Add a script for generating VNC auth tokens, to be exposed over remctl

author Evan Broder <broder@mit.edu>

Wed, 29 Oct 2008 00:00:20 +0000 (20:00 -0400)

committer Evan Broder <broder@mit.edu>

Wed, 29 Oct 2008 00:00:20 +0000 (20:00 -0400)
author Evan Broder <broder@mit.edu>
Wed, 29 Oct 2008 00:00:20 +0000 (20:00 -0400)
committer Evan Broder <broder@mit.edu>
Wed, 29 Oct 2008 00:00:20 +0000 (20:00 -0400)
diff --git a/config.todo b/config.todo

deleted file mode 100644 (file)

index 8fa7ee8..0000000
--- a/config.todo
+++ /dev/null
@@ -1 +0,0 @@
-code/vncexternalauth.py: TOKEN_KEY?
diff --git a/debian/changelog b/debian/changelog

index da167fb..3fbac8d 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,8 +2,9 @@ invirt-vnc-server (0.0.1) unstable; urgency=low
  
    * sipb-xen-vnc-server -> invirt-vnc-server
    * Generate the VNC token key at install-time instead of hard-coding
+  * Add a script for generating VNC auth tokens, to be exposed over remctl
  
- -- Evan Broder <broder@mit.edu>  Tue, 28 Oct 2008 19:44:04 -0400
+ -- Evan Broder <broder@mit.edu>  Tue, 28 Oct 2008 19:45:35 -0400
  
  sipb-xen-vnc-server (1.2) unstable; urgency=low
  
diff --git a/invirt-vnc-authtoken b/invirt-vnc-authtoken

new file mode 100755 (executable)

index 0000000..c542d5e
--- /dev/null
+++ b/invirt-vnc-authtoken
@@ -0,0 +1,34 @@
+#!/usr/bin/python
+
+import os
+import sys
+import hmac
+import cPickle
+import sha
+import time
+import base64
+from invirt.vnc import getTokenKey
+
+def getAuthToken(username, machine, lifetime=5*60):
+    data = {}
+    data['user'] = username
+    data['machine'] = machine
+    data['expires'] = time.time() + lifetime
+    pickled_data = cPickle.dumps(data)
+    m = hmac.new(getTokenKey(), digestmod=sha)
+    m.update(pickled_data)
+    token = {'data': pickled_data, 'digest': m.digest()}
+    token = cPickle.dumps(token)
+    token = base64.urlsafe_b64encode(token)
+    return token
+
+def main():
+    try:
+        username = os.environ['REMOTE_USER']
+    except KeyError:
+        username = None
+    machine = sys.argv[1]
+    print getAuthToken(username, machine)
+
+if __name__ == '__main__':
+    main()
diff --git a/setup.py b/setup.py

index 98c3dee..4e11026 100755 (executable)
--- a/setup.py
+++ b/setup.py
@@ -20,5 +20,5 @@ setup(
      
      packages = ['invirt.vnc'],
      package_dir = {'invirt': 'python'},
-    scripts=['invirt-vnc-server']
+    scripts=['invirt-vnc-server', 'invirt-vnc-authtoken']
  )
author	Evan Broder <broder@mit.edu>
	Wed, 29 Oct 2008 00:00:20 +0000 (20:00 -0400)
committer	Evan Broder <broder@mit.edu>
	Wed, 29 Oct 2008 00:00:20 +0000 (20:00 -0400)
config.todo	[deleted file]	patch \| blob \| history
debian/changelog		patch \| blob \| history
invirt-vnc-authtoken	[new file with mode: 0755]	patch \| blob
setup.py		patch \| blob \| history