Commit 4697bc0d authored by Georgios Gousios's avatar Georgios Gousios

Rename auth to aai and put all aai related stuff in it

manage.py had trouble running tests from auth (confirmed with
[verigak]), and is also a good idea to have all aai stuff in
one reusable place ([vkoukis]'s idea)
parent a7aa0e7d
......@@ -62,17 +62,28 @@ class SynnefoAuthMiddleware(object):
#User and authentication token valid, user allowed to proceed
return
#An API authentication request
if self.auth_user in request.META and 'X-Auth-Key' in request.META \
and '/v1.1' == request.path and 'GET' == request.method:
if self.auth_user in request.META and self.auth_key in request.META and 'GET' == request.method:
# This is here merely for compatibility with the Openstack API.
# All normal users should authenticate through Sibbolleth. Admin
# users or other selected users could use this as a bypass
# mechanism
user = SynnefoUser.objects.filter(username = request.META[self.auth_user])
return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
user = SynnefoUser.objects\
.filter(name = request.META[self.auth_user]) \
.filter(uniq = request.META[self.auth_key])
response = HttpResponse()
if user.count() <= 0:
response.status_code = 401
else:
response.status_code = 204
response['X-Auth-Token'] = user[0].auth_token
#TODO: set the following fields when we do have this info
response['X-Server-Management-Url'] = ""
response['X-Storage-Url'] = ""
response['X-CDN-Management-Url'] = ""
return response
#No authentication info found in headers, redirect to Shibboleth
return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
......
......@@ -64,9 +64,7 @@ class AuthTestCase(TestCase):
"""
user = SynnefoUser.objects.get(uniq = "test@synnefo.gr")
self.assertNotEqual(user.auth_token_created, None)
user.auth_token_created = (datetime.now() -
timedelta(hours = settings.AUTH_TOKEN_DURATION))
user.save()
self._update_user_ts(user)
response = self.client.get(self.apibase + '/servers', {},
**{'X-Auth-Token': user.auth_token})
self._test_redirect(response)
......@@ -99,21 +97,20 @@ class AuthTestCase(TestCase):
"""authentication with user registration
"""
response = self.client.get(self.apibase + '/', {},
**{'X-Auth-User': 'testuser',
'X-Auth-Key': 'testuserpasswd'})
**{'X-Auth-User': 'testdbuser',
'X-Auth-Key': 'test@synnefo.gr'})
self.assertEquals(response.status_code, 204)
self.assertNotEqual(response['X-Auth-Token'], None)
self.assertEquals(response['X-Server-Management-Url'], '')
self.assertEquals(response['X-Storage-Url'], '')
self.assertEquals(response['X-CDN-Management-Url'], '')
#Check access now that we do have an auth token
token = response['X-Auth-Token']
response = self.client.get(self.apibase + '/servers/detail', {},
**{'X-Auth-Token': token})
self.assertEquals(response.status_code, 200)
def _test_redirect(self, response):
self.assertEquals(response.status_code, 302)
self.assertTrue('Location' in response)
self.assertEquals(response['Location'], settings.SHIBBOLETH_HOST)
\ No newline at end of file
self.assertEquals(response['Location'], settings.SHIBBOLETH_HOST)
def _update_user_ts(self, user):
user.auth_token_created = (datetime.now() -
timedelta(hours = settings.AUTH_TOKEN_DURATION))
user.save()
......@@ -13,7 +13,6 @@ from django.test.client import Client
from synnefo.db.models import VirtualMachine, VirtualMachineGroup
from synnefo.db.models import Flavor, Image
from synnefo.api.tests_redux import APIReduxTestCase
from synnefo.api.tests_auth import AuthTestCase
from synnefo.logic import utils
......
# vim: ts=4 sts=4 et ai sw=4 fileencoding=utf-8
#
# Copyright © 2010 Greek Research and Technology Network
#
from piston.handler import AnonymousBaseHandler
from django.http import HttpResponse
from django.core.urlresolvers import reverse
CURRENT_SERVER_VERSION = 'v1.0'
class AuthHandler(AnonymousBaseHandler):
allowed_methods = ('GET',)
def read(self, request):
user = request.META.get('HTTP_X_AUTH_USER', None)
key = request.META.get('HTTP_X_AUTH_KEY', None)
if user is None or key is None:
return HttpResponse(status=401)
response = HttpResponse(status=204)
# dummy auth
response['X-Auth-Token'] = 'dummy-token'
# return X-Server-Management's URL
url = reverse('synnefo.api.urls.version_handler',
kwargs={'number': CURRENT_SERVER_VERSION})
url = request.build_absolute_uri(url)
response['X-Server-Management-Url'] = url
return response
# vim: ts=4 sts=4 et ai sw=4 fileencoding=utf-8
#
# Copyright © 2010 Greek Research and Technology Network
#
from django.conf.urls.defaults import *
from piston.resource import Resource
from synnefo.auth.handlers import *
auth_handler = Resource(AuthHandler)
urlpatterns = patterns('',
(r'^v1.0', auth_handler),
)
......@@ -95,10 +95,10 @@ TEMPLATE_CONTEXT_PROCESSORS = (
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
#'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.middleware.locale.LocaleMiddleware',
'django.middleware.common.CommonMiddleware',
'synnefo.middleware.StripURLMiddleware',
#'django.contrib.auth.middleware.AuthenticationMiddleware',
#'synnefo.api.middleware.SynnefoAuthMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
......@@ -120,7 +120,7 @@ INSTALLED_APPS = (
'django.contrib.messages',
'django.contrib.admin',
# 'django.contrib.admindocs',
'synnefo.auth',
'synnefo.aai',
'synnefo.api',
'synnefo.ui',
'synnefo.db',
......@@ -164,9 +164,9 @@ API_ROOT_URL = 'http://127.0.0.1:8000/api/'
SHIBBOLETH_HOST = "http://wayf.grnet.gr/"
SHIBBOLETH_WHITELIST = {
'localhost' : '127.0.0.1'
'localhost' : '127.0.0.1',
'testserver' : '127.0.0.1'
}
#Number of hours during which a user token is active
AUTH_TOKEN_DURATION = 24
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment