{ "info": { "author": "Albin Stjerna", "author_email": "albin.stjerna@cern.ch", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Intended Audience :: Developers", "License :: OSI Approved :: GNU General Public License v3 (GPLv3)", "Programming Language :: Python :: 2.6", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3" ], "description": "This is a re-implementation of the Perl script\ncern-get-sso-cookie_.\nas a Python library. As a bonus, a shell client re-implementing (most\nof) the functionality of ``cern-get-sso-cookie``, is also provided.\n\n.. _cern-get-sso-cookie: https://github.com/sashabaranov/cern-get-sso-cookie/\n\nPrerequisites\n-------------\n\nThis package assumes a working Kerberos and OpenSSL setup, but should be\ncompatible with both python 2.7 and 3.\n\n\nUsage\n-----\n\nThe module provides only two functions: ``krb_sign_on`` and\n``cert_sign_on``, used for authentication with Kerberos and certificates\nrespectively. Both take an optional cookiejar (which can be a Requests\n``CookieJar``, or a ``MozillaCookieJar``) which is filled during\noperations. In any event, a cookie jar is also returned by both\nfunctions.\n\nThe returned cookie jar can be used directly as an argument to Requests'\n``cookies``\n\n.. code:: python\n\n import cern_sso\n import requests\n\n my_url = \"https://my-secret-place.cern.ch\"\n\n cookies = cern_sso.krb_sign_on(my_url)\n\n # Perform request\n r1 = requests.get(my_url, cookies=cookies)\n\nIt is assumed that the user running the program is already authenticated\nagainst Kerberos.\n\n\nThis is what the same procedure would look like using SSL certificates:\n\n.. code:: python\n\n import cern_sso\n import requests\n\n my_url = \"https://my-secret-place.cern.ch\"\n cert_file = \"/home/albin/myCert.pem\"\n key_file = \"/home/albin/myCert.key\"\n\n cookies = cern_sso.cert_sign_on(my_url, cert_file=cert_file,\n key_file=key_file)\n\n # Perform request\n r1 = requests.get(my_url, cookies=cookies)\n\n\nCertain limitations apply to the certificate and key files, please see\nthe following section on command-line usage for further information on\nthis.\n\nFor an example of how to use an external CookieJar, see\n``bin/cern-get-sso-cookie.py``.\n\nUsing ``cern-get-sso-cookie.py``\n------------------------------\n\nJust like ``cern-get-sso-cookie``, the Python implementation will\nauthenticate against a desired URL and returna Mozilla cookie-file\nsuitable for use with Curl or Wget.\n\nFor use with Kerberos, make sure you are authenticated either via\npassword or a keytab:\n\n.. code:: sh\n $ kinit me@CERN.CH\n \n\n\nNow you can perform the authentication:\n\n.. code:: sh\n $ cern-get-sso-cookie.py --url https://cerntraining.service-now.com --kerberos\n # cookies.txt now contains the relevant session cookies\n $ curl -L --cookie cookies.txt --cookie-jar cookies.txt -H 'Accept: application/json' \"https://cerntraining.service-now.com/api/now/v1/table/incident\"\n\n\nIn the spirit of the UNIX philosophy, ``cern-get-sso-cookie.py`` outputs\nnothing on success. Please try ``--verbose`` or even ``--debug`` if that is\nnot to your liking!\n\nFor authentication against a SSL certificate (and key), you first need\nto process the certificate files to remove passwords and separate the\nkey and certificate:\n\n.. code:: sh\n $ openssl pkcs12 -clcerts -nokeys -in myCert.p12 -out myCert.pem\n\n $ openssl pkcs12 -nocerts -in myCert.p12 -out myCert.tmp.key\n\n $ openssl rsa -in myCert.tmp.key -out myCert.key\n\nIt is assumed that your certificate and key files have the same base\nname and are located in the same folder, and that the key has the file\nending ``.key`` and the certificate ``.pem``. In the example above, the base\nname ``myCert`` was used.\n\nFinally, you can use the certificates to obtain a SSO cookie:\n\n.. code:: sh\n $ cern-get-sso-cookie.py --url https://cerntraining.service-now.com --cert myCert\n\n\nFor further notes on usage, see ``cern-get-sso-cookie.py --help``.", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/cerndb/cern-sso-python", "keywords": "authentication sso cern kerberos", "license": "GPLv3", "maintainer": "", "maintainer_email": "", "name": "python-cern-sso-krb", "package_url": "https://pypi.org/project/python-cern-sso-krb/", "platform": "", "project_url": "https://pypi.org/project/python-cern-sso-krb/", "project_urls": { "Homepage": "https://github.com/cerndb/cern-sso-python" }, "release_url": "https://pypi.org/project/python-cern-sso-krb/1.3.3/", "requires_dist": null, "requires_python": "", "summary": "Cern Single-Single-Sign-On driver", "version": "1.3.3" }, "last_serial": 3294682, "releases": { "1.3.3": [ { "comment_text": "", "digests": { "md5": "752505070c363dc33844706de63e7df0", "sha256": "1b7ea4fc53a3630b33750b886fb4390f193c2592028824feec3727b2f839a9b8" }, "downloads": -1, "filename": "python-cern-sso-krb-1.3.3.tar.gz", "has_sig": false, "md5_digest": "752505070c363dc33844706de63e7df0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6769, "upload_time": "2017-10-31T15:59:35", "url": "https://files.pythonhosted.org/packages/e7/65/fb323dfa51432f232756dee325854622eb3a5b84dbef06ead73d833aa88f/python-cern-sso-krb-1.3.3.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "752505070c363dc33844706de63e7df0", "sha256": "1b7ea4fc53a3630b33750b886fb4390f193c2592028824feec3727b2f839a9b8" }, "downloads": -1, "filename": "python-cern-sso-krb-1.3.3.tar.gz", "has_sig": false, "md5_digest": "752505070c363dc33844706de63e7df0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6769, "upload_time": "2017-10-31T15:59:35", "url": "https://files.pythonhosted.org/packages/e7/65/fb323dfa51432f232756dee325854622eb3a5b84dbef06ead73d833aa88f/python-cern-sso-krb-1.3.3.tar.gz" } ] }