Commit 4697bc0d authored by Georgios Gousios's avatar Georgios Gousios
Browse files

Rename auth to aai and put all aai related stuff in it

manage.py had trouble running tests from auth (confirmed with
[verigak]), and is also a good idea to have all aai stuff in
one reusable place ([vkoukis]'s idea)
parent a7aa0e7d
......@@ -62,17 +62,28 @@ class SynnefoAuthMiddleware(object):
#User and authentication token valid, user allowed to proceed
return
#An API authentication request
if self.auth_user in request.META and 'X-Auth-Key' in request.META \
and '/v1.1' == request.path and 'GET' == request.method:
if self.auth_user in request.META and self.auth_key in request.META and 'GET' == request.method:
# This is here merely for compatibility with the Openstack API.
# All normal users should authenticate through Sibbolleth. Admin
# users or other selected users could use this as a bypass
# mechanism
user = SynnefoUser.objects.filter(username = request.META[self.auth_user])
return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
user = SynnefoUser.objects\
.filter(name = request.META[self.auth_user]) \
.filter(uniq = request.META[self.auth_key])
response = HttpResponse()
if user.count() <= 0:
response.status_code = 401
else:
response.status_code = 204
response['X-Auth-Token'] = user[0].auth_token
#TODO: set the following fields when we do have this info
response['X-Server-Management-Url'] = ""
response['X-Storage-Url'] = ""
response['X-CDN-Management-Url'] = ""
return response
#No authentication info found in headers, redirect to Shibboleth
return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
......
......@@ -64,9 +64,7 @@ class AuthTestCase(TestCase):
"""
user = SynnefoUser.objects.get(uniq = "test@synnefo.gr")
self.assertNotEqual(user.auth_token_created, None)
user.auth_token_created = (datetime.now() -
timedelta(hours = settings.AUTH_TOKEN_DURATION))
user.save()
self._update_user_ts(user)
response = self.client.get(self.apibase + '/servers', {},
**{'X-Auth-Token': user.auth_token})
self._test_redirect(response)
......@@ -99,21 +97,20 @@ class AuthTestCase(TestCase):
"""authentication with user registration
"""
response = self.client.get(self.apibase + '/', {},
**{'X-Auth-User': 'testuser',
'X-Auth-Key': 'testuserpasswd'})
**{'X-Auth-User': 'testdbuser',
'X-Auth-Key': 'test@synnefo.gr'})
self.assertEquals(response.status_code, 204)
self.assertNotEqual(response['X-Auth-Token'], None)
self.assertEquals(response['X-Server-Management-Url'], '')
self.assertEquals(response['X-Storage-Url'], '')
self.assertEquals(response['X-CDN-Management-Url'], '')
#Check access now that we do have an auth token
token = response['X-Auth-Token']
response = self.client.get(self.apibase + '/servers/detail', {},
**{'X-Auth-Token': token})
self.assertEquals(response.status_code, 200)
def _test_redirect(self, response):
self.assertEquals(response.status_code, 302)
self.assertTrue('Location' in response)
self.assertEquals(response['Location'], settings.SHIBBOLETH_HOST)
\ No newline at end of file
self.assertEquals(response['Location'], settings.SHIBBOLETH_HOST)
def _update_user_ts(self, user):
user.auth_token_created = (datetime.now() -
timedelta(hours = settings.AUTH_TOKEN_DURATION))
user.save()
......@@ -13,7 +13,6 @@ from django.test.client import Client
from synnefo.db.models import VirtualMachine, VirtualMachineGroup
from synnefo.db.models import Flavor, Image
from synnefo.api.tests_redux import APIReduxTestCase
from synnefo.api.tests_auth import AuthTestCase
from synnefo.logic import utils
......
# vim: ts=4 sts=4 et ai sw=4 fileencoding=utf-8
#
# Copyright © 2010 Greek Research and Technology Network
#
from piston.handler import AnonymousBaseHandler
from django.http import HttpResponse
from django.core.urlresolvers import reverse
CURRENT_SERVER_VERSION = 'v1.0'
class AuthHandler(AnonymousBaseHandler):
allowed_methods = ('GET',)
def read(self, request):
user = request.META.get('HTTP_X_AUTH_USER', None)
key = request.META.get('HTTP_X_AUTH_KEY', None)
if user is None or key is None:
return HttpResponse(status=401)
response = HttpResponse(status=204)
# dummy auth
response['X-Auth-Token'] = 'dummy-token'
# return X-Server-Management's URL
url = reverse('synnefo.api.urls.version_handler',
kwargs={'number': CURRENT_SERVER_VERSION})
url = request.build_absolute_uri(url)
response['X-Server-Management-Url'] = url
return response
# vim: ts=4 sts=4 et ai sw=4 fileencoding=utf-8
#
# Copyright © 2010 Greek Research and Technology Network
#
from django.conf.urls.defaults import *
from piston.resource import Resource
from synnefo.auth.handlers import *
auth_handler = Resource(AuthHandler)
urlpatterns = patterns('',
(r'^v1.0', auth_handler),
)
......@@ -95,10 +95,10 @@ TEMPLATE_CONTEXT_PROCESSORS = (
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
#'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.middleware.locale.LocaleMiddleware',
'django.middleware.common.CommonMiddleware',
'synnefo.middleware.StripURLMiddleware',
#'django.contrib.auth.middleware.AuthenticationMiddleware',
#'synnefo.api.middleware.SynnefoAuthMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
......@@ -120,7 +120,7 @@ INSTALLED_APPS = (
'django.contrib.messages',
'django.contrib.admin',
# 'django.contrib.admindocs',
'synnefo.auth',
'synnefo.aai',
'synnefo.api',
'synnefo.ui',
'synnefo.db',
......@@ -164,9 +164,9 @@ API_ROOT_URL = 'http://127.0.0.1:8000/api/'
SHIBBOLETH_HOST = "http://wayf.grnet.gr/"
SHIBBOLETH_WHITELIST = {
'localhost' : '127.0.0.1'
'localhost' : '127.0.0.1',
'testserver' : '127.0.0.1'
}
#Number of hours during which a user token is active
AUTH_TOKEN_DURATION = 24
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment