Synnefo » snf-occi

import sys

from optparse import OptionParser, OptionValueError

import string

import sqlite3

import eventlet

from eventlet import wsgi

import os

import json

import uuid

from snfOCCI.config import SERVER_CONFIG, KAMAKI_CONFIG, VOMS_CONFIG

import snf_voms

from kamaki.clients import astakos

from kamaki.cli import config as kamaki_config

from occi.backend import MixinBackend

from occi import wsgi

from webob import Request

from pprint import pprint

class MyAPP(wsgi.Application):

    def __init__(self):

        """

        Initialization of the WSGI OCCI application for synnefo

        """

        global ENABLE_VOMS, VOMS_DB

        ENABLE_VOMS = VOMS_CONFIG['enable_voms']

        super(MyAPP,self).__init__(registry=snfRegistry())

        self._register_backends()

        VALIDATOR_APP = validator(self)

    def _register_backends(self):

        COMPUTE_BACKEND = ComputeBackend()

        NETWORK_BACKEND = NetworkBackend() 

        NETWORKINTERFACE_BACKEND = NetworkInterfaceBackend()

        IPNETWORK_BACKEND = IpNetworkBackend()

        IPNETWORKINTERFACE_BACKEND = IpNetworkInterfaceBackend()

        self.register_backend(COMPUTE, COMPUTE_BACKEND)

        self.register_backend(START, COMPUTE_BACKEND)

        self.register_backend(STOP, COMPUTE_BACKEND)

        self.register_backend(RESTART, COMPUTE_BACKEND)

        self.register_backend(SUSPEND, COMPUTE_BACKEND)

        self.register_backend(RESOURCE_TEMPLATE, MixinBackend())

        self.register_backend(OS_TEMPLATE, MixinBackend())

        # Network related backends

        self.register_backend(NETWORK, NETWORK_BACKEND)

        self.register_backend(IPNETWORK, IPNETWORK_BACKEND)

        self.register_backend(NETWORKINTERFACE,NETWORKINTERFACE_BACKEND)

        self.register_backend(IPNETWORKINTERFACE, IPNETWORKINTERFACE_BACKEND)

        try:

            images = snf.list_images()

            for image in images:

                    IMAGE_ATTRIBUTES = {'occi.core.id': str(image['id'])}

                    IMAGE = Mixin("http://schemas.ogf.org/occi/os_tpl#", occify_terms(str(image['name'])), [OS_TEMPLATE],title='IMAGE' ,attributes = IMAGE_ATTRIBUTES)

                    self.register_backend(IMAGE, MixinBackend())

        except:

            raise HTTPError(404, "Unauthorized access")

            FLAVOR = Mixin("http://schemas.ogf.org/occi/resource_tpl#", str(flavor['name']), [RESOURCE_TEMPLATE], attributes = FLAVOR_ATTRIBUTES)

            FLAVOR = Mixin("http://schemas.ogf.org/occi/resource_tpl#", occify_terms(str(flavor['name'])), [RESOURCE_TEMPLATE], title='FLAVOR',attributes = FLAVOR_ATTRIBUTES)

        print occi_keys

                print "line 65:Finished getting image details for VM "+key+" with ID" + str(details['flavor']['id'])

                    if i.term ==  occify_terms(str(image['name'])):

                    if i.term ==  occify_terms(str(flavor['name'])):

                                          'occi.networkinterface.address' : ip4address,

                                          'occi.networkinterface.address' : ip4address,

                                          'occi.networkinterface.address' :'',

                    print('Image not found (probably older version')

        # Enable VOMS Authorization

        print "snf-occi application has been called!"

        req = Request(environ) 

        auth_endpoint = 'snf-auth uri=\'https://'+SERVER_CONFIG['hostname']+':5000/main\''

        if not req.environ.has_key('HTTP_X_AUTH_TOKEN'):

                print "Error: An authentication token has not been provided!"

                status = '401 Not Authorized'

                headers = [('Content-Type', 'text/html'),('Www-Authenticate',auth_endpoint)]        

                response(status,headers)               

                return [str(response)]

        if ENABLE_VOMS:

            if req.environ.has_key('HTTP_X_AUTH_TOKEN'):

                environ['HTTP_AUTH_TOKEN']= req.environ['HTTP_X_AUTH_TOKEN']

                compClient = ComputeClient(KAMAKI_CONFIG['compute_url'], environ['HTTP_AUTH_TOKEN'])

                cyclClient = CycladesClient(KAMAKI_CONFIG['compute_url'], environ['HTTP_AUTH_TOKEN'])

                try:

                    #Up-to-date flavors and images

                    self.refresh_images(compClient,cyclClient)           

                    self.refresh_flavors_norecursive(compClient,cyclClient)

                    self.refresh_network_instances(cyclClient)

                    self.refresh_compute_instances(compClient,cyclClient)

                    # token will be represented in self.extras

                    return self._call_occi(environ, response, security = None, token = environ['HTTP_AUTH_TOKEN'], snf = compClient, client = cyclClient)

                except HTTPError:

                    print "Exception from unauthorized access!"

                    status = '401 Not Authorized'

                    headers = [('Content-Type', 'text/html'),('Www-Authenticate',auth_endpoint)]

                    response(status,headers)

                    return [str(response)]

            else:

                #raise HTTPError(404, "Unauthorized access")

                status = '401 Not Authorized'

                headers = [('Content-Type', 'text/html'),('Www-Authenticate',auth_endpoint)]

                response(status,headers)

                return [str(response)]

        else:  

def application(env, start_response):

    print "snf-occi will execute voms authentication"

    t =snf_voms.VomsAuthN()       

    (user_dn, user_vo, user_fqans) = t.process_request(env)

    print (user_dn, user_vo, user_fqans)

    env['HTTP_AUTH_TOKEN'] = get_user_token(user_dn)

    # Get user authentication details

    astakosClient = astakos.AstakosClient(KAMAKI_CONFIG['astakos_url'], env['HTTP_AUTH_TOKEN'])

    user_details = astakosClient.authenticate()

    response = {'access': {'token':{'issued_at':'','expires': user_details['access']['token']['expires'] , 'id':env['HTTP_AUTH_TOKEN']},

                           'serviceCatalog': [],

                           'user':{'username': user_dn,'roles_links':user_details['access']['user']['roles_links'],'id': user_details['access']['user']['id'], 'roles':[], 'name':user_dn },

                           'metadata': {'is_admin': 0, 'roles': user_details['access']['user']['roles']}}}        

    status = '200 OK'

    headers = [('Content-Type', 'application/json')]        

    start_response(status,headers)

    body = json.dumps(response)

    print body

    return [body]

def app_factory(global_config, **local_config):

    """This function wraps our simple WSGI app so it

    can be used with paste.deploy"""

    return application

def tenant_application(env, start_response):

    print "snf-occi will return tenant information"

    if env.has_key('SSL_CLIENT_S_DN_ENV'):

        print env['SSL_CLIENT_S_DN_ENV'], env['SSL_CLIENT_CERT_ENV']    

    req = Request(env) 

    if req.environ.has_key('HTTP_X_AUTH_TOKEN'):

            env['HTTP_AUTH_TOKEN']= req.environ['HTTP_X_AUTH_TOKEN']

    else:

            raise HTTPError(404, "Unauthorized access") 

    # Get user authentication details

    print "@ refresh_user authentication details"

    astakosClient = astakos.AstakosClient(KAMAKI_CONFIG['astakos_url'], env['HTTP_AUTH_TOKEN'])

    user_details = astakosClient.authenticate()

    response = {'tenants_links': [], 'tenants':[{'description':'Instances of EGI Federated Clouds TF','enabled': True, 'id':user_details['access']['user']['id'],'name':'EGI_FCTF'}]}           

    status = '200 OK'

    headers = [('Content-Type', 'application/json')]        

    start_response(status,headers)

    body = json.dumps(response)

    print body

    return [body]

def tenant_app_factory(global_config, **local_config):

    """This function wraps our simple WSGI app so it

    can be used with paste.deploy"""

    return tenant_application

def occify_terms(term_name):

    '''

    Occifies a term_name so that it is compliant with GFD 185.

    '''

    term = term_name.strip().replace(' ', '_').replace('.', '-').lower()

    term=term.replace('(','_').replace(')','_').replace('@','_').replace('+','-_')

    return term

def get_user_token(user_dn):

        config = kamaki_config.Config()

        return config.get_cloud("default", "token")