2 # -*- coding: utf-8 -*-
4 # ------------------------------------------------------------
5 # opensecurity_client_restful_server
7 # the OpenSecurity client RESTful server
9 # Autor: Oliver Maurhart, <oliver.maurhart@ait.ac.at>
11 # Copyright (C) 2013 AIT Austrian Institute of Technology
12 # AIT Austrian Institute of Technology GmbH
13 # Donau-City-Strasse 1 | 1220 Vienna | Austria
14 # http://www.ait.ac.at
16 # This program is free software; you can redistribute it and/or
17 # modify it under the terms of the GNU General Public License
18 # as published by the Free Software Foundation version 2.
20 # This program is distributed in the hope that it will be useful,
21 # but WITHOUT ANY WARRANTY; without even the implied warranty of
22 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 # GNU General Public License for more details.
25 # You should have received a copy of the GNU General Public License
26 # along with this program; if not, write to the Free Software
27 # Foundation, Inc., 51 Franklin Street, Fifth Floor,
28 # Boston, MA 02110-1301, USA.
29 # ------------------------------------------------------------
32 # ------------------------------------------------------------
42 from environment import Environment
43 import opensecurity_server
46 # ------------------------------------------------------------
53 """All the URLs we know mapping to class handler"""
55 '/application', 'os_application',
56 '/credentials', 'os_credentials',
57 '/password', 'os_password',
62 # ------------------------------------------------------------
67 """OpenSecurity '/application' handler.
69 This is called on GET /application?vm=VM-ID&app=APP-ID
70 This tries to access the vm identified with the label VM-ID
71 and launched the application identified APP-ID
81 raise web.badrequest()
85 raise web.badrequest()
87 apps = opensecurity_server.query_apps()
88 vms = opensecurity_server.query_vms()
90 # check if we do have valid vm
91 v = [v for v in vms if v['name'] == args.vm]
93 raise web.notfound('vm not found')
96 # check if we do have a valid app
97 a = [a for a in apps if a['name'] == args.app]
99 raise web.notfound('app not found')
103 res = "starting: launch " + v['user'] + " " + v['ip'] + " " + a['command']
105 launch_image = os.path.join(sys.path[0], 'launch.py')
106 process_command = [sys.executable, launch_image, v['user'], v['ip'], a['command']]
107 process = subprocess.Popen(process_command, shell = False, stdout = subprocess.PIPE)
108 result = process.communicate()[0]
109 if process.returncode != 0:
110 return 'Launch of application aborted.'
115 class os_credentials:
116 """OpenSecurity '/credentials' handler.
118 This is called on GET /credentials?text=TEXT.
119 Ideally this should pop up a user dialog to insert his
120 credentials based the given TEXT.
128 # we _need_ a device id
129 if not "text" in args:
130 raise web.badrequest()
132 # invoke the user dialog as a subprocess
133 dlg_credentials_image = os.path.join(sys.path[0], 'opensecurity_dialog.py')
134 process_command = [sys.executable, dlg_credentials_image, 'credentials', args.text]
135 process = subprocess.Popen(process_command, shell = False, stdout = subprocess.PIPE)
136 result = process.communicate()[0]
137 if process.returncode != 0:
138 return 'Credentials request has been aborted.'
144 """OpenSecurity '/password' handler.
146 This is called on GET /password?text=TEXT.
147 Ideally this should pop up a user dialog to insert his
148 password based device name.
156 # we _need_ a device id
157 if not "text" in args:
158 raise web.badrequest()
160 # invoke the user dialog as a subprocess
161 dlg_credentials_image = os.path.join(sys.path[0], 'opensecurity_dialog.py')
162 process_command = [sys.executable, dlg_credentials_image, 'password', args.text]
163 process = subprocess.Popen(process_command, shell = False, stdout = subprocess.PIPE)
164 result = process.communicate()[0]
165 if process.returncode != 0:
166 return 'password request has been aborted.'
172 """OpenSecurity '/' handler"""
176 res = "OpenSecurity-Client RESTFul Server { \"version\": \"%s\" }" % __version__
178 # add some sample links
184 (copy paste this into your browser's address field after the host:port)
186 /password?text=Give+me+a+password+for+device+%22My+USB+Drive%22+(ID%3A+32090-AAA-X0)
188 (eg.: http://127.0.0.1:8090/password?text=Give+me+a+password+for+device+%22My+USB+Drive%22+(ID%3A+32090-AAA-X0))
189 NOTE: check yout taskbar, the dialog window may not pop up in front of your browser window.
192 Request a combination of user and password:
193 (copy paste this into your browser's address field after the host:port)
195 /credentials?text=Tell+the+NSA+which+credentials+to+use+in+order+to+avoid+hacking+noise+on+wire.
197 (eg.: http://127.0.0.1:8090/credentials?text=Tell+the+NSA+which+credentials+to+use+in+order+to+avoid+hacking+noise+on+wire.)
198 NOTE: check yout taskbar, the dialog window may not pop up in front of your browser window.
202 (copy paste this into your browser's address field after the host:port)
204 /application?vm=Debian+7&app=Browser
206 (e.g. http://127.0.0.1:8090/application?vm=Debian+7&app=Browser)
213 if __name__ == "__main__":
214 server = web.application(opensecurity_urls, globals())