diff options
author | Jasur Nurboyev <bluestacks6523@gmail.com> | 2021-11-24 13:08:31 +0000 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2021-11-24 13:31:54 +0000 |
commit | d4847ee07709d13e45d219d3c7834e2e99ca3c44 (patch) | |
tree | 67f37f15185bbbc5fa7a5d8837551d7a85ae929f /buildscripts/mongosymb.py | |
parent | e66c438f1823e75a4be3eafa1730e76c171531cc (diff) | |
download | mongo-d4847ee07709d13e45d219d3c7834e2e99ca3c44.tar.gz |
SERVER-61710 Added client-side authentication for mongosymb.py
Diffstat (limited to 'buildscripts/mongosymb.py')
-rwxr-xr-x | buildscripts/mongosymb.py | 66 |
1 files changed, 60 insertions, 6 deletions
diff --git a/buildscripts/mongosymb.py b/buildscripts/mongosymb.py index 1ea6ef5f6af..1f17c7b7485 100755 --- a/buildscripts/mongosymb.py +++ b/buildscripts/mongosymb.py @@ -17,16 +17,22 @@ You can also pass --output-format=json, to get rich json output. It shows some e but emits json instead of plain text. """ -import json import argparse +import json import os import subprocess import sys +import time from collections import OrderedDict +from pathlib import Path from typing import Dict import requests +# pylint: disable=wrong-import-position +sys.path.append(str(Path(os.getcwd(), __file__).parent.parent)) +from buildscripts.util.oauth import Configs, get_oauth_credentials + class PathDbgFileResolver(object): """PathDbgFileResolver class.""" @@ -150,10 +156,20 @@ class PathResolver(object): Cache size differs according to the situation, system resources and overall decision of development team. """ - default_host = 'http://127.0.0.1:8000' # the main (API) sever that we'll be sending requests to - default_cache_dir = os.path.join(os.getcwd(), 'dl_cache') + # pylint: disable=too-many-instance-attributes + # This amount of attributes are necessary. + + # the main (API) sever that we'll be sending requests to + default_host = 'https://symbolizer-service.server-tig.staging.corp.mongodb.com' + default_cache_dir = os.path.join(os.getcwd(), 'build', 'symbolizer_downloads_cache') + default_creds_file_path = os.path.join(os.getcwd(), '.symbolizer_credentials.json') + default_client_credentials_scope = "servertig-symbolizer-fullaccess" + default_client_credentials_user_name = "client-user" - def __init__(self, host: str = None, cache_size: int = 0, cache_dir: str = None): + def __init__(self, host: str = None, cache_size: int = 0, cache_dir: str = None, + client_credentials_scope: str = None, client_credentials_user_name: str = None, + client_id: str = None, redirect_port: int = None, scope: str = None, + auth_domain: str = None): """ Initialize instance. @@ -165,10 +181,47 @@ class PathResolver(object): self._cached_results = CachedResults(max_cache_size=cache_size) self.cache_dir = cache_dir or self.default_cache_dir self.mci_build_dir = None + self.client_credentials_scope = client_credentials_scope or self.default_client_credentials_scope + self.client_credentials_user_name = client_credentials_user_name or self.default_client_credentials_user_name + self.client_id = client_id + self.redirect_port = redirect_port + self.scope = scope + self.auth_domain = auth_domain + self.configs = Configs(client_credentials_scope=self.client_credentials_scope, + client_credentials_user_name=self.client_credentials_user_name, + client_id=self.client_id, auth_domain=self.auth_domain, + redirect_port=self.redirect_port, scope=self.scope) + self.http_client = requests.Session() # create cache dir if it doesn't exist if not os.path.exists(self.cache_dir): - os.mkdir(self.cache_dir) + os.makedirs(self.cache_dir) + + self.authenticate() + + def authenticate(self): + """Login & get credentials for further requests to web service.""" + + # try to read from file + if os.path.exists(self.default_creds_file_path): + with open(self.default_creds_file_path) as cfile: + data = json.loads(cfile.read()) + access_token, expire_time = data.get("access_token"), data.get("expire_time") + if time.time() < expire_time: + # credentials hasn't expired yet + self.http_client.headers.update({"Authorization": f"Bearer {access_token}"}) + return + + credentials = get_oauth_credentials(configs=self.configs, print_auth_url=True) + self.http_client.headers.update({"Authorization": f"Bearer {credentials.access_token}"}) + + # write credentials to local file for further useage + with open(self.default_creds_file_path, "w") as cfile: + cfile.write( + json.dumps({ + "access_token": credentials.access_token, + "expire_time": time.time() + credentials.expires_in + })) @staticmethod def is_valid_path(path: str) -> bool: @@ -259,7 +312,8 @@ class PathResolver(object): if not path: # path does not exist in cache, so we send request to server try: - response = requests.get(f'{self.host}/find_by_id', params={'build_id': build_id}) + response = self.http_client.get(f'{self.host}/find_by_id', + params={'build_id': build_id}) if response.status_code != 200: sys.stderr.write( f"Server returned unsuccessful status: {response.status_code}, " |