Changeset 687 for TI12-security

Timestamp:

22/03/06 11:36:47 (15 years ago)

Author:

pjkersha

Message:

Re-arranged directory structure to be more similar to that of an installation.

ndgSessionClient.py:

• added callback setSessCookieFromStdin() for handling stdin cookie input

sessionMgrProperties.xml:

• sessionMgr* tags shortened to sessMgr* names

SessionClient?.py:

• fix - initialise clntPubKeyFilePath in init
• new method retrieveSMpubKeyFromURI() converts URI to local temp file.

Session.py:

• import tempfile for SessionMgr? pub key URI -> temp file download.

Location:

TI12-security/trunk/python

Files:

• NDG/Session.py (modified) (2 diffs)
• NDG/SessionClient.py (modified) (9 diffs)
• conf (added)
• conf/attAuthorityProperties.xml (moved) (moved from TI12-security/trunk/python/attAuthorityProperties.xml)
• ndgSessionClient.py (modified) (4 diffs)
• sessionMgrProperties.xml (modified) (1 diff)
• www (added)
• www/cgi-bin (added)
• www/cgi-bin/security.py (moved) (moved from TI12-security/trunk/python/Tests/security.py)
• www/html (added)
• www/html/ndgCurrentlitRev.gif (moved) (moved from TI12-security/trunk/python/Tests/ndgCurrentlitRev.gif)
• www/html/ndgData.html (moved) (moved from TI12-security/trunk/python/Tests/ndgData.html)
• www/html/ndgUserRegistration.html (moved) (moved from TI12-security/trunk/python/Tests/ndgUserRegistration.html)
• www/html/padlock.gif (moved) (moved from TI12-security/trunk/python/Tests/padlock.gif)

TI12-security/trunk/python/NDG/Session.py

@@ -52 +52 @@
 # Use to pipe output from ZSI ServiceProxy
 from cStringIO import StringIO
+
+# Use in SessionMgr __redirectAuthorisationReq to store Public key
+import tempfile
+
 
 #_____________________________________________________________________________
@@ -989 +993 @@
         # Retrieve the public key from the URI
         try:
-            userSessMgrPubKey = NamedTemporaryFile()
+            userSessMgrPubKey = tempfile.NamedTemporaryFile()
             (fileName, httpResp) = urllib.urlretrieve(userSessMgrPubKeyURI,
                                                       userSessMgrPubKey.name)

TI12-security/trunk/python/NDG/SessionClient.py

@@ -22 +22 @@
 from X509 import *
 from SessionMgrIO import *
+
+import tempfile
 
 
@@ -62 +64 @@
         self.__smPubKeyFilePath = None
         self.__smPubKeyURI = None
+        self.__clntPubKeyFilePath = None
         
         if smWSDL:
@@ -92 +95 @@
         self.__smWSDL = smWSDL
         
-    smWSDL = property(fset=__setSMwsdl,
-                      doc="Set Session Manager WSDL URI")
+    smWSDL = property(fset=__setSMwsdl, doc="Set Session Manager WSDL URI")
                       
     
@@ -132 +134 @@
         
         self.__clntPubKeyFilePath = clntPubKeyFilePath
-        self.__clntPubKeyFilePath = None
         
     clntPubKeyFilePath = property(fset=__setClntPubKeyFilePath,
                                   doc="File path for client public key")
 
-       
+
+    #_________________________________________________________________________
+    def __retrieveSMpubKeyFromURI(self):
+        """Retrieve the public key from the URI"""
+        
+        # Don't proceed unless URI was set - user may have set public key via
+        # smPubKeyFilePath instead
+        if self.__smPubKeyURI is None:
+            return None
+        
+        try:
+            smPubKey = tempfile.NamedTemporaryFile()
+            (fileName, httpResp) = urllib.urlretrieve(smMgrPubKeyURI,
+                                                      smMgrPubKey.name)
+        except Exception, e:
+            raise SessionClientError("Error retrieving Session Manager "+\
+                                     "public key from \"%s\": %s" % \
+                                     (self.__smPubkeyURI, str(e)))
+
+        # Expecting plain text format for returned public key file
+        # 404 error would come back as 'text/html'
+        if 'text/plain' not in httpResp['Content-type']:
+            raise SessionClientError("Error retrieving Session Manager "+\
+                "public key from \"%s\": expecting \"plain/text\"" % \
+                self.__smPubkeyURI)
+             
+        # Return tempfile object as otherwise it will go out of scope and the 
+        # temporary file will be deleted   
+        return smPubKey
+    
+        
     #_________________________________________________________________________
     def serviceProxy(self, smWSDL=None):
@@ -171 +202 @@
             except Exception, e:
                 raise SessionClientError("Pass-phrase not defined: " + str(e))
+
+
+        # If Public key was set by URI, retrieve otherwise get from 
+        # smPubKeyFilePath
+        smPubKeyTmpFile = self.__retrieveSMpubKeyFromURI()
+        if smPubKeyTmpFile:
+            smPubKeyFilePath = smPubKeyTmpFile.name
+        else:
+            smPubKeyFilePath = self.__smPubKeyFilePath 
             
     
@@ -225 +265 @@
             except Exception, e:
                 raise SessionClientError("Pass-phrase not defined: " + str(e))
-            
-    
+
+
+        # If Public key was set by URI, retrieve otherwise get from 
+        # smPubKeyFilePath
+        smPubKeyTmpFile = self.__retrieveSMpubKeyFromURI()
+        if smPubKeyTmpFile:
+            smPubKeyFilePath = smPubKeyTmpFile.name
+        else:
+            smPubKeyFilePath = self.__smPubKeyFilePath 
+
+        
         # Make connection
         try: 
@@ -234 +283 @@
                                 createServerSess=createServerSess,
                                 encrCert=self.__clntPubKeyFilePath,
-                                encrPubKeyFilePath=self.__smPubKeyFilePath) 
+                                encrPubKeyFilePath=smPubKeyFilePath) 
     
             # Pass encrypted request
@@ -299 +348 @@
                 raise SessionClientError("Error parsing session cookie: " + \
                                          str(e))
+
+
+        # If Public key was set by URI, retrieve otherwise get from 
+        # smPubKeyFilePath
+        smPubKeyTmpFile = self.__retrieveSMpubKeyFromURI()
+        if smPubKeyTmpFile:
+            smPubKeyFilePath = smPubKeyTmpFile.name
+        else:
+            smPubKeyFilePath = self.__smPubKeyFilePath 
+
             
         # Make authorisation request
@@ -313 +372 @@
                              extTrustedHostList=extTrustedHostList,
                              encrCert=self.__clntPubKeyFilePath,
-                             encrPubKeyFilePath=self.__smPubKeyFilePath) 
+                             encrPubKeyFilePath=smPubKeyFilePath) 
                                             
             resp = self.__smSrv.reqAuthorisation(authorisationReq=authReq())

TI12-security/trunk/python/ndgSessionClient.py

@@ -26 +26 @@
 #_____________________________________________________________________________
 def setSoapDebug(option, optStr, value, parser):
-    """Callback function for parser"""
+    """Parser Callback function for enabling SOAP debug output"""
     parser.values.soapDebug = sys.stderr
 
@@ -32 +32 @@
 #_____________________________________________________________________________
 def setSessCookie(option, optStr, value, parser):
-    """Callback function for parser"""
+    """Parser Callback function for reading session cookie from command line
+    """
     try:
         parser.values.sessCookie = SimpleCookie(open(value).read().strip())
+        
     except IOError, (errNo, errMsg):
         raise optparse.OptionValueError(\
                     "Reading cookie from file \"%s\": %s" % (value, errMsg))
-        
+                           
     except Exception, e:
         raise optparse.OptionValueError(\
                     "Reading cookie from file \"%s\": %s" % (value, str(e)))
-      
+
+
+#_____________________________________________________________________________
+def setSessCookieFromStdin(option, optStr, value, parser):
+    """Parser Callback function for reading cookie from stdin"""
+    try:
+        # Read from standard input
+        parser.values.sessCookie = SimpleCookie(sys.stdin.read().strip())
+
+    except KeyboardInterrupt:
+        raise optparse.OptionValueError(\
+                    "option \"%s\": expecting cookie set from stdin" % optStr)
+          
+    except Exception, e:
+        raise optparse.OptionValueError(\
+                    "option %s: Reading cookie from file \"%s\": %s" % \
+                    (optStr, value, str(e)))
+                    
+                    
 #_____________________________________________________________________________
 if __name__ == '__main__':
@@ -118 +138 @@
 """Session cookie for --req-autho/-r call.  This is returned from a previous
 connect call (-c USERNAME/--connect=USERNAME).  Note that connect and request
-authoirsatino calls can be combined.  In this case, this arg is not needed as
+authoirsation calls can be combined.  In this case, this arg is not needed as
 the cookie is passed directly from the connect call output to the
 authorisation request e.g. ... -c username -r -s "http://..." -a
@@ -125 +145 @@
     parser.add_option("-e",
                       "--pass-cookie-from-stdin",
-                      action="store_true",
-                      dest="bCookieFromStdin",
-                      default=False,
-                      help="Take session cookie from stdin.")
+                      action="callback",
+                      callback=setSessCookieFromStdin,
+                      dest="sessCookie",
+                      help="Read session cookie from stdin.")
 
     parser.add_option("-a",

TI12-security/trunk/python/sessionMgrProperties.xml

@@ -5 +5 @@
     <keyFile></keyFile>
     <keyPPhrase></keyPPhrase>
-    <sessionMgrEncrKey></sessionMgrEncrKey>
-    <sessionMgrWSDLuri></sessionMgrWSDLuri>
-    <sessionMgrPubKeyURI></sessionMgrPubKeyURI>
+    <sessMgrEncrKey></sessMgrEncrKey>
+    <sessMgrWSDLuri></sessMgrWSDLuri>
+    <sessMgrPubKeyURI></sessMgrPubKeyURI>
     <cookieDomain></cookieDomain>
     <myProxyProp>