.git/ipsilon/util, branch 24 Unnamed repository; edit this file 'description' to name the repository. Add helper to store provider specific data 2015-02-13T19:19:35+00:00 Rob Crittenden rcritten@redhat.com 2015-01-29T15:24:02+00:00 c327645a032ae9e4fca84909d4708ca00230b1bc Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Rob Crittenden <rcritten@redhat.com> 
Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Rob Crittenden <rcritten@redhat.com>
Add expiration to Idp metadata 2015-01-29T19:06:51+00:00 Simo Sorce simo@redhat.com 2015-01-19T22:47:56+00:00 0d5c4ff5229880b6eba12a4e7e5bfbab2f415caa Also regenerate it frequently, so that any change in configuration can be automatically reflected in the metadata downloaded my clients over time. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com> 
Also regenerate it frequently, so that any change in configuration can be
automatically reflected in the metadata downloaded my clients over time.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Fix request multipart logging when only 1 part is present 2015-01-27T21:40:46+00:00 John Dennis jdennis@redhat.com 2015-01-27T16:53:31+00:00 335ba5558a13ca7214a48a8829e673771f8954df Test to see if the request parameter value is a cherrypy Part class. This was already being done for the case where the value was a list, but it was omitted for single values. Logic was combined into new local function print_param(). Changed the test for the class back to using if isinstance(item, cherrypy._cpreqbody.Part): instead of: if getattr(item, "part_class", None): because using isinstance() clearly indicates what is being done. The use of getattr() was introduced to prevent a pylint warning concering use of protected values. The getattr() hack is confusing and proably not robust if the class implementation changes. The patch now disables this warning. I cannot explain why cherrypy marks these modules as protected when clearly one has to utilize them and they are documented in the cherrypy API doc. Disabling the warning seems the cleanest and most robust approach. Signed-off-by: John Dennis <jdennis@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Test to see if the request parameter value is a cherrypy Part
class. This was already being done for the case where the value was a
list, but it was omitted for single values. Logic was combined into new
local function print_param().

Changed the test for the class back to using

    if isinstance(item, cherrypy._cpreqbody.Part):

instead of:

    if getattr(item, "part_class", None):

because using isinstance() clearly indicates what is being done. The
use of getattr() was introduced to prevent a pylint warning concering
use of protected values. The getattr() hack is confusing and proably
not robust if the class implementation changes. The patch now disables
this warning. I cannot explain why cherrypy marks these modules as
protected when clearly one has to utilize them and they are documented
in the cherrypy API doc. Disabling the warning seems the cleanest and
most robust approach.

Signed-off-by: John Dennis <jdennis@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Fix int/pep8 errors in latest patches 2015-01-26T22:42:48+00:00 Simo Sorce simo@redhat.com 2015-01-26T22:10:20+00:00 034fd7a63e5582e18f1436388a2abc2b23567396 Mea culpa for not checking before pushing Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: John Dennis <jdennis@redhat.com> 
Mea culpa for not checking before pushing

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: John Dennis <jdennis@redhat.com>
Add source code context information to debug logs 2015-01-26T19:01:03+00:00 John Dennis jdennis@redhat.com 2015-01-12T15:47:37+00:00 74194d5d36cfc1be67e92924585731e9b3894605 The log.debug() function helpfully adds the name of the function invoking it but in a complicated software package there are many functions/methods which share the same name. Thus a debug message like this: DEBUG(__init__): xxx does not give you much context, there are probably hundreds of __init__ methods. It would help to qualify the method name which it's class name, that gives a lot more context when reading the log. Sometimes it's also helpful to know the file and line number. This patch adds the class name to the function and included the filename and line number as well. The file path is trimmed to the last 3 components, sufficient to give context but not too verbose. Now the debug message might look like this instead: DEBUG(ipsilon/providers/common.py:129 LoadProviders.__init__()): xxx Also included is a config option 'stacktrace_on_error' which will include a stacktrace when the log.error function is called. It can be very useful to see a stacktrace when logging an error, it defaults to off. Signed-off-by: John Dennis <jdennis@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
The log.debug() function helpfully adds the name of the function
invoking it but in a complicated software package there are many
functions/methods which share the same name. Thus a debug message
like this:

DEBUG(__init__): xxx

does not give you much context, there are probably hundreds of
__init__ methods. It would help to qualify the method name which it's
class name, that gives a lot more context when reading the
log. Sometimes it's also helpful to know the file and line number.

This patch adds the class name to the function and included the
filename and line number as well. The file path is trimmed to the last
3 components, sufficient to give context but not too verbose. Now the
debug message might look like this instead:

DEBUG(ipsilon/providers/common.py:129 LoadProviders.__init__()): xxx

Also included is a config option 'stacktrace_on_error' which will
include a stacktrace when the log.error function is called. It can be
very useful to see a stacktrace when logging an error, it defaults to
off.

Signed-off-by: John Dennis <jdennis@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Add request/response logging via cherrypy tool hooks 2015-01-26T18:34:06+00:00 John Dennis jdennis@redhat.com 2015-01-20T22:13:34+00:00 e85f190d8e081fbbfeadca24781266d1c3e1bba1 The ability to easily review the HTTP Ipsilon request and response is boon for development and issue debugging. Normally these HTTP conversations occur on SSL/TLS encrypted connections making it difficult to use other tools to view the traffic. Client side tools have known pitfalls (e.g. Firebug) and not all conversations are browser initiated (e.g. SAML ECP). Logging performed by the server hosting Ipsilon makes logging at the server level server specific (e.g. Apache's dumpio requires post-processing the log file to extract and reassamble the HTTP conversation). The best place to log requests and responses is within Ipsilon using the cherrypy framework Ipsilon is embedded in. Cherrypy provides user defined hooks that can be invoked at specific places in the request pipeline. We establish a hook at the last stage just before the response is written to the client, it logs the incoming request and outgoing response. Resolves: https://fedorahosted.org/ipsilon/ticket/44 Signed-off-by: John Dennis <jdennis@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
The ability to easily review the HTTP Ipsilon request and response is
boon for development and issue debugging. Normally these HTTP
conversations occur on SSL/TLS encrypted connections making it
difficult to use other tools to view the traffic. Client side tools
have known pitfalls (e.g. Firebug) and not all conversations are
browser initiated (e.g. SAML ECP). Logging performed by the server
hosting Ipsilon makes logging at the server level server specific
(e.g. Apache's dumpio requires post-processing the log file to extract
and reassamble the HTTP conversation). The best place to log requests
and responses is within Ipsilon using the cherrypy framework
Ipsilon is embedded in. Cherrypy provides user defined hooks that can
be invoked at specific places in the request pipeline. We establish a
hook at the last stage just before the response is written to the
client, it logs the incoming request and outgoing response.

Resolves: https://fedorahosted.org/ipsilon/ticket/44

Signed-off-by: John Dennis <jdennis@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Use referer too as source of transaction IDs 2015-01-16T09:33:22+00:00 Simo Sorce simo@redhat.com 2015-01-12T20:02:18+00:00 d6ffbfe04bc6b6370e3aa112e7bdd7183a851a94 This allows us to use apache module that use things like ErrorDocument directives to do internal redirects and still retain the original transaction intact. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com> 
This allows us to use apache module that use things like ErrorDocument
directives to do internal redirects and still retain the original
transaction intact.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Fix file permissions and remove shebang's 2014-12-16T15:51:43+00:00 Patrick Uiterwijk puiterwijk@redhat.com 2014-12-16T15:40:03+00:00 45cb73a21a90084818c3057e362ef9459f1600f3 Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Add defaults to List objects 2014-12-05T20:44:06+00:00 Simo Sorce simo@redhat.com 2014-12-05T20:37:28+00:00 6b37bf2965a5c66cbe0f2a1def92a815170c4ce3 Otherwise we get backtraces when checking for list members and no configuration have been stored in the database yet. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com> 
Otherwise we get backtraces when checking for list members and no configuration
have been stored in the database yet.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Allow to pass drectly a URL to the Store class 2014-12-05T19:49:30+00:00 Simo Sorce simo@redhat.com 2014-12-05T19:28:22+00:00 1c3343573f008e7fe4c14cfb3523960a5376dc30 This is useful for plugins that want to use their own database configuration but still want to reuse he Store class for simplicity. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com> 
This is useful for plugins that want to use their own database configuration
but still want to reuse he Store class for simplicity.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>