Changeset 6945 for TI12-security/trunk


Ignore:
Timestamp:
07/06/10 16:38:38 (9 years ago)
Author:
pjkersha
Message:

Incomplete - task 5: MyProxy? Logon HTTPS Interface

  • working unit tests with shell script clients called from the unit tests
Location:
TI12-security/trunk/MyProxyWebService/myproxy/server/test
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/MyProxyWebService/myproxy/server/test/myproxy-ws-get-trustroots.sh

    r6943 r6945  
    22# 
    33# Client script for web service interface to MyProxy get-trustroots based on  
    4 # openssl and curl.  Get trust roots retrieves the CA certificate issuer(s) of 
    5 # the MyProxy server's SSL certificate 
     4# curl and base64 commands.  Get trust roots retrieves the CA certificate  
     5# issuer(s) of the MyProxy server's SSL certificate 
    66# 
    77# @author P J Kershaw 07/06/2010 
     
    1313# $Id$ 
    1414cmdname=$(basename $0) 
    15 cmdline_opt=`getopt -o hU:b --long help,uri:,bootstrap: -n "$cmdname" -- "$@"` 
     15cmdline_opt=`getopt -o hU:b --long help,uri:,bootstrap -n "$cmdname" -- "$@"` 
    1616 
    1717usage="Usage: $cmdname [-U MyProxy Web Service URI][-b]\n 
     
    5959    ca_arg="--capath $cadir" 
    6060else 
     61    echo Bootstrapping MyProxy server root of trust. 
    6162    ca_arg="--insecure" 
    6263fi 
    6364 
    6465# Post request to MyProxy web service 
    65 echo curl $uri $ca_arg -w " %{http_code}" -s -S 
    66 response=$(curl $uri $ca_arg -w " %{http_code}" -s -S) 
     66response=$(curl $uri --sslv3 $ca_arg -w " %{http_code}" -s -S) 
    6767responsemsg=$(echo "$response"|sed '$s/ *\([^ ]* *\)$//') 
    6868responsecode=$(echo $response|awk '{print $NF}') 
     
    7979    echo "$filecontent" > $cadir/$filename 
    8080done 
     81 
     82echo Trust roots have been installed in $cadir. 
  • TI12-security/trunk/MyProxyWebService/myproxy/server/test/myproxy-ws-logon.sh

    r6943 r6945  
    9090# Post request to MyProxy web service passing username/password for HTTP Basic 
    9191# auth based authentication.   
    92 response=$(curl $uri -u $username:$password --data-urlencode "certificate_request=$(cat $certreqfilepath)" --capath $cadir -w " %{http_code}" -s -S) 
     92response=$(curl $uri --sslv3 -u $username:$password --data-urlencode "certificate_request=$(cat $certreqfilepath)" --capath $cadir -w " %{http_code}" -s -S) 
    9393responsemsg=$(echo "$response"|sed '$s/ *\([^ ]* *\)$//') 
    9494responsecode=$(echo $response|awk '{print $NF}') 
  • TI12-security/trunk/MyProxyWebService/myproxy/server/test/myproxywsgi.ini

    r6943 r6945  
    2525myproxy.getTrustRoots.path = /get-trustroots 
    2626#myproxy.client.hostname = localhost 
    27 myproxy.client.hostname = gabriel.badc.rl.ac.uk 
    2827myproxy.client.caCertDir = /etc/grid-security/certificates 
  • TI12-security/trunk/MyProxyWebService/myproxy/server/test/test_myproxywsgi.cfg

    r6943 r6945  
    11# 
    2 # MyProxy Logon Application in file for unit tests. 
     2# MyProxy Logon Application config file for unit tests. 
    33# 
    44# Author: P J Kershaw 
     
    1616password = mypassword 
    1717uri = https://localhost:10443/logon 
     18 
     19[MyProxyLogonAppWithPasterTestCase.test02LogonScript] 
     20username: pjk 
     21password = mypassword 
     22uri = https://localhost:10443/logon 
     23 
     24[MyProxyLogonAppWithPasterTestCase.test02GetTrustRootsScript] 
     25uri = https://localhost:10443/get-trustroots 
     26 
  • TI12-security/trunk/MyProxyWebService/myproxy/server/test/test_myproxywsgi_with_paster.py

    r6897 r6945  
    3030    """ 
    3131    THIS_DIR = path.dirname(__file__) 
     32    CA_DIRNAME = 'ca' 
     33    CA_DIR = path.join(THIS_DIR, CA_DIRNAME) 
     34    CA_ENV_VARNAME = 'X509_CERT_DIR' 
    3235    INI_FILENAME = 'myproxywsgi.ini' 
    3336    INI_FILEPATH = path.join(THIS_DIR, INI_FILENAME)   
     
    3841 
    3942    SERVICE_PORTNUM = 10443 
    40     SCRIPT_CMD = 'myproxy-ws-logon.sh' 
     43    LOGON_SCRIPT_CMD = 'myproxy-ws-logon.sh' 
     44    LOGON_SCRIPT_USER_OPTNAME = '--username' 
     45    LOGON_SCRIPT_STDIN_PASS_OPTNAME = '--stdin_pass' 
     46     
    4147    SCRIPT_URI_OPTNAME = '--uri' 
    42     SCRIPT_USER_OPTNAME = '--username' 
    43     SCRIPT_STDIN_PASS = '--stdin_pass' 
     48     
     49    GET_TRUSTROOTS_SCRIPT_CMD = 'myproxy-ws-get-trustroots.sh' 
     50    GET_TRUSTROOTS_SCRIPT_BOOTSTRAP_OPTNAME = '--bootstrap' 
    4451     
    4552    def __init__(self, *arg, **kw): 
     
    5865                        withLoggingConfig=False) 
    5966     
    60     def test01Script(self): 
    61         # Test wget/openssl based client script access 
    62         username = self.cfg.get('test01Logon', 'username') 
    63         try:  
    64             password = self.cfg.get('test01Logon', 'password') 
    65         except NoOptionError: 
    66             password = getpass('test01Logon password: ') 
    67  
    68         uri = self.cfg.get('test01Logon', 'uri') 
     67    def test01GetTrustRootsScriptWithBootstrap(self): 
     68        # Test curl/base64 based client script 
     69        optName = 'MyProxyLogonAppWithPasterTestCase.test02GetTrustRootsScript' 
     70        uri = self.cfg.get(optName, 'uri') 
    6971         
    7072        cmd = ( 
    71             self.__class__.SCRIPT_CMD,  
     73            self.__class__.GET_TRUSTROOTS_SCRIPT_CMD,  
    7274            "%s=%s" % (self.__class__.SCRIPT_URI_OPTNAME, uri), 
    73             "%s=%s" % (self.__class__.SCRIPT_USER_OPTNAME, username), 
    74             self.__class__.SCRIPT_STDIN_PASS 
     75            "%s" % self.__class__.GET_TRUSTROOTS_SCRIPT_BOOTSTRAP_OPTNAME 
     76        ) 
     77                 
     78        proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, 
     79                                stderr=subprocess.PIPE, 
     80                                env={self.__class__.CA_ENV_VARNAME: 
     81                                     self.__class__.CA_DIR}) 
     82        stdoutdata, stderrdata = proc.communicate() 
     83        self.failIf(len(stderrdata) > 0, "An error message was returned: %s" %  
     84                    stderrdata) 
     85        print("stdout = %s" % stdoutdata) 
     86     
     87    def test02LogonScript(self): 
     88        # Test curl/openssl based client script access 
     89        optName = 'MyProxyLogonAppWithPasterTestCase.test02LogonScript' 
     90        username = self.cfg.get(optName, 'username') 
     91        try:  
     92            password = self.cfg.get(optName, 'password') 
     93        except NoOptionError: 
     94            password = getpass(optName + ' password: ') 
     95 
     96        uri = self.cfg.get(optName, 'uri') 
     97         
     98        cmd = ( 
     99            self.__class__.LOGON_SCRIPT_CMD,  
     100            "%s=%s"%(self.__class__.SCRIPT_URI_OPTNAME, uri), 
     101            "%s=%s"%(self.__class__.LOGON_SCRIPT_USER_OPTNAME, username), 
     102            self.__class__.LOGON_SCRIPT_STDIN_PASS_OPTNAME 
    75103        ) 
    76104                 
     
    78106        p2 = subprocess.Popen(cmd, stdin=p1.stdout, stdout=subprocess.PIPE, 
    79107                              stderr=subprocess.PIPE, 
    80                               env={'X509_CERT_DIR':self.__class__.THIS_DIR}) 
     108                              env={self.__class__.CA_ENV_VARNAME: 
     109                                   self.__class__.CA_DIR}) 
    81110        stdoutdata, stderrdata = p2.communicate() 
    82111        self.failIf(len(stderrdata) > 0, "An error message was returned: %s" %  
Note: See TracChangeset for help on using the changeset viewer.