当前位置: 首页>>代码示例>>Python>>正文


Python Security.verify_signature_content方法代码示例

本文整理汇总了Python中calvin.utilities.security.Security.verify_signature_content方法的典型用法代码示例。如果您正苦于以下问题:Python Security.verify_signature_content方法的具体用法?Python Security.verify_signature_content怎么用?Python Security.verify_signature_content使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在calvin.utilities.security.Security的用法示例。


在下文中一共展示了Security.verify_signature_content方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: compile

# 需要导入模块: from calvin.utilities.security import Security [as 别名]
# 或者: from calvin.utilities.security.Security import verify_signature_content [as 别名]
def compile(source_text, filename='', content=None, credentials=None, verify=True, node=None):
    # Steps taken:
    # 1) Verify signature when credentials supplied
    # 2) parser .calvin file -> IR. May produce syntax errors/warnings
    # 3) checker IR -> IR. May produce syntax errors/warnings
    # 4) analyzer IR -> app. Should not fail. Sets 'valid' property of IR to True/False

    deployable = {'valid': False, 'actors': {}, 'connections': {}}
    errors = [] #TODO: fill in something meaningful
    warnings = []
    if credentials:
        _log.debug("Check credentials...")
        sec = Security(node)
        sec.set_subject(credentials)
        if not sec.authenticate_subject():
            _log.error("Check credentials...failed authentication")
            # This error reason is detected in calvin control and gives proper REST response
            errors.append({'reason': "401: UNAUTHORIZED", 'line': 0, 'col': 0})
            return deployable, errors, warnings
        if (not sec.verify_signature_content(content, "application") or not sec.check_security_policy()):
            # Verification not OK if sign or cert not OK or if the signer is denied by security policies
            print "\n IN DEPLOYER\n "
            _log.error("Check credentials...failed application verification")
            # This error reason is detected in calvin control and gives proper REST response
            errors.append({'reason': "401: UNAUTHORIZED", 'line': None, 'col': None})
            return deployable, errors, warnings

    _log.debug("Parsing...")
    ir, errors, warnings = calvin_parser(source_text, filename)
    _log.debug("Parsed %s, %s, %s" % (ir, errors, warnings))
    # If there were errors during parsing no IR will be generated
    if not errors:
        c_errors, c_warnings = check(ir, verify=verify)
        errors.extend(c_errors)
        warnings.extend(c_warnings)
        deployable = generate_app_info(ir, verify=verify)
        if errors:
            deployable['valid'] = False
    _log.debug("Compiled %s, %s, %s" % (deployable, errors, warnings))
    return deployable, errors, warnings
开发者ID:josrolgil,项目名称:exjobbCalvin,代码行数:42,代码来源:cscompiler.py

示例2: compile_script_check_security

# 需要导入模块: from calvin.utilities.security import Security [as 别名]
# 或者: from calvin.utilities.security.Security import verify_signature_content [as 别名]
def compile_script_check_security(data, filename, cb, security=None, content=None, verify=True, node=None, signature=None):
    """
    Compile a script and return a tuple (deployable, errors, warnings).

    'credentials' are optional security credentials(?)
    'verify' is deprecated and will be removed
    'node' is the runtime performing security check(?)
    'cb' is a CalvinCB callback

    N.B. If callback 'cb' is given, this method calls cb(deployable, errors, warnings) and returns None
    N.B. If callback 'cb' is given, and method runs to completion, cb is called with additional parameter 'security' (?)
    """
    def _exit_with_error(callback):
        """Helper method to generate a proper error"""
        it = IssueTracker()
        it.add_error("UNAUTHORIZED", info={'status':401})
        callback({}, it)
        return

    def _handle_policy_decision(data, appname, verify, access_decision, org_cb, security=None):
        if not access_decision:
            _log.error("Access denied")
            # This error reason is detected in calvin control and gives proper REST response
            _exit_with_error(org_cb)
            return
        if 'app_info' not in data and 'script' in data:
            deployable, issuetracker = compile_script(data['script'], appname)
        elif 'app_info' in data:
            deployable = data['app_info']
            issuetracker = IssueTracker()
        else:
            _log.error("Neither app_info or script supplied")
            # This error reason is detected in calvin control and gives proper REST response
            _exit_with_error(org_cb)
            return
        org_cb(deployable, issuetracker, security=security)

    #
    # Actual code for compile_script
    #
    appname = appname_from_filename(filename)
    # FIXME: if node is None we bypass security even if enabled. Is that the intention?
    if node is not None and security_enabled():
        # FIXME: If cb is None, we will return from this method with None instead of a tuple, failing silently
        if security:
            sec = security
        else:
            sec = Security(node)


        verified, signer = sec.verify_signature_content(content, "application")
        if not verified:
            # Verification not OK if sign or cert not OK.
            _log.error("Failed application verification")
            # This error reason is detected in calvin control and gives proper REST response
            _exit_with_error(cb)
            return
        sec.check_security_policy(
            CalvinCB(_handle_policy_decision, data, appname, verify, security=security, org_cb=cb),
            element_type = "application",
            element_value = signer
        )
        return

    #
    # We get here if node is None, or security is disabled
    #
    # This used to be
    # _handle_policy_decision(data, filename, verify, access_decision=True, security=None, org_cb=cb)
    # but since _handle_policy_decision is called with access_decision=True, security=None only compile_script would be called
    if 'app_info' not in data and 'script' in data:
        deployable, issuetracker = compile_script(data['script'], appname)
    elif 'app_info' in data:
        deployable = data['app_info']
        issuetracker = IssueTracker()
    else:
        _log.error("Neither app_info or script supplied")
        # This error reason is detected in calvin control and gives proper REST response
        _exit_with_error(org_cb)
        return
    cb(deployable, issuetracker, security=None)
开发者ID:EricssonResearch,项目名称:calvin-base,代码行数:83,代码来源:cscompile.py


注:本文中的calvin.utilities.security.Security.verify_signature_content方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。