From 32d17e6c930d8193736321f5c265dfcfba5e1684 Mon Sep 17 00:00:00 2001 From: Joseph Nuthalpati Date: Wed, 30 Aug 2017 09:53:46 +0530 Subject: [PATCH] sso: Safety check to make sure auth_pubtkt is enabled Signed-off-by: Joseph Nuthalpati Reviewed-by: Sunil Mohan Adapa --- actions/auth-pubtkt | 22 +++++++++++++++------- plinth/modules/sso/__init__.py | 1 + 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/actions/auth-pubtkt b/actions/auth-pubtkt index c8cd15fc2..59ee79765 100755 --- a/actions/auth-pubtkt +++ b/actions/auth-pubtkt @@ -21,10 +21,10 @@ sign it with the FreedomBox server's private key. """ import os -import time import base64 import datetime import argparse +from plinth import action_utils from OpenSSL import crypto @@ -40,18 +40,26 @@ def parse_arguments(): 'create-key-pair', help='create a key pair for the apache server ' 'to sign auth_pubtkt tickets') - gen_tkt = subparsers.add_parser('generate-ticket', - help='generate auth_pubtkt ticket') + subparsers.add_parser( + 'enable-mod', help='enabled the Apache module auth_pubtkt') + gen_tkt = subparsers.add_parser( + 'generate-ticket', help='generate auth_pubtkt ticket') gen_tkt.add_argument('--uid', help='username of the user') - gen_tkt.add_argument('--private-key-file', - help='path of the private key file of the server') - gen_tkt.add_argument('--tokens', - help='tokens, usually containing the user groups') + gen_tkt.add_argument( + '--private-key-file', + help='path of the private key file of the server') + gen_tkt.add_argument( + '--tokens', help='tokens, usually containing the user groups') subparsers.required = True return parser.parse_args() +def subcommand_enable_mod(_): + """Safety check to make sure auth_pubtkt is enabled""" + action_utils.webserver_enable('auth_pubtkt', kind='module') + + def subcommand_create_key_pair(_): """Create public/private key pair for signing the auth_pubtkt tickets. diff --git a/plinth/modules/sso/__init__.py b/plinth/modules/sso/__init__.py index d301b5f6d..2fbb872d5 100644 --- a/plinth/modules/sso/__init__.py +++ b/plinth/modules/sso/__init__.py @@ -35,4 +35,5 @@ managed_packages = ['libapache2-mod-auth-pubtkt', 'openssl', 'python3-openssl'] def setup(helper, old_version=None): """Install the required packages""" helper.install(managed_packages) + actions.superuser_run('auth-pubtkt', ['enable-mod']) actions.superuser_run('auth-pubtkt', ['create-key-pair'])