Make encryption part of the client library and make sipauth take plain text passwords

This commit is contained in:
clerie 2022-06-19 16:21:29 +02:00
parent 0df5286c0e
commit f8c215d380
2 changed files with 31 additions and 23 deletions

View File

@ -1,5 +1,12 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
import base64
try:
# This is is only dependency not from the modules inlcuded in python by default, so we make it optional
import rsa
except ImportError:
rsa = None
from .connection import Connection from .connection import Connection
from . import exceptions from . import exceptions
from . import messages from . import messages
@ -147,6 +154,24 @@ class OMMClient2:
d = self.get_device(ppn) d = self.get_device(ppn)
return self.detach_user_device(d.uid, ppn) return self.detach_user_device(d.uid, ppn)
def encrypt(self, secret):
"""
Encrypt secret for OMM
Required rsa module to be installed
:param secret: String to encrypt
"""
if rsa is None:
raise Exception("rsa module is required for excryption")
publickey = self.get_publickey()
pubkey = rsa.PublicKey(*publickey)
byte_secret = secret.encode('utf8')
byte_encrypt = rsa.encrypt(byte_secret, pubkey)
encrypt = base64.b64encode(byte_encrypt).decode("utf8")
return encrypt
def find_devices(self, filter): def find_devices(self, filter):
""" """
Get all devices matching a filter Get all devices matching a filter
@ -354,12 +379,12 @@ class OMMClient2:
:param uid: User id :param uid: User id
:param sipAuthId: SIP user name :param sipAuthId: SIP user name
:param sipPw: Encrypted sip password :param sipPw: Plain text password
""" """
t = types.PPUserType() t = types.PPUserType()
t.uid = uid t.uid = uid
t.sipAuthId = sipAuthId t.sipAuthId = sipAuthId
t.sipPw = sipPw t.sipPw = self.encrypt(sipPw)
m = messages.SetPPUser() m = messages.SetPPUser()
m.childs.user = [t] m.childs.user = [t]
r = self.connection.request(m) r = self.connection.request(m)

25
ommcli
View File

@ -6,16 +6,9 @@ from mitel_ommclient2.messages import GetAccount, Ping
import time import time
import argparse import argparse
import base64
import getpass import getpass
import traceback import traceback
try:
# This is is only dependency not from the modules inlcuded in python by default, so we make it optional
import rsa
except ImportError:
rsa = None
# exit handling with argparse is a bit broken even with exit_on_error=False, so we hack this # exit handling with argparse is a bit broken even with exit_on_error=False, so we hack this
def error_instead_exit(self, message): def error_instead_exit(self, message):
raise argparse.ArgumentError(None, message) raise argparse.ArgumentError(None, message)
@ -50,16 +43,6 @@ if __name__ == "__main__":
c = OMMClient2(hostname, username, password, ommsync=ommsync) c = OMMClient2(hostname, username, password, ommsync=ommsync)
def encrypt(secret):
if rsa is None:
raise Exception("rsa module is required for excryption")
publickey = c.get_publickey()
pubkey = rsa.PublicKey(*publickey)
byte_secret = secret.encode('utf8')
byte_encrypt = rsa.encrypt(byte_secret, pubkey)
encrypt = base64.b64encode(byte_encrypt).decode("utf8")
return encrypt
parser = argparse.ArgumentParser(prog="ommclient2", add_help=False, exit_on_error=False) parser = argparse.ArgumentParser(prog="ommclient2", add_help=False, exit_on_error=False)
subparsers = parser.add_subparsers() subparsers = parser.add_subparsers()
@ -75,10 +58,6 @@ if __name__ == "__main__":
return subp return subp
parser_get_account = subparsers.add_parser("encrypt")
parser_get_account.add_argument("secret")
parser_get_account.set_defaults(func=encrypt)
parser_exit = subparsers.add_parser("exit") parser_exit = subparsers.add_parser("exit")
parser_exit.set_defaults(func=exit) parser_exit.set_defaults(func=exit)
@ -104,6 +83,10 @@ if __name__ == "__main__":
"uid": int, "uid": int,
}) })
parser_get_account = add_parser("encrypt", func=c.encrypt, args={
"secret": str,
})
parser_get_account = add_parser("get_account", func=c.get_account, format=format_child_type, args={ parser_get_account = add_parser("get_account", func=c.get_account, format=format_child_type, args={
"id": int, "id": int,
}) })