Skip to content
Snippets Groups Projects
Commit e5497bae authored by František Dvořák's avatar František Dvořák
Browse files

Python linting

parent 66c78806
No related branches found
No related tags found
No related merge requests found
......@@ -8,18 +8,18 @@
import json
import os
import re
import requests
import shutil
import subprocess
import sys
import requests
payload = {
"grant_type": "client_credentials",
"scope": "openid profile eduperson_entitlement email voperson_id",
}
token_url = "https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/token"
userinfo_url = \
"https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/userinfo"
userinfo_url = "https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/userinfo"
# input
if "CLIENT_ID" in os.environ:
......@@ -32,39 +32,47 @@ else:
payload["client_secret"] = input("OIDC Client Secret: ")
# get OIDC token
r = requests.post(token_url, data=payload)
r = requests.post(token_url, data=payload, timeout=20)
data = json.loads(r.text)
if 'access_token' not in data:
print('Error getting access token')
if "access_token" not in data:
print("Error getting access token")
sys.exit(1)
print("# export OIDC_ACCESS_TOKEN='%s'" % data["access_token"])
# get vault token
token = None
p = subprocess.Popen([
shutil.which("vault"),
"write",
"auth/jwt/login",
"jwt=%s" % data["access_token"],
], stdout=subprocess.PIPE)
for line in p.stdout:
print('# %s' % line.decode("UTF-8").rstrip())
m = re.search(r'^token\s+(.*)', line.decode("UTF-8"))
if m is not None:
token = m.group(1)
vaultbin = shutil.which("vault")
if vaultbin is None:
print("vault command not found")
sys.exit(1)
p = subprocess.Popen(
[
vaultbin,
"write",
"auth/jwt/login",
"jwt=%s" % data["access_token"],
],
stdout=subprocess.PIPE,
)
if p.stdout is not None:
for line in p.stdout:
print("# %s" % line.decode("UTF-8").rstrip())
m = re.search(r"^token\s+(.*)", line.decode("UTF-8"))
if m is not None:
token = m.group(1)
retval = p.wait()
if token is None:
print('Error signing to vault (no token returned)')
print("Error signing to vault (no token returned)")
sys.exit(1)
print("export VAULT_TOKEN='%s'" % token)
if retval != 0:
print('Error signing to vault (code %d returned)' % retval)
print("Error signing to vault (code %d returned)" % retval)
sys.exit(1)
# store vault token
token_path = os.path.expanduser('~/.vault-token')
with open(token_path, 'w') as f:
token_path = os.path.expanduser("~/.vault-token")
with open(token_path, "w") as f:
pass
os.chmod(token_path, 0o600)
with open(token_path, 'w') as f:
with open(token_path, "w") as f:
f.write(token)
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment