3844         
    3945        # Initialise the Session Manager client connection 
    4046        # Omit traceFile keyword to leave out SOAP debug info 
    41         self.clnt = SessionMgrClient(uri=self.cfg['setup']['smuri'], 
    42                 smCertFilePath=self.cfg['setup']['smcertfilepath'], 
    43                 clntCertFilePath=self.cfg['setup']['clntcertfilepath'], 
    44                 clntPriKeyFilePath=self.cfg['setup']['clntprikeyfilepath'], 
     47        self.clnt = SessionMgrClient(uri=self.cfg['setUp']['smuri'], 
     48                smCertFilePath=self.cfg['setUp']['smcertfilepath'], 
     49                clntCertFilePath=self.cfg['setUp']['clntcertfilepath'], 
     50                clntPriKeyFilePath=self.cfg['setUp']['clntprikeyfilepath'], 
    4551                clntPriKeyPwd=clntPriKeyPwd, 
    4652                tracefile=tracefile)  
     
    5056 
    5157 
    52     def testAddUser(self): 
     58    def test1AddUser(self): 
    5359        """Add a new user ID to the MyProxy repository""" 
    5460         
    55         passphrase = self.cfg['testAddUser'].get('passphrase') or \ 
    56             getpass.getpass(prompt="\ntestAddUser pass-phrase for new user: ") 
     61        passphrase = self.cfg['test1AddUser'].get('passphrase') or \ 
     62            getpass.getpass(prompt="\ntest1AddUser pass-phrase for new user: ") 
    5763             
    5864        # Note the pass-phrase is read from the file tmp.  To pass 
    5965        # explicitly as a string use the 'pPhrase' keyword instead 
    60         self.clnt.addUser(self.cfg['testAddUser']['username'],  
     66        self.clnt.addUser(self.cfg['test1AddUser']['username'],  
    6167                          pPhrase=passphrase) 
    62         print "Added user '%s'" % self.cfg['testAddUser']['username'] 
    63          
    64  
    65     def testCookieConnect(self): 
    66         """testCookieConnect: Connect as if acting as a browser client -  
     68        print "Added user '%s'" % self.cfg['test1AddUser']['username'] 
     69         
     70 
     71    def test2CookieConnect(self): 
     72        """test2CookieConnect: Connect as if acting as a browser client -  
    6773        a cookie is returned""" 
    6874 
    69         passphrase = self.cfg['testCookieConnect'].get('passphrase') or \ 
    70         getpass.getpass(prompt="\ntestCookieConnect pass-phrase for user: ") 
     75        passphrase = self.cfg['test2CookieConnect'].get('passphrase') or \ 
     76        getpass.getpass(prompt="\ntest2CookieConnect pass-phrase for user: ") 
    7177 
    7278        sSessCookie = self.clnt.connect(\ 
    73                                     self.cfg['testCookieConnect']['username'],  
     79                                    self.cfg['test2CookieConnect']['username'],  
    7480                                    pPhrase=passphrase) 
    7581 
    7682        self.sessCookie = SessionCookie(sSessCookie) 
    7783        print "User '%s' connected to Session Manager:\n%s" % \ 
    78             (self.cfg['testCookieConnect']['username'], sSessCookie) 
    79              
    80  
    81     def testProxyCertConnect(self): 
    82         """testProxyCertConnect: Connect as a command line client -  
     84            (self.cfg['test2CookieConnect']['username'], sSessCookie) 
     85             
     86 
     87    def test3ProxyCertConnect(self): 
     88        """test3ProxyCertConnect: Connect as a command line client -  
    8389        a proxyCert is returned""" 
    8490 
    85         passphrase = self.cfg['testProxyCertConnect'].get('passphrase') or \ 
     91        passphrase = self.cfg['test3ProxyCertConnect'].get('passphrase') or \ 
    8692            getpass.getpass(\ 
    87                     prompt="\ntestProxyCertConnect pass-phrase for user: ") 
     93                    prompt="\ntest3ProxyCertConnect pass-phrase for user: ") 
    8894 
    8995        self.proxyCert = self.clnt.connect(\ 
    90                                self.cfg['testProxyCertConnect']['username'],  
     96                               self.cfg['test3ProxyCertConnect']['username'],  
    9197                               pPhrase=passphrase, 
    9298                               createServerSess=True, 
    9399                               getCookie=False) 
    94100        print "User '%s' connected to Session Manager:\n%s" % \ 
    95             (self.cfg['testProxyCertConnect']['username'], self.proxyCert) 
    96              
    97  
    98     def testCookieDisconnect(self): 
    99         """testCookieDisconnect: disconnect as if acting as a browser client -  
     101            (self.cfg['test3ProxyCertConnect']['username'], self.proxyCert) 
     102             
     103 
     104    def test4CookieDisconnect(self): 
     105        """test4CookieDisconnect: disconnect as if acting as a browser client -  
    100106        a cookie is returned""" 
    101107         
    102         self.testCookieConnect() 
     108        print "\n\t" + self.test4CookieDisconnect.__doc__ 
     109        self.test2CookieConnect() 
    103110         
    104111        self.clnt.disconnect(sessCookie=str(self.sessCookie)) 
     
    106113             
    107114 
    108     def testProxyCertDisconnect(self): 
    109         """testProxyCertDisconnect: Connect as a command line client -  
     115    def test5ProxyCertDisconnect(self): 
     116        """test5ProxyCertDisconnect: Connect as a command line client -  
    110117        a proxyCert is returned""" 
    111118         
    112         self.testProxyCertConnect() 
     119        print "\n\t" + self.test5ProxyCertDisconnect.__doc__ 
     120        self.test3ProxyCertConnect() 
    113121            
    114122        self.clnt.disconnect(proxyCert=self.proxyCert) 
     
    116124 
    117125 
    118     def testCookieReqAuthorisation(self): 
    119         """testCookieReqAuthorisation: make an authorisation request using 
     126    def test6CookieReqAuthorisation(self): 
     127        """test6CookieReqAuthorisation: make an authorisation request using 
    120128        a cookie as authentication credential""" 
    121          
    122         self.testCookieConnect() 
     129 
     130        print "\n\t" + self.test6CookieReqAuthorisation.__doc__         
     131        self.test2CookieConnect() 
    123132        attCert, statusCode, extAttCertList = self.clnt.reqAuthorisation(\ 
    124133            sessID=self.sessCookie.sessionID,  
    125             attAuthorityURI=self.cfg['testCookieReqAuthorisation']['aauri'], 
     134            attAuthorityURI=self.cfg['test6CookieReqAuthorisation']['aauri'], 
    126135            encrSessionMgrURI=self.sessCookie.encrSessionMgrURI) 
    127136         
     
    131140 
    132141 
    133     def testCookieReqAuthorisationWithExtAttCertList(self): 
    134         """testCookieReqAuthorisation: make an authorisation request using 
     142    def test6aCookieReqAuthorisationWithExtAttCertList(self): 
     143        """test6CookieReqAuthorisation: make an authorisation request using 
    135144        a cookie as authentication credential""" 
    136145         
    137         self.testCookieConnect() 
     146        print "\n\t" + self.test6aCookieReqAuthorisationWithExtAttCertList.__doc__         
     147        self.test2CookieConnect() 
    138148         
    139149        aaURI = \ 
    140             self.cfg['testCookieReqAuthorisationWithExtAttCertList']['aauri'] 
     150            self.cfg['test6aCookieReqAuthorisationWithExtAttCertList']['aauri'] 
    141151             
    142152        attCert, statusCode, extAttCertList = self.clnt.reqAuthorisation(\ 
     
    151161 
    152162 
    153     def testProxyCertReqAuthorisation(self): 
    154         """testProxyCertReqAuthorisation: make an authorisation request using 
     163    def test7ProxyCertReqAuthorisation(self): 
     164        """test7ProxyCertReqAuthorisation: make an authorisation request using 
    155165        a proxy cert as authentication credential""" 
    156         self.testProxyCertConnect() 
     166        print "\n\t" + self.test7ProxyCertReqAuthorisation.__doc__ 
     167        self.test3ProxyCertConnect() 
    157168         
    158169        # Request an attribute certificate from an Attribute Authority  
    159170        # using the proxyCert returned from connect() 
    160171         
    161         aaURI = self.cfg['testProxyCertReqAuthorisation']['aauri'] 
     172        aaURI = self.cfg['test7ProxyCertReqAuthorisation']['aauri'] 
    162173        attCert, statusCode, extAttCertList = self.clnt.reqAuthorisation(\ 
    163174                                                 proxyCert=self.proxyCert, 
     
    169180 
    170181 
    171     def testGetX509Cert(self): 
    172         "testGetX509Cert: return the Session Manager's X.509 Cert." 
     182    def test8GetX509Cert(self): 
     183        "test8GetX509Cert: return the Session Manager's X.509 Cert." 
    173184        cert = self.clnt.getX509Cert() 
    174185                                              
     
    182193        map = map(SessionMgrClientTestCase, 
    183194                  ( 
    184                     "testAddUser", 
    185                     "testCookieConnect", 
    186                     "testProxyCertConnect", 
    187                     "testCookieDisconnect", 
    188                     "testProxyCertDisconnect", 
    189                     "testCookieReqAuthorisation", 
    190                     "testProxyCertReqAuthorisation", 
    191                     "testGetX509Cert", 
     195                    "test1AddUser", 
     196                    "test2CookieConnect", 
     197                    "test3ProxyCertConnect", 
     198                    "test4CookieDisconnect", 
     199                    "test5ProxyCertDisconnect", 
     200                    "test6CookieReqAuthorisation", 
     201                    "test6aCookieReqAuthorisationWithExtAttCertList", 
     202                    "test7ProxyCertReqAuthorisation", 
     203                    "test8GetX509Cert", 
    192204                  )) 
    193205        unittest.TestSuite.__init__(self, map) 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg

    r1998 r1999  
    2222# Password protecting client private key - if omitted it will be prompted for 
    2323# from tty 
    24 #clntprikeypwd =  
     24clntprikeypwd = x 
    2525 
    2626clntcertfilepath = ./clntCert.pem 
    2727clntprikeyfilepath = ./clntKey.pem 
    2828 
    29 [testAddUser] 
     29[test1AddUser] 
    3030username = BugsBunny  
    3131# Comment out to prompt for on tty. 
    3232#passphrase = 
    3333  
    34 [testCookieConnect]          
     34[test2CookieConnect]          
    3535username = gabriel 
    3636#passphrase =  
    3737 
    38 [testProxyCertConnect]          
     38[test3ProxyCertConnect]          
    3939username = gabriel 
    4040#passphrase =  
    4141 
    42 [testCookieReqAuthorisation] 
     42[test6CookieReqAuthorisation] 
    4343aaURI = https://localhost:5000/AttributeAuthority 
    4444 
    45 [testCookieReqAuthorisationWithExtAttCertList] 
     45[test6aCookieReqAuthorisationWithExtAttCertList] 
    4646aaURI = https://localhost:5000/AttributeAuthority 
    4747 
    48 [testProxyCertReqAuthorisation] 
     48[test7ProxyCertReqAuthorisation] 
    4949aaURI = https://localhost:5000/AttributeAuthority 
    5050 
Note: See TracChangeset for help on using the changeset viewer.