OLD | NEW |
1 # Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 # Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 # Use of this source code is governed by a BSD-style license that can be | 2 # Use of this source code is governed by a BSD-style license that can be |
3 # found in the LICENSE file. | 3 # found in the LICENSE file. |
4 | 4 |
5 """A bare-bones test server for testing cloud policy support. | 5 """A bare-bones test server for testing cloud policy support. |
6 | 6 |
7 This implements a simple cloud policy test server that can be used to test | 7 This implements a simple cloud policy test server that can be used to test |
8 chrome's device management service client. The policy information is read from | 8 chrome's device management service client. The policy information is read from |
9 the file named device_management in the server's data directory. It contains | 9 the file named device_management in the server's data directory. It contains |
10 enforced and recommended policies for the device and user scope, and a list | 10 enforced and recommended policies for the device and user scope, and a list |
(...skipping 28 matching lines...) Expand all Loading... |
39 "google/chromeos/publicaccount/user@example.com" : { | 39 "google/chromeos/publicaccount/user@example.com" : { |
40 "mandatory" : { | 40 "mandatory" : { |
41 "HomepageLocation" : "http://www.chromium.org" | 41 "HomepageLocation" : "http://www.chromium.org" |
42 }, | 42 }, |
43 "recommended" : { | 43 "recommended" : { |
44 } | 44 } |
45 }, | 45 }, |
46 "managed_users" : [ | 46 "managed_users" : [ |
47 "secret123456" | 47 "secret123456" |
48 ], | 48 ], |
49 "current_key_index": 0 | 49 "current_key_index": 0, |
| 50 "robot_api_auth_code": "fake_auth_code" |
50 } | 51 } |
51 | 52 |
52 """ | 53 """ |
53 | 54 |
54 import BaseHTTPServer | 55 import BaseHTTPServer |
55 import cgi | 56 import cgi |
56 import google.protobuf.text_format | 57 import google.protobuf.text_format |
57 import hashlib | 58 import hashlib |
58 import logging | 59 import logging |
59 import os | 60 import os |
(...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
195 # Check server side requirements, as defined in | 196 # Check server side requirements, as defined in |
196 # device_management_backend.proto. | 197 # device_management_backend.proto. |
197 if (self.GetUniqueParam('devicetype') != '2' or | 198 if (self.GetUniqueParam('devicetype') != '2' or |
198 self.GetUniqueParam('apptype') != 'Chrome' or | 199 self.GetUniqueParam('apptype') != 'Chrome' or |
199 (request_type != 'ping' and | 200 (request_type != 'ping' and |
200 len(self.GetUniqueParam('deviceid')) >= 64) or | 201 len(self.GetUniqueParam('deviceid')) >= 64) or |
201 len(self.GetUniqueParam('agent')) >= 64): | 202 len(self.GetUniqueParam('agent')) >= 64): |
202 return (400, 'Invalid request parameter') | 203 return (400, 'Invalid request parameter') |
203 if request_type == 'register': | 204 if request_type == 'register': |
204 return self.ProcessRegister(rmsg.register_request) | 205 return self.ProcessRegister(rmsg.register_request) |
| 206 if request_type == 'api_authorization': |
| 207 return self.ProcessApiAuthorization(rmsg.service_api_access_request) |
205 elif request_type == 'unregister': | 208 elif request_type == 'unregister': |
206 return self.ProcessUnregister(rmsg.unregister_request) | 209 return self.ProcessUnregister(rmsg.unregister_request) |
207 elif request_type == 'policy' or request_type == 'ping': | 210 elif request_type == 'policy' or request_type == 'ping': |
208 return self.ProcessPolicy(rmsg.policy_request, request_type) | 211 return self.ProcessPolicy(rmsg.policy_request, request_type) |
209 elif request_type == 'enterprise_check': | 212 elif request_type == 'enterprise_check': |
210 return self.ProcessAutoEnrollment(rmsg.auto_enrollment_request) | 213 return self.ProcessAutoEnrollment(rmsg.auto_enrollment_request) |
211 else: | 214 else: |
212 return (400, 'Invalid request parameter') | 215 return (400, 'Invalid request parameter') |
213 | 216 |
214 def CreatePolicyForExternalPolicyData(self, policy_key): | 217 def CreatePolicyForExternalPolicyData(self, policy_key): |
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
285 response = dm.DeviceManagementResponse() | 288 response = dm.DeviceManagementResponse() |
286 response.register_response.device_management_token = ( | 289 response.register_response.device_management_token = ( |
287 token_info['device_token']) | 290 token_info['device_token']) |
288 response.register_response.machine_name = token_info['machine_name'] | 291 response.register_response.machine_name = token_info['machine_name'] |
289 response.register_response.enrollment_type = token_info['enrollment_mode'] | 292 response.register_response.enrollment_type = token_info['enrollment_mode'] |
290 | 293 |
291 self.DumpMessage('Response', response) | 294 self.DumpMessage('Response', response) |
292 | 295 |
293 return (200, response.SerializeToString()) | 296 return (200, response.SerializeToString()) |
294 | 297 |
| 298 def ProcessApiAuthorization(self, msg): |
| 299 """Handles an API authorization request. |
| 300 |
| 301 Args: |
| 302 msg: The DeviceServiceApiAccessRequest message received from the client. |
| 303 |
| 304 Returns: |
| 305 A tuple of HTTP status code and response data to send to the client. |
| 306 """ |
| 307 policy = self.server.GetPolicies() |
| 308 |
| 309 # Return the auth code from the config file if it's defined, |
| 310 # else return a descriptive default value. |
| 311 response = dm.DeviceManagementResponse() |
| 312 response.service_api_access_response.auth_code = policy.get( |
| 313 'robot_api_auth_code', 'policy_test_server.py-auth_code') |
| 314 self.DumpMessage('Response', response) |
| 315 |
| 316 return (200, response.SerializeToString()) |
| 317 |
295 def ProcessUnregister(self, msg): | 318 def ProcessUnregister(self, msg): |
296 """Handles a register request. | 319 """Handles a register request. |
297 | 320 |
298 Checks for authorization, unregisters the device and constructs the | 321 Checks for authorization, unregisters the device and constructs the |
299 response. | 322 response. |
300 | 323 |
301 Args: | 324 Args: |
302 msg: The DeviceUnregisterRequest message received from the client. | 325 msg: The DeviceUnregisterRequest message received from the client. |
303 | 326 |
304 Returns: | 327 Returns: |
(...skipping 608 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
913 if (self.options.log_to_console): | 936 if (self.options.log_to_console): |
914 logger.addHandler(logging.StreamHandler()) | 937 logger.addHandler(logging.StreamHandler()) |
915 if (self.options.log_file): | 938 if (self.options.log_file): |
916 logger.addHandler(logging.FileHandler(self.options.log_file)) | 939 logger.addHandler(logging.FileHandler(self.options.log_file)) |
917 | 940 |
918 testserver_base.TestServerRunner.run_server(self) | 941 testserver_base.TestServerRunner.run_server(self) |
919 | 942 |
920 | 943 |
921 if __name__ == '__main__': | 944 if __name__ == '__main__': |
922 sys.exit(PolicyServerRunner().main()) | 945 sys.exit(PolicyServerRunner().main()) |
OLD | NEW |