check_hobos: generate secrets using shared_secret() from hobo (#8961)
This commit is contained in:
parent
65eba14c5f
commit
4e5305b669
|
@ -24,7 +24,8 @@ HOBO_JSON = {
|
|||
'base_url': 'http://authentic.example.net',
|
||||
'id': 3,
|
||||
'secret_key': '_b82$d)(xcw$dl@ieis@jhmrmbbeb4$=%lrpi*4p&b))*a*=5!',
|
||||
'slug': 'authentic'
|
||||
'slug': 'authentic',
|
||||
'secret_key': '12345',
|
||||
},
|
||||
{
|
||||
'service-id': 'wcs',
|
||||
|
@ -196,6 +197,9 @@ def test_configure_site_options():
|
|||
assert pub.get_site_option('hobo_url', 'variables') == 'http://hobo.example.net/'
|
||||
assert pub.get_site_option('foobar', 'variables') == 'http://example.net'
|
||||
assert pub.get_site_option('xxx', 'variables') == 'HELLO WORLD'
|
||||
assert (pub.get_site_option('authentic.example.net', 'api-secrets')
|
||||
== CmdCheckHobos.shared_secret(HOBO_JSON['services'][1]['secret_key'],
|
||||
HOBO_JSON['services'][2]['secret_key']))
|
||||
|
||||
def test_update_configuration():
|
||||
service = [x for x in HOBO_JSON.get('services', []) if x.get('service-id') == 'wcs'][0]
|
||||
|
|
|
@ -283,11 +283,14 @@ class CmdCheckHobos(Command):
|
|||
variables = {}
|
||||
api_secrets = {}
|
||||
for service in self.all_services.get('services', []):
|
||||
# ignore current service to prevent self-domain = secret_key ^ secret_key = 0
|
||||
if service is current_service:
|
||||
continue
|
||||
variables['%s_url' % service.get('slug')] = service.get('base_url')
|
||||
if not service.get('secret_key'):
|
||||
continue
|
||||
domain = urlparse.urlparse(service.get('base_url')).netloc.split(':')[0]
|
||||
api_secrets[domain] = hashlib.sha1(domain + service.get('secret_key')).hexdigest()
|
||||
api_secrets[domain] = self.shared_secret(current_service.get('secret_key'), service.get('secret_key'))
|
||||
if service.get('service-id') == 'combo':
|
||||
if service.get('template_name') == 'portal-agent':
|
||||
variables['portal_agent_url'] = service.get('base_url')
|
||||
|
@ -296,7 +299,6 @@ class CmdCheckHobos(Command):
|
|||
variables['portal_url'] = service.get('base_url')
|
||||
config.set('options', 'theme_skeleton_url',
|
||||
service.get('base_url') + '__skeleton__/')
|
||||
|
||||
if self.all_services.get('variables'):
|
||||
for key, value in self.all_services.get('variables').items():
|
||||
variables[key] = value
|
||||
|
@ -404,5 +406,11 @@ class CmdCheckHobos(Command):
|
|||
cmd.append(str(self.get_instance_path(service)))
|
||||
subprocess.call(cmd)
|
||||
|
||||
@classmethod
|
||||
def shared_secret(cls, secret1, secret2):
|
||||
secret1 = hashlib.sha256(secret1).hexdigest()
|
||||
secret2 = hashlib.sha256(secret2).hexdigest()
|
||||
return hex(int(secret1, 16) ^ int(secret2, 16))[2:-1]
|
||||
|
||||
|
||||
CmdCheckHobos.register()
|
||||
|
|
Loading…
Reference in New Issue