Lines 616-621
class Ressource(object):
|
Link Here
|
---|
|
616 |
# we must not change the session ID cookie as this might cause |
616 |
# we must not change the session ID cookie as this might cause |
617 |
# race conditions in the frontend during login, especially when logged in via SAML |
617 |
# race conditions in the frontend during login, especially when logged in via SAML |
618 |
return self.get_session_id() |
618 |
return self.get_session_id() |
|
|
619 |
CORE.process('new_sID') |
620 |
CORE.process(str(traceback.format_stack())) |
619 |
if random: |
621 |
if random: |
620 |
return str(uuid.uuid4()) |
622 |
return str(uuid.uuid4()) |
621 |
return sessionidhash() |
623 |
return sessionidhash() |
Lines 699-704
class Ressource(object):
|
Link Here
|
---|
|
699 |
|
701 |
|
700 |
class CPgeneric(Ressource): |
702 |
class CPgeneric(Ressource): |
701 |
|
703 |
|
|
|
704 |
def __init__(self): |
705 |
self._auth_lock = threading.Lock() |
706 |
super(CPgeneric, self).__init__() |
707 |
|
702 |
def get_request(self, path, args): |
708 |
def get_request(self, path, args): |
703 |
return Request(['generic'], opts={}) |
709 |
return Request(['generic'], opts={}) |
704 |
|
710 |
|
Lines 740-746
class CPgeneric(Ressource):
|
Link Here
|
---|
|
740 |
def default(self, *path, **kwargs): |
746 |
def default(self, *path, **kwargs): |
741 |
self._log('info', 'got new request') |
747 |
self._log('info', 'got new request') |
742 |
self.check_saml_session_validity() |
748 |
self.check_saml_session_validity() |
743 |
return self.get_response(self.create_sessionid(), path, self.get_arguments(kwargs)) |
749 |
with self._auth_lock: |
|
|
750 |
sessionid = self.get_session_id() |
751 |
self.ensure_auth(sessionid) |
752 |
return self.get_response(sessionid, path, self.get_arguments(kwargs)) |
744 |
|
753 |
|
745 |
def get_arguments(self, kwargs): |
754 |
def get_arguments(self, kwargs): |
746 |
if cherrypy.request.headers.get('Content-Type', '').startswith('application/json'): # normal (json) request |
755 |
if cherrypy.request.headers.get('Content-Type', '').startswith('application/json'): # normal (json) request |
Lines 760-781
class CPgeneric(Ressource):
|
Link Here
|
---|
|
760 |
args['flavor'] = kwargs['flavor'] |
769 |
args['flavor'] = kwargs['flavor'] |
761 |
return args |
770 |
return args |
762 |
|
771 |
|
763 |
def get_response(self, sessionid, path, args): |
772 |
def ensure_auth(self, sessionid): |
764 |
# create new UMCP request |
|
|
765 |
req = self.get_request('/'.join(path), args) |
766 |
|
767 |
user = self.get_user() |
773 |
user = self.get_user() |
|
|
774 |
CORE.process('ensure_auth') |
768 |
client = UMCP_Dispatcher.sessions.get(sessionid) |
775 |
client = UMCP_Dispatcher.sessions.get(sessionid) |
769 |
if user and (user.password or user.saml) and (not client or client and (not client._auth_response or client._auth_response.status != 200)): |
776 |
if user and (user.password or user.saml) and (not client or client and (not client._auth_response or client._auth_response.status != 200)): |
770 |
auth = Request('AUTH') |
777 |
auth = Request('AUTH') |
771 |
auth.body = {'username': user.username, 'password': user.saml.message if user.saml else user.password, 'auth_type': "SAML" if user.saml else None} |
778 |
auth.body = {'username': user.username, 'password': user.saml.message if user.saml else user.password, 'auth_type': "SAML" if user.saml else None} |
772 |
try: |
779 |
try: |
|
|
780 |
CORE.process('auth') |
773 |
self.make_queue_request(sessionid, auth) |
781 |
self.make_queue_request(sessionid, auth) |
774 |
self.set_session(sessionid, user.username, password=user.password) |
782 |
self.set_session(sessionid, user.username, password=user.password) |
775 |
except UMC_HTTPError: |
783 |
except UMC_HTTPError: |
776 |
self.expire_session() |
784 |
self.expire_session() |
777 |
raise |
785 |
raise |
778 |
|
786 |
|
|
|
787 |
def get_response(self, sessionid, path, args): |
788 |
# create new UMCP request |
789 |
req = self.get_request('/'.join(path), args) |
779 |
response = self.make_queue_request(sessionid, req) |
790 |
response = self.make_queue_request(sessionid, req) |
780 |
body = response.body |
791 |
body = response.body |
781 |
if response.mimetype == 'application/json': |
792 |
if response.mimetype == 'application/json': |