Ticket #1105 (new task)

Opened 9 years ago

[S] Integrate Secured PyDAP Client extension into ndg.security.client

Reported by: pjkersha Owned by: pjkersha
Priority: required Milestone: CMIP5 Security
Component: security Version:
Keywords: security, PyDAP Cc:

Description

Integrate secured PyDAP client into security code trunk. Use this test script developed by Stephen (?)...

import urllib2
from M2Crypto import SSL, m2urllib2
from myproxy.client import MyProxyClient

import logging
import re
import os
import getpass
from urlparse import urlparse
import pydap.lib
from pydap.exceptions import ClientError

url = 'http://ndg3beta.badc.rl.ac.uk/'
cert_file = os.path.expanduser('~/.globus/badc_cert.pem')

testfile = 'dap/rapid/chime/co2_1pc/1day/chime_co2_1pc_daily_0060_197.oc.nc'

def make_cert():

    # Get a proxy certificate from the CEDA MyProxy instance
    mp = MyProxyClient(hostname='<CEDA MyProxy Service>', serverCNPrefix='')
    username = getpass.getuser()
    password = getpass.getpass()
    cert, key = mp.logon(username, password)

    # Save the certificate
    cert_fh = open(cert_file, 'w')
    cert_fh.write(key)
    cert_fh.write(cert)
    cert_fh.close()

def init():
    install_ndg_client(cert_file)
    import pydap.client


def secure_init(certfile, keyfile=None):
    # keyfile assumed to be the same as certfile if it's omitted
    if keyfile is None:
        keyfile = certfile
        
    ctx = SSL.Context('sslv3')
    ctx.load_cert(certfile=certfile, keyfile=keyfile)

    #!TODO: persistant cookiejar
    opener = m2urllib2.build_opener(ctx, urllib2.HTTPCookieProcessor())
    urllib2.install_opener(opener)


def install_ndg_client(certfile, keyfile=None):
    # Create special opener with support for Cookies.
    secure_init(certfile, keyfile)

    def new_request(url):
        log = logging.getLogger('pydap')
        log.info('Opening %s' % url)
        r = urllib2.urlopen(url)

        resp = r.headers.dict
        resp['status'] = str(r.code)
        data = r.read()

        # When an error is returned, we parse the error message from the
        # server and return it in a ``ClientError`` exception.
        if resp.get("content-description") == "dods_error":
            m = re.search('code = (?P<code>\d+);\s*message = "(?P<msg>.*)"',
                    data, re.DOTALL | re.MULTILINE)
            msg = 'Server error %(code)s: "%(msg)s"' % m.groupdict()
            raise ClientError(msg)

        return resp, data

    from pydap.util import http
    http.request = new_request

def get():
    return pydap.client.open_url(url + testfile)

Note: See TracTickets for help on using tickets.