def populate_random(random_file, random_templates=None, saml_info=None):
"""Populate random.ini
Create missing random values according to the template
Do not change existing values"""
from base64 import b64encode
from os import urandom
from assembl.auth.make_saml import (
make_saml_key, make_saml_cert, cleanup_x509_text)
base = ConfigParser(interpolation=None)
assert random_templates, "Please give one or more templates"
for template in random_templates:
assert exists(template), "Cannot find template " + template
base.read(template)
existing = ConfigParser(interpolation=None)
if exists(random_file):
existing.read(random_file)
combine_ini(base, existing)
saml_keys = {}
changed = False
for section in base.sections():
for key, value in base.items(section):
keyu = key.upper()
# too much knowdledge, but hard to avoid
if "SAML" in keyu and keyu.endswith("_PRIVATE_KEY"):
prefix = keyu[:-12]
if value == "{saml_key}":
saml_key_text, saml_key = make_saml_key()
saml_key_text = cleanup_x509_text(saml_key_text)
base.set(section, key, saml_key_text)
saml_keys[prefix] = saml_key
changed = True
else:
saml_keys[prefix] = value
elif value.startswith('{random') and value.endswith("}"):
size = int(value[7:-1])
assert 0 < size < 100
value = bytes_to_native_str(b64encode(urandom(size)))
base.set(section, key, value)
changed = True
# Do certs in second pass, to be sure keys are set
for section in base.sections():
for key, value in base.items(section):
keyu = key.upper()
if ("SAML" in keyu and keyu.endswith("_PUBLIC_CERT") and
value == '{saml_cert}'):
assert saml_info
prefix = keyu[:-12]
# If key is not there, it IS a mismatch and and error.
saml_key = saml_keys[prefix]
saml_cert_text, _ = make_saml_cert(saml_key, **saml_info)
saml_cert_text = cleanup_x509_text(saml_cert_text)
base.set(section, key, saml_cert_text)
changed = True
if changed:
with open(random_file, 'w') as f:
base.write(f)
return base
评论列表
文章目录
