This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository python-x2go. commit 7b061bf13232b542d1d81b0b21ba211537c64b7d Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Mon Mar 24 15:25:51 2014 +0100 Support cookie based authentication against a http(s) session broker. --- debian/changelog | 1 + x2go/backends/profiles/httpbroker.py | 45 +++++++++++++++++++++++++++++++--- 2 files changed, 43 insertions(+), 3 deletions(-) diff --git a/debian/changelog b/debian/changelog index b41a366..abe25db 100644 --- a/debian/changelog +++ b/debian/changelog @@ -17,6 +17,7 @@ python-x2go (0.5.0.0-0x2go1) UNRELEASED; urgency=low from the broker session profiles backend. - Allow catching "connection refused" errors while talking to an X2Go Session Broker (X2GoBrokerConnectionException). + - Support cookie based authentication against a http(s) session broker. * debian/control: + Add dependencies: python-requests, python-simplejson. * python-x2go.spec: diff --git a/x2go/backends/profiles/httpbroker.py b/x2go/backends/profiles/httpbroker.py index e8a2684..0651833 100644 --- a/x2go/backends/profiles/httpbroker.py +++ b/x2go/backends/profiles/httpbroker.py @@ -107,6 +107,7 @@ class X2GoSessionProfiles(base.X2GoSessionProfiles): if self.broker_url != "HTTP": self.logger("Using session broker at URL: %s" % self.broker_url, log.loglevel_NOTICE) + self.broker_authid = None self._broker_profile_cache = {} self._mutable_profile_ids = None self._broker_auth_successful = None @@ -135,18 +136,31 @@ class X2GoSessionProfiles(base.X2GoSessionProfiles): if self.broker_url is not None: request_data = { 'user': broker_username or '', - 'password': broker_password or '', } + if self.broker_authid is not None: + request_data['authid'] = self.broker_authid + self.logger("Sending request to broker: user: {user}, authid: {authid}".format(**request_data), log.loglevel_DEBUG) + else: + if broker_password: + request_data['password'] = "<hidden>" + else: + request_data['password'] = "<EMPTY>" + self.logger("Sending request to broker: user: {user}, password: {password}".format(**request_data), log.loglevel_DEBUG) + request_data['password'] = broker_password or '' try: r = requests.post(self.broker_url, data=request_data) except requests.exceptions.ConnectionError: raise x2go.x2go_exceptions.X2GoBrokerConnectionException('Failed to connect to URL %s' % self.broker_url) if r.status_code == 200: + payload = json.loads(r.text) + if payload.has_key('next-authid'): + self.broker_authid = payload['next-authid'] self.broker_username = broker_username or '' self.broker_password = broker_password or '' self._broker_auth_successful = True return True self._broker_auth_successful = False + self.broker_authid = None return False def broker_disconnect(self): @@ -166,6 +180,7 @@ class X2GoSessionProfiles(base.X2GoSessionProfiles): del self.session_profiles[profile_id] self._mutable_profile_ids = None self._broker_auth_successful = False + self.broker_authid = None self.broker_password = None def is_broker_authenticated(self): @@ -182,19 +197,31 @@ class X2GoSessionProfiles(base.X2GoSessionProfiles): request_data = { 'task': 'listprofiles', 'user': self.broker_username, - 'password': self.broker_password, } + if self.broker_authid is not None: + request_data['authid'] = self.broker_authid + self.logger("Sending request to broker: user: {user}, authid: {authid}, task: {task}".format(**request_data), log.loglevel_DEBUG) + else: + if self.broker_password: + request_data['password'] = "<hidden>" + else: + request_data['password'] = "<EMPTY>" + self.logger("Sending request to broker: user: {user}, password: {password}, task: {task}".format(**request_data), log.loglevel_DEBUG) + request_data['password'] = self.broker_password or '' try: r = requests.post(self.broker_url, data=request_data) except requests.exceptions.ConnectionError: raise x2go.x2go_exceptions.X2GoBrokerConnectionException('Failed to connect to URL %s' % self.broker_url) if r.status_code == 200 and r.headers['content-type'].startswith("text/json"): payload = json.loads(r.text) + if payload.has_key('next-authid'): + self.broker_authid = payload['next-authid'] if payload.has_key('mutable_profile_ids'): self._mutable_profile_ids = payload['mutable_profile_ids'] self._broker_auth_successful = True return payload['profiles'] if payload['task'] == 'listprofiles' else {} self._broker_auth_successful = False + self.broker_authid = None return {} def broker_selectsession(self, profile_id): @@ -204,18 +231,30 @@ class X2GoSessionProfiles(base.X2GoSessionProfiles): 'task': 'selectsession', 'profile-id': profile_id, 'user': self.broker_username, - 'password': self.broker_password, 'pubkey': self.broker_my_pubkey, } + if self.broker_authid is not None: + request_data['authid'] = self.broker_authid + self.logger("Sending request to broker: user: {user}, authid: {authid}, task: {task}".format(**request_data), log.loglevel_DEBUG) + else: + if self.broker_password: + request_data['password'] = "<hidden>" + else: + request_data['password'] = "<EMPTY>" + self.logger("Sending request to broker: user: {user}, password: {password}, task: {task}".format(**request_data), log.loglevel_DEBUG) + request_data['password'] = self.broker_password or '' try: r = requests.post(self.broker_url, data=request_data) except requests.exceptions.ConnectionError: raise x2go.x2go_exceptions.X2GoBrokerConnectionException('Failed to connect to URL %s' % self.broker_url) if r.status_code == 200 and r.headers['content-type'].startswith("text/json"): payload = json.loads(r.text) + if payload.has_key('next-authid'): + self.broker_authid = payload['next-authid'] self._broker_profile_cache[profile_id] = payload['selected_session'] if payload['task'] == 'selectsession' else {} self._broker_auth_successful = True else: + self.broker_authid = None self._broker_auth_successful = False self._broker_profile_cache[profile_id] return self._broker_profile_cache[profile_id] -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/python-x2go.git