Changeset 6943
- Timestamp:
- 07/06/10 15:11:20 (11 years ago)
- Location:
- TI12-security/trunk/MyProxyWebService
- Files:
-
- 3 added
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
TI12-security/trunk/MyProxyWebService/myproxy/server/test/myproxy-ws-logon.sh
r6937 r6943 44 44 45 45 if [ -z $uri ]; then 46 echo -e Give the URI for the MyProxy Logon web service;46 echo -e Give the URI for the MyProxy web service logon request; 47 47 echo -e $usage >&2 ; 48 48 exit 1; … … 90 90 # Post request to MyProxy web service passing username/password for HTTP Basic 91 91 # auth based authentication. 92 # Nb.93 # 1) -t 1 to ensure only one attempt is made94 # 2) --auth-no-challenge force sending of username/password to allow for servers that may not issue an authentication challenge95 #wget $uri --http-user=$username --http-password=$password --post-file=$certreqfilepath --ca-directory=$cadir -O $outfilepath -t 1 --auth-no-challenge96 #response=$(curl $uri -u $username:$password -d "$(cat $certreqfilepath)" --capath $cadir -w " %{http_code}" -s -S)97 #response=$(curl $uri -u $username:$password -F "certificate_request=@${certreqfilepath};get_trustroots=1" --capath $cadir -w " %{http_code}" -s -S)98 92 response=$(curl $uri -u $username:$password --data-urlencode "certificate_request=$(cat $certreqfilepath)" --capath $cadir -w " %{http_code}" -s -S) 99 93 responsemsg=$(echo "$response"|sed '$s/ *\([^ ]* *\)$//') -
TI12-security/trunk/MyProxyWebService/myproxy/server/test/myproxywsgi.ini
r6938 r6943 18 18 19 19 [app:main] 20 paste.app_factory = myproxy.server.wsgi.app:MyProxy LogonApp.app_factory20 paste.app_factory = myproxy.server.wsgi.app:MyProxyApp.app_factory 21 21 prefix = myproxy. 22 22 myproxy.httpbasicauth.realm = myproxy-realm 23 myproxy.logon FuncEnvKeyName = MYPROXY_LOGON_FUNC24 myproxy. rePathMatchList = /logon23 myproxy.logon.logonFuncEnvKeyName = MYPROXY_LOGON_FUNC 24 myproxy.logon.rePathMatchList = /logon 25 25 myproxy.getTrustRoots.path = /get-trustroots 26 26 #myproxy.client.hostname = localhost -
TI12-security/trunk/MyProxyWebService/myproxy/server/test/test_myproxywsgi.cfg
r6897 r6943 12 12 # The %(here)s variable will be replaced with the parent directory of this file 13 13 # 14 [test01Logon] 15 username = https://ceda.ac.uk/openid/Philip.Kershaw 16 #username: pjk 17 #password = mypassword 14 [MyProxyLogonAppTestCase.test01Logon] 15 username: pjk 16 password = mypassword 18 17 uri = https://localhost:10443/logon -
TI12-security/trunk/MyProxyWebService/myproxy/server/test/test_myproxywsgi.py
r6938 r6943 31 31 def __call__(self, environ, start_response): 32 32 33 assert(environ[MyProxyClientMiddleware. CLIENT_ENV_KEYNAME])34 assert(environ[MyProxyClientMiddleware. LOGON_FUNC_ENV_KEYNAME])33 assert(environ[MyProxyClientMiddleware.DEFAULT_CLIENT_ENV_KEYNAME]) 34 assert(environ[MyProxyClientMiddleware.DEFAULT_LOGON_FUNC_ENV_KEYNAME]) 35 35 status = "200 OK" 36 36 … … 97 97 def test01Logon(self): 98 98 # Test successful logon 99 username = self.cfg.get('test01Logon', 'username') 99 username = self.cfg.get('MyProxyLogonAppTestCase.test01Logon', 100 'username') 100 101 try: 101 password = self.cfg.get('test01Logon', 'password') 102 password = self.cfg.get('MyProxyLogonAppTestCase.test01Logon', 103 'password') 102 104 except NoOptionError: 103 password = getpass(' test01Logon password: ')105 password = getpass('MyProxyLogonAppTestCase.test01Logon password: ') 104 106 105 107 base64String = base64.encodestring('%s:%s' % (username, password))[:-1] … … 109 111 # Create key pair and certificate request 110 112 keyPair, certReq = self._createRequestCreds() 111 response = self.app.post('/logon', certReq, headers=headers, status=200) 113 114 postData = { 115 MyProxyClientMiddleware.CERT_REQ_POST_PARAM_KEYNAME: certReq 116 } 117 response = self.app.post('/logon', postData, headers=headers, 118 status=200) 112 119 print response 113 120 self.assert_(response) … … 126 133 # Test with missing certificate request 127 134 128 username = self.cfg.get('test01Logon', 'username') 129 try: 130 password = self.cfg.get('test01Logon', 'password') 131 except NoOptionError: 132 password = getpass('test01Logon password: ') 133 135 # Username and password don't matter - exception is raised in server 136 # middleware prior to authentication 137 username = '' 138 password = '' 139 134 140 base64String = base64.encodestring('%s:%s' % (username, password))[:-1] 135 141 authHeader = "Basic %s" % base64String … … 144 150 # Test HTTP GET request - should be rejected - POST is expected 145 151 146 username = self.cfg.get('test01Logon', 'username') 147 try: 148 password = self.cfg.get('test01Logon', 'password') 149 except NoOptionError: 150 password = getpass('test01Logon password: ') 151 152 # Username and password don't matter - exception is raised in server 153 # middleware prior to authentication 154 username = '' 155 password = '' 152 156 base64String = base64.encodestring('%s:%s' % (username, password))[:-1] 153 157 authHeader = "Basic %s" % base64String … … 166 170 self.assert_(response) 167 171 print response 172 173 # Test deserialisation 174 for line in response.body.split('\n'): 175 fieldName, val = line.split('=', 1) 176 print("%s: %s\n" % (fieldName, base64.b64decode(val))) 168 177 169 178 if __name__ == "__main__": -
TI12-security/trunk/MyProxyWebService/myproxy/server/wsgi/app.py
r6938 r6943 25 25 """ 26 26 PARAM_PREFIX = 'myproxy.' 27 LOGON_PARAM_PREFIX = 'logon.' 27 28 GET_TRUSTROOTS_PARAM_PREFIX = 'getTrustRoots.' 28 29 HTTPBASICAUTH_REALM_OPTNAME = 'httpbasicauth.realm' … … 44 45 45 46 # HTTP Basic auth middleware - a container for MyProxy logon 47 logonPrefix = prefix + cls.LOGON_PARAM_PREFIX 46 48 httpBasicAuthMWare = HttpBasicAuthMiddleware.filter_app_factory(app, 47 48 prefix=prefix,49 49 global_conf, 50 prefix=logonPrefix, 51 **app_conf) 50 52 51 53 # MyProxy get trust roots middleware … … 54 56 httpBasicAuthMWare, 55 57 global_conf, 56 prefix=getTrustRootsPrefix) 58 prefix=getTrustRootsPrefix, 59 **app_conf) 57 60 58 61 # Middleware to hold a MyProxy client and expose interface in environ … … 66 69 httpBasicAuthMWare.authnFuncEnvironKeyName = app.logonFuncEnvironKeyName 67 70 68 # Mirror callback function setting in HTTP Basic Auth middleware so 69 # that it correctly picks up the authentication function 71 # Set Get trust roots middleware to use the MyProxyClient environ key 72 # name set by MyProxyClientMiddleware 73 getTrustRootsMWare.clientEnvironKeyName = app.clientEnvironKeyName 74 75 # Pick up HTTP Basic Auth realm setting 70 76 realmOptName = prefix + cls.HTTPBASICAUTH_REALM_OPTNAME 71 77 httpBasicAuthMWare.realm = app_conf[realmOptName] -
TI12-security/trunk/MyProxyWebService/myproxy/server/wsgi/middleware.py
r6938 r6943 15 15 import socket 16 16 import httplib 17 from cStringIO import StringIO 17 import base64 18 18 19 19 from webob import Request … … 98 98 99 99 # Default environ key names 100 LOGON_FUNC_ENV_KEYNAME = ('myproxy.server.wsgi.middleware.'101 'MyProxyClientMiddleware.logon')100 DEFAULT_LOGON_FUNC_ENV_KEYNAME = ('myproxy.server.wsgi.middleware.' 101 'MyProxyClientMiddleware.logon') 102 102 103 103 CERT_REQ_POST_PARAM_KEYNAME = 'certificate_request' … … 175 175 176 176 logonFuncEnvKeyOptName = prefix + \ 177 MyProxyClientMiddleware.LOGON_FUNC_ENV_KEYNAME_OPTNAME177 MyProxyClientMiddleware.LOGON_FUNC_ENV_KEYNAME_OPTNAME 178 178 179 179 self.logonFuncEnvironKeyName = app_conf.get(logonFuncEnvKeyOptName, 180 MyProxyClientMiddleware.LOGON_FUNC_ENV_KEYNAME)180 MyProxyClientMiddleware.DEFAULT_LOGON_FUNC_ENV_KEYNAME) 181 181 182 182 def _getLogonFuncEnvironKeyName(self): … … 469 469 470 470 # Serialise dict response 471 response = "\n".join(["%s=%s" % i for i in trustRoots.items()]) 471 response = "\n".join(["%s=%s" % (k, base64.b64encode(v)) 472 for k,v in trustRoots.items()]) 472 473 473 474 return response
Note: See TracChangeset
for help on using the changeset viewer.