diff options
| author | Daniel Kubec <niel@rtfm.cz> | 2015-04-05 00:10:37 +0200 |
|---|---|---|
| committer | David Sommerseth <davids@redhat.com> | 2015-10-10 00:03:07 +0200 |
| commit | f7ef7522f5c7e6d4abfa5a0378c2e2ad265c65ec (patch) | |
| tree | db04092f643139b146b822522b1a52baa8f2edd0 /sample/sample-plugins/keying-material-exporter-demo/http-server.py | |
| parent | 84604e0bae7216b46642d5a1a443b86f712d53aa (diff) | |
| download | openvpn-f7ef7522f5c7e6d4abfa5a0378c2e2ad265c65ec.tar.gz openvpn-f7ef7522f5c7e6d4abfa5a0378c2e2ad265c65ec.tar.xz openvpn-f7ef7522f5c7e6d4abfa5a0378c2e2ad265c65ec.zip | |
sample-plugin: TLS Keying Material Exporter [RFC-5705] demonstration plug-in
A simple plug-in with a corresponding HTTP server and client which can authenticate
an HTTP user based on the authentication already done via an established OpenVPN
connection
[DS: Renamed the module at commit time from sso to keyingmaterialexporter to
avoid confusion with other Single-Sign-On solutions. Updated documentation
and commits accordingly. Added --pull to the client config]
Signed-off-by: Daniel Kubec <niel@rtfm.cz>
Signed-off-by: David Sommerseth <davids@redhat.com>
Acked-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'sample/sample-plugins/keying-material-exporter-demo/http-server.py')
| -rwxr-xr-x | sample/sample-plugins/keying-material-exporter-demo/http-server.py | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/sample/sample-plugins/keying-material-exporter-demo/http-server.py b/sample/sample-plugins/keying-material-exporter-demo/http-server.py new file mode 100755 index 0000000..45381b5 --- /dev/null +++ b/sample/sample-plugins/keying-material-exporter-demo/http-server.py @@ -0,0 +1,41 @@ +#!/usr/bin/python +from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer +import os + +class ExampleHTTPRequestHandler(BaseHTTPRequestHandler): + + def do_GET(self): + session_key = os.path.basename(self.path) + file = '/tmp/openvpn_sso_' + session_key + print 'session file: ' + file + try: + f = open(file) + #send code 200 response + self.send_response(200) + #send header first + self.send_header('Content-type','text-html') + self.end_headers() + #send file content to client + user = f.read().rstrip() + print 'session user: ' + user + print 'session key: ' + session_key + self.wfile.write('<html><body><h1>Greetings ' + user \ + + '. You are authorized' \ + '</h1>' \ + '</body></html>') + f.close() + return + except IOError: + self.send_error(404, 'authentication failed') + +def run(): + #ip and port of servr + #by default http server port is 80 + server_address = ('0.0.0.0', 8080) + httpd = HTTPServer(server_address, ExampleHTTPRequestHandler) + print('http server started') + httpd.serve_forever() + print('http server stopped') + +if __name__ == '__main__': + run() |