blob: e2ac7f95aef5f0a9ffcd23ba467a0bad23cf9114 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
#!/usr/bin/python
# Copyright (C) 2015 - mod_auth_gssapi contributors, see COPYING for license.
import os
import requests
import gssapi
from base64 import b64encode
def getAuthToken(target):
spnego_mech = gssapi.raw.OID.from_int_seq('1.3.6.1.5.5.2')
name = gssapi.Name('HTTP@%s' % target,
gssapi.NameType.hostbased_service)
ctx = gssapi.SecurityContext(name=name, mech=spnego_mech)
token = ctx.step()
return 'Negotiate %s' % b64encode(token)
if __name__ == '__main__':
s = requests.Session()
target = os.environ['NSS_WRAPPER_HOSTNAME']
url = 'http://%s/spnego/' % target
proxy = 'http://%s:%s' % (target, os.environ['WRAP_PROXY_PORT'])
proxies = { "http" : proxy, }
s.headers.update({'Proxy-Authorization': getAuthToken(target)})
s.headers.update({'Authorization': getAuthToken(target)})
r = s.get(url, proxies=proxies)
if r.status_code != 200:
raise ValueError('Spnego Proxy Auth Failed')
|