1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/ait/os/bin/opensecurityd/opensecurityd.py Tue Nov 12 11:31:34 2013 +0100
1.3 @@ -0,0 +1,178 @@
1.4 +#!/bin/env python
1.5 +# -*- coding: utf-8 -*-
1.6 +
1.7 +# ------------------------------------------------------------
1.8 +# opensecurityd
1.9 +#
1.10 +# the opensecurityd as RESTful server
1.11 +#
1.12 +# Autor: Oliver Maurhart, <oliver.maurhart@ait.ac.at>
1.13 +#
1.14 +# Copyright (C) 2013 AIT Austrian Institute of Technology
1.15 +# AIT Austrian Institute of Technology GmbH
1.16 +# Donau-City-Strasse 1 | 1220 Vienna | Austria
1.17 +# http://www.ait.ac.at
1.18 +#
1.19 +# This program is free software; you can redistribute it and/or
1.20 +# modify it under the terms of the GNU General Public License
1.21 +# as published by the Free Software Foundation version 2.
1.22 +#
1.23 +# This program is distributed in the hope that it will be useful,
1.24 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
1.25 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1.26 +# GNU General Public License for more details.
1.27 +#
1.28 +# You should have received a copy of the GNU General Public License
1.29 +# along with this program; if not, write to the Free Software
1.30 +# Foundation, Inc., 51 Franklin Street, Fifth Floor,
1.31 +# Boston, MA 02110-1301, USA.
1.32 +# ------------------------------------------------------------
1.33 +
1.34 +
1.35 +# ------------------------------------------------------------
1.36 +# imports
1.37 +
1.38 +import os
1.39 +import os.path
1.40 +import subprocess
1.41 +import sys
1.42 +import web
1.43 +
1.44 +# local
1.45 +from environment import Environment
1.46 +
1.47 +
1.48 +# ------------------------------------------------------------
1.49 +# const
1.50 +
1.51 +
1.52 +__version__ = "0.1"
1.53 +
1.54 +
1.55 +"""All the URLs we know mapping to class handler"""
1.56 +opensecurity_urls = (
1.57 + '/application', 'os_application',
1.58 + '/device', 'os_device',
1.59 + '/device/credentials', 'os_device_credentials',
1.60 + '/device/password', 'os_device_password',
1.61 + '/', 'os_root'
1.62 +)
1.63 +
1.64 +
1.65 +# ------------------------------------------------------------
1.66 +# code
1.67 +
1.68 +
1.69 +class os_application:
1.70 +
1.71 + """OpenSecurity '/application' handler.
1.72 +
1.73 + This is called on GET /application?vm=VM-ID&app=APP-ID
1.74 + This tries to access the vm identified with the label VM-ID
1.75 + and launched the application identified APP-ID
1.76 + """
1.77 +
1.78 + def GET(self):
1.79 +
1.80 + # pick the arguments
1.81 + args = web.input()
1.82 +
1.83 + # we _need_ a vm
1.84 + if not "vm" in args:
1.85 + raise web.badrequest()
1.86 +
1.87 + # we _need_ a app
1.88 + if not "app" in args:
1.89 + raise web.badrequest()
1.90 +
1.91 + ## TODO: HARD CODED STUFF HERE! THIS SHOULD BE FLEXIBLE!
1.92 + ssh_private_key = os.path.join(Environment("opensecurity").data_path, 'share', '192.168.56.15.ppk')
1.93 + putty_session = '192.168.56.15'
1.94 + process_command = ['plink.exe', '-i', ssh_private_key, putty_session, args.app]
1.95 + si = subprocess.STARTUPINFO()
1.96 + si.dwFlags = subprocess.STARTF_USESHOWWINDOW
1.97 + si.wShowWindow = subprocess.SW_HIDE
1.98 + print('tyring to launch: ' + ' '.join(process_command))
1.99 + process = subprocess.Popen(process_command, shell = True)
1.100 + return 'launched: ' + ' '.join(process_command)
1.101 +
1.102 +
1.103 +class os_device:
1.104 +
1.105 + """OpenSecurity '/device' handler"""
1.106 +
1.107 + def GET(self):
1.108 + return "os_device"
1.109 +
1.110 +
1.111 +class os_device_credentials:
1.112 +
1.113 + """OpenSecurity '/device/credentials' handler.
1.114 +
1.115 + This is called on GET /device/credentials?id=DEVICE-ID.
1.116 + Ideally this should pop up a user dialog to insert his
1.117 + credentials based the DEVICE-ID
1.118 + """
1.119 +
1.120 + def GET(self):
1.121 +
1.122 + # pick the arguments
1.123 + args = web.input()
1.124 +
1.125 + # we _need_ a device id
1.126 + if not "id" in args:
1.127 + raise web.badrequest()
1.128 +
1.129 + # invoke the user dialog as a subprocess
1.130 + dlg_credentials_image = os.path.join(sys.path[0], 'opensecurity-dialog.py')
1.131 + process_command = [sys.executable, dlg_credentials_image, 'credentials', 'Please provide credentials for accessing \ndevice: "{0}".'.format(args.id)]
1.132 + process = subprocess.Popen(process_command, shell = False, stdout = subprocess.PIPE)
1.133 + result = process.communicate()[0]
1.134 + if process.returncode != 0:
1.135 + return 'Credentials request has been aborted.'
1.136 +
1.137 + return result
1.138 +
1.139 +
1.140 +class os_device_password:
1.141 +
1.142 + """OpenSecurity '/device/password' handler.
1.143 +
1.144 + This is called on GET /device/password?id=DEVICE-ID.
1.145 + Ideally this should pop up a user dialog to insert his
1.146 + password based the DEVICE-ID
1.147 + """
1.148 +
1.149 + def GET(self):
1.150 +
1.151 + # pick the arguments
1.152 + args = web.input()
1.153 +
1.154 + # we _need_ a device id
1.155 + if not "id" in args:
1.156 + raise web.badrequest()
1.157 +
1.158 + # invoke the user dialog as a subprocess
1.159 + dlg_credentials_image = os.path.join(sys.path[0], 'opensecurity-dialog.py')
1.160 + process_command = [sys.executable, dlg_credentials_image, 'password', 'Please provide a password for accessing \ndevice: "{0}".'.format(args.id)]
1.161 + process = subprocess.Popen(process_command, shell = False, stdout = subprocess.PIPE)
1.162 + result = process.communicate()[0]
1.163 + if process.returncode != 0:
1.164 + return 'Credentials request has been aborted.'
1.165 +
1.166 + return result
1.167 +
1.168 +
1.169 +class os_root:
1.170 +
1.171 + """OpenSecurity '/' handler"""
1.172 +
1.173 + def GET(self):
1.174 + return "OpenSecurity-Server { \"version\": \"%s\" }" % __version__
1.175 +
1.176 +
1.177 +# start
1.178 +if __name__ == "__main__":
1.179 + server = web.application(opensecurity_urls, globals())
1.180 + server.run()
1.181 +