[X2Go-Commits] [x2gobroker] 02/04: Add support to run pre and post authentication scripts. (Fixes: #449).
git-admin at x2go.org
git-admin at x2go.org
Fri Mar 7 22:15:39 CET 2014
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master
in repository x2gobroker.
commit 770683c5ade94095482bdb28ea868ab2d69c2e24
Author: Josh Lukens <jlukens at botch.com>
Date: Thu Mar 6 20:55:10 2014 -0500
Add support to run pre and post authentication scripts. (Fixes: #449).
---
debian/changelog | 1 +
etc/x2gobroker.conf | 7 +++++++
x2gobroker/defaults.py | 2 ++
x2gobroker/optional_scripts/__init__.py | 20 ++++++++++++++++++++
x2gobroker/optional_scripts/base_script.py | 24 ++++++++++++++++++++++++
x2gobroker/web/plain.py | 24 ++++++++++++++++++++++++
6 files changed, 78 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 0b2dd12..bb4cb93 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -118,6 +118,7 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low
* New upstream version (0.0.3.0):
- Add support for dynamic cookie based auth after initial password auth. (Fixes:
#447).
+ - Add support to run pre and post authentication scripts. (Fixes: #449).
-- Mike Gabriel <mike.gabriel at das-netzwerkteam.de> Fri, 07 Jun 2013 23:25:30 +0200
diff --git a/etc/x2gobroker.conf b/etc/x2gobroker.conf
index b8b8974..64967a9 100644
--- a/etc/x2gobroker.conf
+++ b/etc/x2gobroker.conf
@@ -48,6 +48,13 @@
# the permissions are set to allow the x2go broker process to write to this directory
#cookie-directory = '/var/log/x2gobroker/cookies'
+# Pre and Post authentication scripts give you the option to run outside scripts
+# or adjust the values of variables for users logging in. Pre scripts run just
+# before user authentication and Post scripts run just after. Set to list of
+# scripts, comma seperated, with no spaces between.
+#pre_auth_scripts =
+#post_auth_scripts =
+
# Every server-client communication (between X2Go Client and broker) has to be
# accompanied by this initial authentication cookie if require-cookie is set above.
# This should be in the format of a UUID.
diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py
index 9027ed0..d4bfaaf 100644
--- a/x2gobroker/defaults.py
+++ b/x2gobroker/defaults.py
@@ -186,6 +186,8 @@ X2GOBROKER_CONFIG_DEFAULTS = {
u'auth-timeout': 36000,
u'cookie-directory': '/var/log/x2gobroker/cookies',
u'verify-ip': True,
+ u'pre_auth_scripts': [],
+ u'post_auth_scripts': [],
u'my-cookie': uuid.uuid4(),
u'enable-plain-output': True,
u'enable-json-output': True,
diff --git a/x2gobroker/optional_scripts/__init__.py b/x2gobroker/optional_scripts/__init__.py
new file mode 100755
index 0000000..d3eff3c
--- /dev/null
+++ b/x2gobroker/optional_scripts/__init__.py
@@ -0,0 +1,20 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (C) 2012-2014 by Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
+# Copyright (C) 2012-2014 by Oleksandr Shneyder <oleksandr.shneyder at obviously-nice.de>
+#
+# X2Go Session Broker is free software; you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# X2Go Session Broker is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program; if not, write to the
+# Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
diff --git a/x2gobroker/optional_scripts/base_script.py b/x2gobroker/optional_scripts/base_script.py
new file mode 100755
index 0000000..e284362
--- /dev/null
+++ b/x2gobroker/optional_scripts/base_script.py
@@ -0,0 +1,24 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (C) 2012-2014 by Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
+# Copyright (C) 2012-2014 by Oleksandr Shneyder <oleksandr.shneyder at obviously-nice.de>
+#
+# X2Go Session Broker is free software; you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# X2Go Session Broker is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program; if not, write to the
+# Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+class X2GoBrokerOptionalScript(object):
+
+ def run_me(self, username, password, task, profile_id, ip, cookie):
+ return username, password, task, profile_id, ip, cookie
diff --git a/x2gobroker/web/plain.py b/x2gobroker/web/plain.py
index 22b4964..dcf853b 100644
--- a/x2gobroker/web/plain.py
+++ b/x2gobroker/web/plain.py
@@ -114,9 +114,33 @@ class X2GoBrokerWeb(_RequestHandler):
output = ''
+ if len(global_config['pre_auth_scripts']) != 0:
+ for script in global_config['pre_auth_scripts']:
+ try:
+ post_auth_script=None
+ exec("import x2gobroker.optional_scripts.{script}_script".format(script=script))
+ exec("pre_auth_script = x2gobroker.optional_scripts.{script}_script.X2GoBrokerOptionalScript()".format(script=script))
+ logger_broker.debug ('Calling pre-auth script {script} with username: {username}, password: {password}, task: {task}, profile_id: {profile_id}, ip: {ip}, cookie: {cookie}'.format(script=script,username=username, password='XXXXX', task=task, profile_id=profile_id, ip=ip, cookie=cookie))
+ username, password, task, profile_id, ip, cookie = pre_auth_script.run_me(username=username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie)
+ logger_broker.debug ('Pre-auth script {script} finished with username: {username}, password: {password}, task: {task}, profile_id: {profile_id}, ip: {ip}, cookie: {cookie}'.format(script=script,username=username, password='XXXXX', task=task, profile_id=profile_id, ip=ip, cookie=cookie))
+ except ImportError:
+ logger_error.error('No such optional script \'{script}\''.format(script=script))
+
logger_broker.debug ('username: {username}, password: {password}, task: {task}, profile_id: {profile_id}, cookie: {cookie}'.format(username=username, password='XXXXX', task=task, profile_id=profile_id, cookie=cookie))
access, next_cookie = broker_backend.check_access(username=username, password=password, ip=ip, cookie=cookie)
+
if access:
+ if len(global_config['post_auth_scripts']) != 0:
+ for script in global_config['post_auth_scripts']:
+ try:
+ post_auth_script=None
+ exec("import x2gobroker.optional_scripts.{script}_script".format(script=script))
+ exec("post_auth_script = x2gobroker.optional_scripts.{script}_script.X2GoBrokerOptionalScript()".format(script=script))
+ logger_broker.debug ('Calling post-auth script {script} with username: {username}, password: {password}, task: {task}, profile_id: {profile_id}, ip: {ip}, cookie: {cookie}'.format(script=script,username=username, password='XXXXX', task=task, profile_id=profile_id, ip=ip, cookie=cookie))
+ username, password, task, profile_id, ip, cookie = post_auth_script.run_me(username=username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie)
+ logger_broker.debug ('Post-auth script {script} finished with username: {username}, password: {password}, task: {task}, profile_id: {profile_id}, ip: {ip}, cookie: {cookie}'.format(script=script,username=username, password='XXXXX', task=task, profile_id=profile_id, ip=ip, cookie=cookie))
+ except ImportError:
+ logger_error.error('No such optional script \'{script}\''.format(script=script))
###
### CONFIRM SUCCESSFUL AUTHENTICATION FIRST
--
Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
More information about the x2go-commits
mailing list