How to use the websockify.auth_plugins function in websockify
To help you get started, we’ve selected a few websockify examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
novnc / websockify / tests / test_websocketproxy.py View on Github 
def test_auth_plugin(self):
class TestPlugin(auth_plugins.BasePlugin):
def authenticate(self, headers, target_host, target_port):
if target_host == self.source:
raise auth_plugins.AuthenticationError(response_msg="some_error")
self.stubs.Set(websocketproxy.ProxyRequestHandler, 'send_auth_error',
staticmethod(lambda *args, **kwargs: None))
self.handler.server.auth_plugin = TestPlugin("somehost")
self.handler.server.target_host = "somehost"
self.handler.server.target_port = "someport"
self.assertRaises(auth_plugins.AuthenticationError,
self.handler.auth_connection)
self.handler.server.target_host = "someotherhost"
self.handler.auth_connection()def test_auth_plugin(self):
class TestPlugin(auth_plugins.BasePlugin):
def authenticate(self, headers, target_host, target_port):
if target_host == self.source:
raise auth_plugins.AuthenticationError(response_msg="some_error")
self.stubs.Set(websocketproxy.ProxyRequestHandler, 'send_auth_error',
staticmethod(lambda *args, **kwargs: None))
self.handler.server.auth_plugin = TestPlugin("somehost")
self.handler.server.target_host = "somehost"
self.handler.server.target_port = "someport"
self.assertRaises(auth_plugins.AuthenticationError,
self.handler.auth_connection)
self.handler.server.target_host = "someotherhost"
self.handler.auth_connection()def validate_connection(self):
if self.server.token_plugin:
(self.server.target_host, self.server.target_port) = self.get_target(self.server.token_plugin, self.path)
if self.server.auth_plugin:
try:
self.server.auth_plugin.authenticate(
headers=self.headers, target_host=self.server.target_host,
target_port=self.server.target_port)
except auth.AuthenticationError:
ex = sys.exc_info()[1]
self.send_auth_error(ex)
raisedef validate_connection(self):
if self.server.token_plugin:
host, port = self.get_target(self.server.token_plugin, self.path)
if host == 'unix_socket':
self.server.unix_target = port
else:
self.server.target_host = host
self.server.target_port = port
if self.server.auth_plugin:
try:
self.server.auth_plugin.authenticate(
headers=self.headers, target_host=self.server.target_host,
target_port=self.server.target_port)
except auth.AuthenticationError:
ex = sys.exc_info()[1]
self.send_auth_error(ex)
raisedef validate_connection(self):
if self.server.token_plugin:
host, port = self.get_target(self.server.token_plugin, self.path)
if host == 'unix_socket':
self.server.unix_target = port
else:
self.server.target_host = host
self.server.target_port = port
if self.server.auth_plugin:
try:
self.server.auth_plugin.authenticate(
headers=self.headers, target_host=self.server.target_host,
target_port=self.server.target_port)
except auth.AuthenticationError:
ex = sys.exc_info()[1]
self.send_auth_error(ex)
raisedef validate_connection(self):
if self.server.token_plugin:
host, port = self.get_target(self.server.token_plugin, self.path)
if host == 'unix_socket':
self.server.unix_target = port
else:
self.server.target_host = host
self.server.target_port = port
if self.server.auth_plugin:
try:
self.server.auth_plugin.authenticate(
headers=self.headers, target_host=self.server.target_host,
target_port=self.server.target_port)
except auth.AuthenticationError:
ex = sys.exc_info()[1]
self.send_auth_error(ex)
raise# find free display
def checkDisplayNumber(n):
# this should be more sophisticated, see file vncserver function CheckDisplayNumber from package tigervnc
return not os.path.exists('/tmp/.X11-unix/X%d'%(n))
display=-1
for i in range(10,31):
if checkDisplayNumber(i):
display=i
break
if display==-1:
raise RuntimeError("No free display found")
# return port of free display
return ('localhost', 5900+display)
# the Websockify auth plugin
class MBSimWebappAuth(websockify.auth_plugins.BasePlugin):
def authenticate(self, headers, target_host, target_port):
# check authentification
if 'Cookie' not in headers: # error if not Cookie is defined
raise websockify.auth_plugins.AuthenticationError(log_msg="No cookie provided.")
# get cookie and get the mbsimenvsessionid form the cookie
cookie=headers['Cookie']
c=Cookie.SimpleCookie(cookie)
if 'mbsimenvsessionid' not in c:
raise websockify.auth_plugins.AuthenticationError(log_msg="No mbsimenvsessionid provided in cookie.")
sessionid=c['mbsimenvsessionid'].value
# call www.mbsim-env.de to check to session ID (we can do this my checking the config file of the server directly
# but this file is not readable for this user for security reasons)
response=requests.post('https://www.mbsim-env.de/cgi-bin/mbsimBuildServiceServer.py/checkmbsimenvsessionid',
json={'mbsimenvsessionid': sessionid})
# if the response is OK and success is true than continue
if response.status_code!=200:def authenticate(self, headers, target_host, target_port):
# check authentification
if 'Cookie' not in headers: # error if not Cookie is defined
raise websockify.auth_plugins.AuthenticationError(log_msg="No cookie provided.")
# get cookie and get the mbsimenvsessionid form the cookie
cookie=headers['Cookie']
c=Cookie.SimpleCookie(cookie)
if 'mbsimenvsessionid' not in c:
raise websockify.auth_plugins.AuthenticationError(log_msg="No mbsimenvsessionid provided in cookie.")
sessionid=c['mbsimenvsessionid'].value
# call www.mbsim-env.de to check to session ID (we can do this my checking the config file of the server directly
# but this file is not readable for this user for security reasons)
response=requests.post('https://www.mbsim-env.de/cgi-bin/mbsimBuildServiceServer.py/checkmbsimenvsessionid',
json={'mbsimenvsessionid': sessionid})
# if the response is OK and success is true than continue
if response.status_code!=200:
raise websockify.auth_plugins.AuthenticationError(log_msg="Checking session ID failed.")
d=response.json()
if 'success' not in d:
raise websockify.auth_plugins.AuthenticationError(log_msg="Invalid response from mbsim server.")
if not d['success']:
raise websockify.auth_plugins.AuthenticationError(log_msg=d['message'])
token=globalToken
display=target_port-5900client_cert_data = self.request.getpeercert()
# extract subject information
client_cert_subject = client_cert_data['subject']
# flatten data structure
client_cert_subject = dict([x[0] for x in client_cert_subject])
# add common name to headers (apache +StdEnvVars style)
self.headers['SSL_CLIENT_S_DN_CN'] = client_cert_subject['commonName']
except (TypeError, AttributeError, KeyError):
# not a SSL connection or client presented no certificate with valid data
pass
try:
self.server.auth_plugin.authenticate(
headers=self.headers, target_host=self.server.target_host,
target_port=self.server.target_port)
except auth.AuthenticationError:
ex = sys.exc_info()[1]
self.send_auth_error(ex)
raise
Popular websockify functions
- websockify.auth_plugins
- websockify.auth_plugins.AuthenticationError
- websockify.ProxyRequestHandler
- websockify.ProxyRequestHandler.__init__
- websockify.sysloghandler.WebsockifySysLogHandler
- websockify.token_plugins
- websockify.token_plugins.BasePlugin
- websockify.token_plugins.JWTTokenApi
- websockify.websocket
- websockify.websocket.WebSocketServer
- websockify.websocket.WebSocketServer.__init__
- websockify.websocket.WebSocketServer.socket
- websockify.WebSocketProxy
- websockify.websocketproxy.WebSocketProxy
- websockify.websockifyserver
- websockify.websockifyserver.WebSockifyRequestHandler
- websockify.websockifyserver.WebSockifyServer
- websockify.websockifyserver.WebSockifyServer.__init__
- websockify.websockifyserver.WebSockifyServer.EClose
- websockify.websockifyserver.WebSockifyServer.socket