[X2Go-Commits] x2gobroker.git - uccsoutput (branch) updated: 0.0.1.0-46-gb487008
X2Go dev team
git-admin at x2go.org
Wed Apr 17 01:25:29 CEST 2013
The branch, uccsoutput has been updated
via b487008f79052cc4da52e7e6093ff99a3d1a80af (commit)
via 8c27295aedf58ab801edad949dde0ca121eb5f18 (commit)
via e1c90224f4e364345e9e76aa3db086988e03a056 (commit)
via e6bbdb5bb97de5ee01cd9e659ba43f1dde5c7376 (commit)
via 6ab6f454d8976ab5c42937e44e81ab2bf570f9e6 (commit)
via e19494d1cf6fa3f04f946d50196c3a5123835ba2 (commit)
via c09f1966fdde02156a5371b2a909b13b3620dc4f (commit)
via 5b884430d73643ab81fc0aac11f22e52be8706ee (commit)
via 3fd14f204a2f570d88c95b455fdcffd57b99ed4e (commit)
via 870b98422e7e2ceff6e2f2c5f90172e63109b75a (commit)
from 8546ee4fcd4c094b1a1a7a04ba81ed549055920e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b487008f79052cc4da52e7e6093ff99a3d1a80af
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Wed Apr 17 01:24:03 2013 +0200
Add Apache2 configuration for WSGI support that shows how to setup a VirtualHost for X2Go Session Broker.
Conflicts (resolved by Mike Gabriel):
debian/changelog
commit 8c27295aedf58ab801edad949dde0ca121eb5f18
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Wed Apr 17 01:20:22 2013 +0200
postrm script for x2gobroker-authservice
commit e1c90224f4e364345e9e76aa3db086988e03a056
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Wed Apr 17 01:19:54 2013 +0200
implement: basicauth, my-uccs-url-base global config option, several fixed in uccsjson.py, WSGI passthrough of authorization requests. This commit makes communication between thin-client-config-agent and the X2GO Session Broker possible
commit e6bbdb5bb97de5ee01cd9e659ba43f1dde5c7376
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Apr 16 23:06:54 2013 +0200
divert GET method of UCCS frontend to head() method
commit 6ab6f454d8976ab5c42937e44e81ab2bf570f9e6
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Apr 16 22:55:36 2013 +0200
remote-login-service uses HEAD request method, the URL contains the API version
commit e19494d1cf6fa3f04f946d50196c3a5123835ba2
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Apr 16 12:10:08 2013 +0200
throw a 404 if broker backend cannot be found (html webui)
commit c09f1966fdde02156a5371b2a909b13b3620dc4f
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Apr 16 12:09:53 2013 +0200
throw a 404 if broker backend cannot be found (uccs webui)
commit 5b884430d73643ab81fc0aac11f22e52be8706ee
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Apr 16 12:09:41 2013 +0200
throw a 404 if broker backend cannot be found (plain webui)
commit 3fd14f204a2f570d88c95b455fdcffd57b99ed4e
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Apr 16 12:03:05 2013 +0200
Fix hard-coded path to x2gobroker's authservice socket.
commit 870b98422e7e2ceff6e2f2c5f90172e63109b75a
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Apr 16 11:51:08 2013 +0200
add more debug messages to authservice
-----------------------------------------------------------------------
Summary of changes:
debian/changelog | 3 +
...daemon.postrm => x2gobroker-authservice.postrm} | 12 +--
debian/x2gobroker-wsgi.install | 3 +-
debian/x2gobroker-wsgi.links | 3 +-
etc/x2gobroker-wsgi.apache.conf | 1 +
etc/x2gobroker-wsgi.apache.vhost | 75 +++++++++++++++
etc/x2gobroker.conf | 2 +
x2gobroker/authservice.py | 7 +-
x2gobroker/brokers/base_broker.py | 3 +
x2gobroker/defaults.py | 3 +-
x2gobroker/uccsjson.py | 30 +++---
x2gobroker/web/html.py | 10 +-
x2gobroker/web/plain.py | 11 ++-
x2gobroker/web/uccs.py | 97 ++++++++++++++------
14 files changed, 196 insertions(+), 64 deletions(-)
copy debian/{x2gobroker-daemon.postrm => x2gobroker-authservice.postrm} (62%)
create mode 100644 etc/x2gobroker-wsgi.apache.vhost
The diff of changes is:
diff --git a/debian/changelog b/debian/changelog
index a550fc2..adbbcd8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,11 +3,14 @@ x2gobroker (0.0.1.1-0~x2go1) UNRELEASED; urgency=low
* New upstream version (0.0.1.1):
- Add WSGI support to X2Go Session Broker. Allows plugging into
Apache2 by using the mod_wsgi module.
+ - Add Apache2 configuration for WSGI support that shows how to
+ setup a VirtualHost for X2Go Session Broker.
- Add cmd and directrdp session profile parameters to defaults.
- Fix wrong usage of session option »cmd«, has to be »command«.
- For sessions profiles with autologin enable, add a dummy key
session profile parameter that triggers key based auth in X2Go Client.
(Fixes: #154).
+ - Fix hard-coded path to x2gobroker's authservice socket.
* /debian/control:
+ Fix --root parameter in DEB_PYTHON_INSTALL_ARGS.
* Properly remove the X2Go Session broker log files on package purgal.
diff --git a/debian/x2gobroker-daemon.postrm b/debian/x2gobroker-authservice.postrm
similarity index 62%
copy from debian/x2gobroker-daemon.postrm
copy to debian/x2gobroker-authservice.postrm
index 3eba400..284e881 100755
--- a/debian/x2gobroker-daemon.postrm
+++ b/debian/x2gobroker-authservice.postrm
@@ -1,5 +1,5 @@
#! /bin/sh
-# postrm script for x2gobroker-daemon
+# postrm script for x2gobroker-authservice
#
# see: dh_installdeb(1)
# summary of how this script can be called:
@@ -19,21 +19,13 @@ set -e
case "$1" in
purge)
- if [ ! -d /usr/share/doc/x2gobroker-agent ] && [ ! -d /usr/share/doc/x2gobroker-authservice ] && [ ! -d /usr/share/doc/x2gobroker-wsgi ]; then
+ if [ ! -d /usr/share/doc/x2gobroker-daemon ] && [ ! -d /usr/share/doc/x2gobroker-wsgi ] && [ ! -d /usr/share/doc/x2gobroker-agent ] ; then
if dpkg-statoverride --list /var/log/x2gobroker 1>/dev/null; then
dpkg-statoverride --remove /var/log/x2gobroker
fi
rm -Rf /var/log/x2gobroker
fi
- if [ ! -d /usr/share/doc/x2gobroker-agent ] && [ ! -d /usr/share/doc/x2gobroker-wsgi ]; then
- # remove user/group x2gobroker from system (only if not in use by x2gobroker-agent
- getent passwd x2gobroker 1>/dev/null && deluser x2gobroker
- getent group x2gobroker 1>/dev/null && delgroup x2gobroker
- getent group x2gobroker 1>/dev/null && delgroup x2gobroker
- rm -Rf /var/lib/x2gobroker
- fi
-
;;
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
;;
diff --git a/debian/x2gobroker-wsgi.install b/debian/x2gobroker-wsgi.install
index 40b18c5..26c32b7 100644
--- a/debian/x2gobroker-wsgi.install
+++ b/debian/x2gobroker-wsgi.install
@@ -1 +1,2 @@
-etc/x2gobroker-wsgi.apache.conf /etc/x2go/
\ No newline at end of file
+etc/x2gobroker-wsgi.apache.conf /etc/x2go/
+etc/x2gobroker-wsgi.apache.vhost /etc/x2go/
\ No newline at end of file
diff --git a/debian/x2gobroker-wsgi.links b/debian/x2gobroker-wsgi.links
index 99e592a..e1659e5 100644
--- a/debian/x2gobroker-wsgi.links
+++ b/debian/x2gobroker-wsgi.links
@@ -1 +1,2 @@
-/etc/x2go/x2gobroker-wsgi.apache.conf /etc/apache2/conf.d/x2gobroker-wsgi
\ No newline at end of file
+/etc/x2go/x2gobroker-wsgi.apache.conf /etc/apache2/conf.d/x2gobroker-wsgi
+/etc/x2go/x2gobroker-wsgi.apache.vhost /etc/apache2/sites-available/x2gobroker
diff --git a/etc/x2gobroker-wsgi.apache.conf b/etc/x2gobroker-wsgi.apache.conf
index 92c432f..63ba34a 100644
--- a/etc/x2gobroker-wsgi.apache.conf
+++ b/etc/x2gobroker-wsgi.apache.conf
@@ -5,6 +5,7 @@
#X2GOBROKER_DAEMON_USER=x2gobroker
#X2GOBROKER_DAEMON_GROUP=x2gobroker
WSGIDaemonProcess x2gobroker user=x2gobroker group=x2gobroker processes=5 threads=15
+WSGIPassAuthorization On
# default broker backend (default: zeroconf)
SetEnv X2GOBROKER_DEFAULT_BACKEND zeroconf
diff --git a/etc/x2gobroker-wsgi.apache.vhost b/etc/x2gobroker-wsgi.apache.vhost
new file mode 100644
index 0000000..4de60a8
--- /dev/null
+++ b/etc/x2gobroker-wsgi.apache.vhost
@@ -0,0 +1,75 @@
+###
+### Virtual Host configuration for an X2Go Session Broker
+###
+
+#
+# Make sure to disabled /etc/apache2/x2gobroker-wsgi completely if you
+# prefer setting up the X2Go Session Broker as a virtual host.
+#
+
+# enable debugging
+#SetEnv X2GOBROKER_DEBUG off
+
+# the default user/group that this WSGI application runs as
+#X2GOBROKER_DAEMON_USER=x2gobroker
+#X2GOBROKER_DAEMON_GROUP=x2gobroker
+WSGIDaemonProcess x2gobroker user=x2gobroker group=x2gobroker processes=5 threads=15
+WSGIPassAuthorization On
+
+# default broker backend (default: zeroconf)
+#SetEnv X2GOBROKER_DEFAULT_BACKEND zeroconf
+#SetEnv X2GOBROKER_DEFAULT_BACKEND inifile
+#SetEnv X2GOBROKER_DEFAULT_BACKEND ldap
+#SetEnv X2GOBROKER_DEFAULT_BACKEND <some-other-broker-backend>
+
+# path to the X2Go Session Broker's configuration file
+#SetEnv X2GOBROKER_CONFIG /etc/x2go/x2gobroker.conf
+
+# path to the X2Go Session Broker's session profiles file (when using the inifile backend)
+#SetEnv X2GOBROKER_SESSIONPROFILES /etc/x2go/broker/x2gobroker-sessionprofiles.conf
+
+# path to the X2Go Session Broker's agent command
+#SetEnv X2GOBROKER_AGENT_CMD /usr/lib/x2go/x2gobroker-agent
+
+# authentication socket of the X2Go Broker's PAM Authentication Service
+#SetEnv X2GOBROKER_AUTHSOCKET /run/x2gobroker/x2gobroker-authservice.socket
+
+# if you have to-be-statically-served files somewhere below the broker URL
+#Alias /x2gobroker/static /some/static/path/
+
+WSGIScriptAlias / /usr/sbin/x2gobroker
+WSGIProcessGroup x2gobroker
+
+<VirtualHost *:443>
+
+ ServerName localhost
+ ServerAdmin webmaster at localhost
+
+ SSLEngine on
+ # SSL Cipher Suite:
+ SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+ # Server Certificate:
+ SSLCertificateFile /etc/x2go/broker/ssl/broker.crt
+ # Server Private Key:
+ SSLCertificateKeyFile /etc/x2go/broker/ssl/broker.key
+ #SSLCertificateChainFile /etc/x2go/broker/ssl/cacert.key
+ #SetEnvIf User-Agent ".*MSIE.*" \
+ # nokeepalive ssl-unclean-shutdown \
+ # downgrade-1.0 force-response-1.0
+
+ <Directory /usr/sbin/x2gobroker>
+ Order deny,allow
+ Deny from all
+
+ # grant explicit access below
+ Allow from localhost
+ Allow from localhost-ip6
+
+ Options +FollowSymLinks
+ Options -Indexes
+
+ SSLOptions +StdEnvVars
+
+ </Directory>
+
+</VirtualHost>
diff --git a/etc/x2gobroker.conf b/etc/x2gobroker.conf
index 85eaa77..cf544bb 100644
--- a/etc/x2gobroker.conf
+++ b/etc/x2gobroker.conf
@@ -73,6 +73,8 @@
# enable {base_url}/uccs/
#enable-uccs-output = false
+# use this URL base to create URL field in UCCS-style JSON output
+#my-uccs-url-base = http://localhost:8080/
# enable {base_url}/json/ (THIS IS FUTURE, mg-20121129)
#enable-json-output = false
diff --git a/x2gobroker/authservice.py b/x2gobroker/authservice.py
index fa7ce84..bebc2ab 100644
--- a/x2gobroker/authservice.py
+++ b/x2gobroker/authservice.py
@@ -28,13 +28,16 @@ import socket
from pwd import getpwnam
from grp import getgrnam
+# set up the broker's environment
+import x2gobroker.defaults
+
from loggers import logger_authservice
logger_authservice.info('X2Go Session Broker PAM Authentication Service: Setting up the broker\'s environment...')
if os.environ.has_key('X2GOBROKER_AUTHSERVICE_SOCKET'):
X2GOBROKER_AUTHSERVICE_SOCKET=os.environ['X2GOBROKER_AUTHSERVICE_SOCKET']
else:
- X2GOBROKER_AUTHSERVICE_SOCKET="/var/run/x2gobroker-authservice.socket"
+ X2GOBROKER_AUTHSERVICE_SOCKET="/run/x2gobroker/x2gobroker-authservice.socket"
logger_authservice.info(' X2GOBROKER_AUTHSERVICE_SOCKET: {value}'.format(value=X2GOBROKER_AUTHSERVICE_SOCKET))
@@ -88,7 +91,9 @@ def loop():
def authenticate(username, password, service="x2gobroker"):
s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
+ logger_authservice.debug('connecting to authentication service socket {socket}'.format(socket=X2GOBROKER_AUTHSERVICE_SOCKET))
s.connect(X2GOBROKER_AUTHSERVICE_SOCKET)
+ logger_authservice.debug('sending username={username}, password=<hidden>, service={service} to authentication service'.format(username=username, service=service))
s.send('{username} {password} {service}\n'.format(username=username, password=password, service=service))
result = s.recv(1024)
s.close()
diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py
index 76ed8ef..365ce0b 100644
--- a/x2gobroker/brokers/base_broker.py
+++ b/x2gobroker/brokers/base_broker.py
@@ -715,6 +715,9 @@ class X2GoBroker(object):
access = False
access = self._do_authenticate(username=username, password=password)
+ if not access and "@" in username:
+ _username = username.split('@')[0]
+ access = self._do_authenticate(username=_username, password=password)
logger_broker.debug('base_broker.X2GoBroker.check_access(): result of authentication check is: {access}'.format(access=access))
### HANDLING OF DYNAMIC AUTHENTICATION ID HASHES
diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py
index 9e61d83..d734cc6 100644
--- a/x2gobroker/defaults.py
+++ b/x2gobroker/defaults.py
@@ -77,7 +77,7 @@ else:
if os.environ.has_key('X2GOBROKER_AUTHSERVICE_SOCKET'):
X2GOBROKER_AUTHSERVICE_SOCKET=os.environ['X2GOBROKER_AUTHSERVICE_SOCKET']
else:
- X2GOBROKER_AUTHSERVICE_SOCKET="/var/run/x2gobroker-authservice.socket"
+ X2GOBROKER_AUTHSERVICE_SOCKET="/run/x2gobroker/x2gobroker-authservice.socket"
if os.environ.has_key('X2GOBROKER_DEFAULT_BACKEND'):
X2GOBROKER_DEFAULT_BACKEND = os.environ['X2GOBROKER_DEFAULT_BACKEND']
@@ -119,6 +119,7 @@ X2GOBROKER_CONFIG_DEFAULTS = {
u'my-cookie': uuid.uuid4(),
u'enable-plain-output': True,
u'enable-uccs-output': False,
+ u'my-uccs-url-base': 'http://localhost:8080/',
u'enable-json-output': False,
u'enable-html-output': False,
u'default-auth-mech': u'pam',
diff --git a/x2gobroker/uccsjson.py b/x2gobroker/uccsjson.py
index abbcd80..efbbc32 100644
--- a/x2gobroker/uccsjson.py
+++ b/x2gobroker/uccsjson.py
@@ -85,7 +85,7 @@ class ManagementServer():
Dump this instance as JSON object.
"""
- return json.dumps(self, default=convert_to_builtin_type)
+ return json.dumps(self, default=convert_to_builtin_type, sort_keys=True, indent=4)
# NOT USED!!!
@@ -129,9 +129,9 @@ class RDPServer():
@raise TypeError: domain has to be C{str} or C{unicode}
"""
- if isinstance(domainName, str):
+ if isinstance(domain, str):
self.WindowsDomain = unicode(domain)
- elif isinstance(domainName, unicode):
+ elif isinstance(domain, unicode):
self.WindowsDomain = domain
else:
raise TypeError("set_domain() expects a string or unicode argument")
@@ -141,7 +141,7 @@ class RDPServer():
Dump this instance as JSON object.
"""
- return json.dumps(self, default=convert_to_builtin_type)
+ return json.dumps(self, default=convert_to_builtin_type, sort_keys=True, indent=4)
class ICAServer():
@@ -178,9 +178,9 @@ class ICAServer():
@raise TypeError: domain has to be C{str} or C{unicode}
"""
- if isinstance(domainName, str):
+ if isinstance(domain, str):
self.WindowsDomain = unicode(domain)
- elif isinstance(domainName, unicode):
+ elif isinstance(domain, unicode):
self.WindowsDomain = domain
else:
raise TypeError("set_domain() expects a string or unicode argument")
@@ -190,7 +190,7 @@ class ICAServer():
Dump this instance as JSON object.
"""
- return json.dumps(self, default=convert_to_builtin_type)
+ return json.dumps(self, default=convert_to_builtin_type, sort_keys=True, indent=4)
class X2GoServer():
@@ -210,12 +210,12 @@ class X2GoServer():
@type password: C{unicode}
"""
- self.URL = host
- self.Name = name
- self.Protocol = 'x2go'
+ self.URL = unicode(host)
+ self.Name = unicode(name)
+ self.Protocol = u'x2go'
self.SessionTypeRequired = True
- self.Username = username
- self.Password = password
+ self.Username = unicode(username)
+ self.Password = unicode(password)
def set_session_type(self, session_type):
"""\
@@ -227,8 +227,8 @@ class X2GoServer():
@raise TypeError: session_type has to be C{str} or C{unicode}
"""
- if isinstance(domainName, str):
- self.SessionType = sessiontypeName
+ if isinstance(session_type, str):
+ self.SessionType = session_type
else:
raise TypeError("set_session_type() expects a string or unicode argument")
@@ -237,5 +237,5 @@ class X2GoServer():
Dump this instance as JSON object.
"""
- return json.dumps(self, default=convert_to_builtin_type)
+ return json.dumps(self, default=convert_to_builtin_type, sort_keys=True, indent=4)
diff --git a/x2gobroker/web/html.py b/x2gobroker/web/html.py
index fd76eb8..0e1988f 100644
--- a/x2gobroker/web/html.py
+++ b/x2gobroker/web/html.py
@@ -77,8 +77,14 @@ $output
# silence pyflakes...
broker_backend = None
- exec("import x2gobroker.brokers.{backend}_broker".format(backend=backend))
- exec("broker_backend = x2gobroker.brokers.{backend}_broker.X2GoBroker()".format(backend=backend))
+ try:
+ # dynamically detect broker backend from given URL
+ exec("import x2gobroker.brokers.{backend}_broker".format(backend=backend))
+ exec("broker_backend = x2gobroker.brokers.{backend}_broker.X2GoBroker()".format(backend=backend))
+ except ImportError:
+ # throw a 404 if the backend does not exist
+ raise tornado.web.HTTPError(404)
+
global_config = broker_backend.get_global_config()
backend_config = broker_backend.get_backend_config(backend)
diff --git a/x2gobroker/web/plain.py b/x2gobroker/web/plain.py
index c4deb42..8487e43 100644
--- a/x2gobroker/web/plain.py
+++ b/x2gobroker/web/plain.py
@@ -58,9 +58,14 @@ class X2GoBrokerWeb(tornado.web.RequestHandler):
# silence pyflakes...
broker_backend = None
- # dynamically detect broker backend from given URL
- exec("import x2gobroker.brokers.{backend}_broker".format(backend=backend))
- exec("broker_backend = x2gobroker.brokers.{backend}_broker.X2GoBroker()".format(backend=backend))
+ try:
+ # dynamically detect broker backend from given URL
+ exec("import x2gobroker.brokers.{backend}_broker".format(backend=backend))
+ exec("broker_backend = x2gobroker.brokers.{backend}_broker.X2GoBroker()".format(backend=backend))
+ except ImportError:
+ # throw a 404 if the backend does not exist
+ raise tornado.web.HTTPError(404)
+
global_config = broker_backend.get_global_config()
# if the broker backend is disabled in the configuration, pretend to have nothing on offer
diff --git a/x2gobroker/web/uccs.py b/x2gobroker/web/uccs.py
index 394583c..db59f24 100644
--- a/x2gobroker/web/uccs.py
+++ b/x2gobroker/web/uccs.py
@@ -22,6 +22,8 @@
# modules
import types
+import re
+import base64
import tornado.web
from tornado.escape import native_str, parse_qs_bytes
@@ -31,6 +33,45 @@ import x2gobroker.defaults
from x2gobroker.loggers import logger_broker, logger_error
import x2gobroker.uccsjson
+def require_basic_auth(realm, validate_callback):
+ def require_basic_auth_decorator(handler_class):
+ def wrap_execute(handler_execute):
+ def require_basic_auth(handler, kwargs):
+ def create_auth_header():
+ handler.set_status(401)
+ handler.set_header('WWW-Authenticate', 'Basic realm="{realm}"'.format(realm=realm))
+ handler._transforms = []
+ handler.finish()
+
+ auth_header = handler.request.headers.get('Authorization')
+ if auth_header is None or not auth_header.startswith('Basic '):
+ create_auth_header()
+ else:
+ auth_decoded = base64.decodestring(auth_header[6:])
+ kwargs['basicauth_user'], kwargs['basicauth_pass'] = [ unicode(s) for s in auth_decoded.split(':', 2) ]
+ if validate_callback(handler_class, kwargs['basicauth_user'], kwargs['basicauth_pass']):
+ return True
+ else:
+ create_auth_header()
+ def _execute(self, transforms, *args, **kwargs):
+ if not require_basic_auth(self, kwargs):
+ return False
+ return handler_execute(self, transforms, *args, **kwargs)
+ return _execute
+
+ handler_class._execute = wrap_execute(handler_class._execute)
+ return handler_class
+ return require_basic_auth_decorator
+
+
+def credentials_validate(handler_class, username, password):
+ import x2gobroker.brokers.base_broker
+ # FIXME: with the below hack, the backend broker detection in X2GoBrokerWeb is disabled, only global options
+ # from x2gobroker.conf are available here...
+ return x2gobroker.brokers.base_broker.X2GoBroker().check_access(username=username, password=password)
+
+
+ at require_basic_auth('Authentication required', credentials_validate)
class X2GoBrokerWeb(tornado.web.RequestHandler):
http_header_items = {
@@ -43,66 +84,64 @@ class X2GoBrokerWeb(tornado.web.RequestHandler):
for http_header_item in self.http_header_items.keys():
self.set_header(http_header_item, self.http_header_items[http_header_item])
- def get(self, backend):
+ def get(self, backend, basicauth_user, basicauth_pass):
if x2gobroker.defaults.X2GOBROKER_DEBUG:
self._gen_http_header()
logger_broker.warn('GET http request detected, if unwanted: disable X2GOBROKER_DEBUG')
- return self.post(backend)
+ return self.head(backend, basicauth_user, basicauth_pass)
raise tornado.web.HTTPError(404)
- def post(self, backend):
+ def head(self, backend, basicauth_user, basicauth_pass):
if not backend:
backend = x2gobroker.defaults.X2GOBROKER_DEFAULT_BACKEND
else:
backend = backend.rstrip('/')
- # silence pyflakes...
- broker_backend = None
- # dynamically detect broker backend from given URL
- exec("import x2gobroker.brokers.{backend}_broker".format(backend=backend))
- exec("broker_backend = x2gobroker.brokers.{backend}_broker.X2GoBroker()".format(backend=backend))
- global_config = broker_backend.get_global_config()
+ api_version = 4
+ if re.match('.*/api/[0-9].*', backend):
+ # get the first and the third item as backend, api_version
+ backend, api_version = backend.split('/')[:3:2]
+ api_version = int(api_version)
+
+ try:
+ # dynamically detect broker backend from given URL
+ exec("import x2gobroker.brokers.{backend}_broker".format(backend=backend))
+ exec("self.broker_backend = x2gobroker.brokers.{backend}_broker.X2GoBroker()".format(backend=backend))
+ except ImportError:
+ # throw a 404 if the backend does not exist
+ raise tornado.web.HTTPError(404)
+
+ global_config = self.broker_backend.get_global_config()
# if the broker backend is disabled in the configuration, pretend to have nothing on offer
- if not broker_backend.is_enabled():
+ if not self.broker_backend.is_enabled():
raise tornado.web.HTTPError(404)
- # FIXME: this is to work around a bug in X2Go Client (http://bugs.x2go.org/138)
- content_type = self.request.headers.get("Content-Type", "")
- if not content_type.startswith("application/x-www-form-urlencoded"):
- for name, values in parse_qs_bytes(native_str(self.request.body)).iteritems():
- self.request.arguments.setdefault(name, []).extend(values)
-
# set the client address for the broker backend
ip = self.request.remote_ip
if ip:
logger_broker.info('client address is {address}'.format(address=ip))
- broker_backend.set_client_address(ip)
+ self.broker_backend.set_client_address(ip)
elif not x2gobroker.defaults.X2GOBROKER_DEBUG:
# if the client IP is not set, we pretend to have nothing on offer
logger_error.error('client could not provide an IP address, pretending: 404 Not Found')
raise tornado.web.HTTPError(404)
- username = 'foo'
- #username = self.get_argument('user', default='')
- #password = self.get_argument('password', default='')
- #cookie = self.get_argument('cookie', default='')
- #task = self.get_argument('task', default='')
- #profile_id = self.get_argument('sid', default='')
- #new_password = self.get_argument('newpass', default='')
+ username, password = basicauth_user, basicauth_pass
+ cookie = ''
output = ''
- #logger_broker.debug ('username: {username}, password: {password}, task: {task}, profile_id: {profile_id}'.format(username=username, password='XXXXX', task=task, profile_id=profile_id))
- #if broker_backend.check_access(username=username, password=password, cookie=cookie):
+ logger_broker.debug ('Authenticated as username: {username}, with password: <hidden>'.format(username=username))
###
### CONFIRM SUCCESSFUL AUTHENTICATION FIRST
###
- profiles = broker_backend.list_profiles(username)
- ms = x2gobroker.uccsjson.ManagementServer('http://localhost:8080/uccs/{backend}'.format(backend=backend), 'X2Go Session Broker')
+ profiles = self.broker_backend.list_profiles(username)
+ urlbase = self.broker_backend.get_global_value('my-uccs-url-base').rstrip('/')
+ ms = x2gobroker.uccsjson.ManagementServer('{urlbase}/uccs/{backend}'.format(urlbase=urlbase, backend=backend), 'X2Go Session Broker')
profile_ids = profiles.keys()
profile_ids.sort()
@@ -124,5 +163,3 @@ class X2GoBrokerWeb(tornado.web.RequestHandler):
self.write(output)
return
- #raise tornado.web.HTTPError(401)
-
hooks/post-receive
--
x2gobroker.git (HTTP(S) Session broker for X2Go)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).
More information about the x2go-commits
mailing list