diff options
author | Lars Wirzenius <liw@liw.fi> | 2017-11-12 15:42:23 +0100 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2017-11-12 19:49:43 +0100 |
commit | d0d84d7761746fec027af6be872846644059b853 (patch) | |
tree | b97a2a185fe7d659aaaa2e94d84fdc036427d4bd /worker_manager | |
parent | e4dc427ccdd31b5a7b9cd1d3985e1aaa07ac4b32 (diff) | |
download | ick2-d0d84d7761746fec027af6be872846644059b853.tar.gz |
Add: create token in worker-manager
Diffstat (limited to 'worker_manager')
-rwxr-xr-x | worker_manager | 53 |
1 files changed, 52 insertions, 1 deletions
diff --git a/worker_manager b/worker_manager index f5492cb..1b3bbbb 100755 --- a/worker_manager +++ b/worker_manager @@ -20,7 +20,9 @@ import logging import sys import time +import apifw import cliapp +import Crypto.PublicKey.RSA import requests import urllib3 @@ -57,6 +59,18 @@ class WorkerManager(cliapp.Application): metavar='TOKEN', ) + self.settings.string( + ['token-key'], + 'get token signing private key from FILE', + metavar='FILE', + ) + + self.settings.string( + ['token-key-pub'], + 'get token signing public key from FILE', + metavar='FILE', + ) + self.settings.integer( ['sleep'], 'sleep for SECS seconds if there is no work currently', @@ -97,11 +111,48 @@ class WorkerManager(cliapp.Application): return work def get_auth_headers(self): - token = self.settings['token'] + token = self.get_token() return { 'Authorization': 'Bearer {}'.format(token), } + def get_token(self): + token = self.settings['token'] + token_key = self.settings['token-key'] + token_key_pub = self.settings['token-key-pub'] + + if token: + return token + elif token_key and token_key_pub: + with open(token_key) as f1, open(token_key_pub) as f2: + key_text = f1.read() + pub_text = f2.read() + return self.create_token(key_text, pub_text) + sys.exit('No token and no way to create') + + def create_token(self, key_text, pub_text): + iss = 'localhost' + aud = 'localhost' + scopes_list = [ + 'uapi_work_id_get', + 'uapi_work_id_post', + ] + + key = Crypto.PublicKey.RSA.importKey(key_text) + scopes = ' '.join(scopes_list) + + now = time.time() + claims = { + 'iss': iss, + 'sub': 'subject-uuid', + 'aud': aud, + 'exp': now + 86400, + 'scope': scopes, + } + + token = apifw.create_token(claims, key) + return token.decode('ascii') + def report_pretend_work(self, url, name, work): self.show_msg('Pretending to work: {!r}'.format(work)) snippet_url = '{}/work/{}'.format(url, name) |