1 files changed, 137 insertions, 0 deletions

diff --git a/bin/nova-ajax-console-proxy b/bin/nova-ajax-console-proxy
new file mode 100755
index 000000000..2bc407658
--- /dev/null
+++ b/bin/nova-ajax-console-proxy
@@ -0,0 +1,137 @@
+#!/usr/bin/env python
+# pylint: disable-msg=C0103
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2010 United States Government as represented by the
+# Administrator of the National Aeronautics and Space Administration.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License");
+#    you may not use this file except in compliance with the License.
+#    You may obtain a copy of the License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+
+"""Ajax Console Proxy Server"""
+
+from eventlet import greenthread
+from eventlet.green import urllib2
+
+import exceptions
+import gettext
+import logging
+import os
+import sys
+import time
+import urlparse
+
+# If ../nova/__init__.py exists, add ../ to Python search path, so that
+# it will override what happens to be installed in /usr/(local/)lib/python...
+possible_topdir = os.path.normpath(os.path.join(os.path.abspath(sys.argv[0]),
+                                   os.pardir,
+                                   os.pardir))
+if os.path.exists(os.path.join(possible_topdir, 'nova', '__init__.py')):
+    sys.path.insert(0, possible_topdir)
+
+gettext.install('nova', unicode=1)
+
+from nova import flags
+from nova import log as logging
+from nova import rpc
+from nova import utils
+from nova import wsgi
+
+FLAGS = flags.FLAGS
+
+flags.DEFINE_integer('ajax_console_idle_timeout', 300,
+                     'Seconds before idle connection destroyed')
+
+LOG = logging.getLogger('nova.ajax_console_proxy')
+LOG.setLevel(logging.DEBUG)
+LOG.addHandler(logging.StreamHandler())
+
+
+class AjaxConsoleProxy(object):
+    tokens = {}
+
+    def __call__(self, env, start_response):
+        try:
+            req_url = '%s://%s%s?%s' % (env['wsgi.url_scheme'],
+                                        env['HTTP_HOST'],
+                                        env['PATH_INFO'],
+                                        env['QUERY_STRING'])
+            if 'HTTP_REFERER' in env:
+                auth_url = env['HTTP_REFERER']
+            else:
+                auth_url = req_url
+
+            auth_params = urlparse.parse_qs(urlparse.urlparse(auth_url).query)
+            parsed_url = urlparse.urlparse(req_url)
+
+            auth_info = AjaxConsoleProxy.tokens[auth_params['token'][0]]
+            args = auth_info['args']
+            auth_info['last_activity'] = time.time()
+
+            remote_url = ("http://%s:%s%s?token=%s" % (
+                          str(args['host']),
+                          str(args['port']),
+                          parsed_url.path,
+                          str(args['token'])))
+
+            opener = urllib2.urlopen(remote_url, env['wsgi.input'].read())
+            body = opener.read()
+            info = opener.info()
+
+            start_response("200 OK", info.dict.items())
+            return body
+        except (exceptions.KeyError):
+            if env['PATH_INFO'] != '/favicon.ico':
+                LOG.audit("Unauthorized request %s, %s"
+                          % (req_url, str(env)))
+            start_response("401 NOT AUTHORIZED", [])
+            return "Not Authorized"
+        except Exception:
+            start_response("500 ERROR", [])
+            return "Server Error"
+
+    def register_listeners(self):
+        class Callback:
+            def __call__(self, data, message):
+                if data['method'] == 'authorize_ajax_console':
+                    AjaxConsoleProxy.tokens[data['args']['token']] =  \
+                        {'args': data['args'], 'last_activity': time.time()}
+
+        conn = rpc.Connection.instance(new=True)
+        consumer = rpc.TopicConsumer(
+                        connection=conn,
+                        topic=FLAGS.ajax_console_proxy_topic)
+        consumer.register_callback(Callback())
+
+        def delete_expired_tokens():
+            now = time.time()
+            to_delete = []
+            for k, v in AjaxConsoleProxy.tokens.items():
+                if now - v['last_activity'] > FLAGS.ajax_console_idle_timeout:
+                    to_delete.append(k)
+
+            for k in to_delete:
+                del AjaxConsoleProxy.tokens[k]
+
+        utils.LoopingCall(consumer.fetch, auto_ack=True,
+                          enable_callbacks=True).start(0.1)
+        utils.LoopingCall(delete_expired_tokens).start(1)
+
+if __name__ == '__main__':
+    utils.default_flagfile()
+    FLAGS(sys.argv)
+    server = wsgi.Server()
+    acp = AjaxConsoleProxy()
+    acp.register_listeners()
+    server.start(acp, FLAGS.ajax_console_proxy_port, host='0.0.0.0')
+    server.wait()