[hack] begin to add ldap authentication

2020-02-09 08:51:35 +01:00 · 2020-02-09 08:51:35 +01:00 · 55a2de72c8
commit 55a2de72c8
parent f99d0a0b64
1 changed files with 46 additions and 2 deletions
--- a/uncloud/hack/main.py
+++ b/uncloud/hack/main.py
@ -1,6 +1,8 @@
 import argparse
 import logging

+import ldap3
+
 from uncloud.hack.vm import VM
 from uncloud.hack.config import Config
 from uncloud.hack.mac import MAC
@ -27,22 +29,64 @@ arg_parser.add_argument('--destroy-vm', action='store_true')
 arg_parser.add_argument('--get-vm-status', action='store_true')
 arg_parser.add_argument('--get-vm-vnc', action='store_true')
 arg_parser.add_argument('--list-vms', action='store_true')
-arg_parser.add_argument('--memory', help="Size of memory (GB)", type=int)
-arg_parser.add_argument('--cores', help="Amount of CPU cores", type=int)
+arg_parser.add_argument('--memory', help="Size of memory (GB)", type=int, default=2)
+arg_parser.add_argument('--cores', help="Amount of CPU cores", type=int, default=1)
 arg_parser.add_argument('--image', help="Path (under hackprefix) to OS image")
+
 arg_parser.add_argument('--image-format', help="Image format: qcow2 or raw", choices=['raw', 'qcow2'])
 arg_parser.add_argument('--uuid', help="VM UUID")

 arg_parser.add_argument('--no-db', help="Disable connection to etcd. For local testing only!", action='store_true')
 arg_parser.add_argument('--hackprefix', help="hackprefix, if you need it you know it (it's where the iso is located and ifup/down.sh")

+# order based commands => later to be shifted below "order"
+arg_parser.add_argument('--order', action='store_true')
+arg_parser.add_argument('--product', choices=["dualstack-vm"])
+arg_parser.add_argument('--os-image-name', help="Name of OS image (successor to --image)")
+arg_parser.add_argument('--os-image-size', help="Size of OS image in GB", type=int, default=10)
+
+arg_parser.add_argument('--username')
+arg_parser.add_argument('--password')
+

 log = logging.getLogger(__name__)

+def authenticate(username, password, totp_token=None):
+    server = ldap3.Server("ldaps://ldap1.ungleich.ch")
+    dn = "uid={},ou=customer,dc=ungleich,dc=ch".format(username)
+
+    try:
+        conn = ldap3.Connection(server, dn, password, auto_bind=True)
+    except ldap3.core.exceptions.LDAPBindError as e:
+        raise UncloudException("Credentials not verified by LDAP server: {}".format(e))
+
+
+
+def order(config):
+    for required_arg in [ 'product', 'username', 'password' ]:
+        if not config.arguments[required_arg]:
+            raise UncloudException("Missing required argument: {}".format(required_arg))
+
+    if config.arguments['product'] == 'dualstack-vm':
+        for required_arg in [ 'cores', 'memory', 'os_image_name', 'os_image_size' ]:
+            if not config.arguments[required_arg]:
+                raise UncloudException("Missing required argument: {}".format(required_arg))
+
+        print(config.arguments)
+        authenticate(config.arguments['username'], config.arguments['password'])
+
+        # create DB entry for VM
+        vm = VM(config)
+        vm.schedule()
+
+

 def main(arguments):
    config = Config(arguments)

+    if arguments['order']:
+        order(config)
+
    if arguments['create_vm']:
        vm = VM(config)
        vm.create()