From 755dea64ed7f1b8d1811c74767b63be81186a155 Mon Sep 17 00:00:00 2001 From: yuanyu Date: Wed, 27 Jul 2022 12:52:48 +0800 Subject: [PATCH 1/4] Token encryption --- delfin/drivers/hpe/hpe_3par/rest_handler.py | 30 ++++++++++++++++----- 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/delfin/drivers/hpe/hpe_3par/rest_handler.py b/delfin/drivers/hpe/hpe_3par/rest_handler.py index f73ba15ba..2aee0b6bc 100644 --- a/delfin/drivers/hpe/hpe_3par/rest_handler.py +++ b/delfin/drivers/hpe/hpe_3par/rest_handler.py @@ -52,6 +52,7 @@ class RestHandler(object): def __init__(self, rest_client): self.rest_client = rest_client self.session_lock = threading.Lock() + self.session_len = 50 def call(self, url, data=None, method=None): """Send requests to server. @@ -59,8 +60,8 @@ def call(self, url, data=None, method=None): Increase the judgment of token invalidation """ try: - res = self.rest_client.do_call(url, data, method, - calltimeout=consts.SOCKET_TIMEOUT) + res = self.call_with_token(url, data, method, + calltimeout=consts.SOCKET_TIMEOUT) # Judge whether the access failure is caused by # the token invalidation. # If the token fails, it will be retrieved again, @@ -84,9 +85,9 @@ def call(self, url, data=None, method=None): access_session = self.login() # if get token,Revisit url if access_session is not None: - res = self.rest_client. \ - do_call(url, data, method, - calltimeout=consts.SOCKET_TIMEOUT) + res = self.call_with_token( + url, data, method, + calltimeout=consts.SOCKET_TIMEOUT) else: LOG.error('Login res is None') elif res.status_code == 503: @@ -149,7 +150,9 @@ def login(self): access_session = result.get('key') self.rest_client.rest_auth_token = access_session self.rest_client.session.headers[ - RestHandler.REST_AUTH_KEY] = access_session + RestHandler.REST_AUTH_KEY] = cryptor.encode( + access_session) + self.session_len = len(access_session) else: LOG.error("Login error. URL: %(url)s\n" "Reason: %(reason)s.", @@ -189,6 +192,21 @@ def logout(self): LOG.error(err_msg) raise exception.InvalidResults(err_msg) + def call_with_token(self, url, data=None, method='GET', + calltimeout=consts.SOCKET_TIMEOUT): + auth_key = None + if self.rest_client.session: + auth_key = self.rest_client.session.headers.get( + RestHandler.REST_AUTH_KEY, None) + if auth_key and len(auth_key) > self.session_len: + self.rest_client.session.headers[ + RestHandler.REST_AUTH_KEY] = cryptor.decode(auth_key) + res = self.rest_client.do_call(url, data, method, calltimeout) + if auth_key and len(auth_key) > self.session_len: + self.rest_client.session.headers[ + RestHandler.REST_AUTH_KEY] = auth_key + return res + def get_storage(self): rejson = self.get_resinfo_call(RestHandler.REST_STORAGE_URL, method='GET') From 07bcfe2b289c1f8365de432efb937abb35d73635 Mon Sep 17 00:00:00 2001 From: yuanyu Date: Wed, 27 Jul 2022 13:34:37 +0800 Subject: [PATCH 2/4] Token encryption --- delfin/drivers/hpe/hpe_3par/rest_handler.py | 23 ++++++++++----------- 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/delfin/drivers/hpe/hpe_3par/rest_handler.py b/delfin/drivers/hpe/hpe_3par/rest_handler.py index 2aee0b6bc..86115efbf 100644 --- a/delfin/drivers/hpe/hpe_3par/rest_handler.py +++ b/delfin/drivers/hpe/hpe_3par/rest_handler.py @@ -52,7 +52,6 @@ class RestHandler(object): def __init__(self, rest_client): self.rest_client = rest_client self.session_lock = threading.Lock() - self.session_len = 50 def call(self, url, data=None, method=None): """Send requests to server. @@ -152,7 +151,6 @@ def login(self): self.rest_client.session.headers[ RestHandler.REST_AUTH_KEY] = cryptor.encode( access_session) - self.session_len = len(access_session) else: LOG.error("Login error. URL: %(url)s\n" "Reason: %(reason)s.", @@ -194,17 +192,18 @@ def logout(self): def call_with_token(self, url, data=None, method='GET', calltimeout=consts.SOCKET_TIMEOUT): - auth_key = None - if self.rest_client.session: - auth_key = self.rest_client.session.headers.get( - RestHandler.REST_AUTH_KEY, None) - if auth_key and len(auth_key) > self.session_len: + with self.session_lock: + auth_key = None + if self.rest_client.session: + auth_key = self.rest_client.session.headers.get( + RestHandler.REST_AUTH_KEY, None) + if auth_key: + self.rest_client.session.headers[ + RestHandler.REST_AUTH_KEY] = cryptor.decode(auth_key) + res = self.rest_client.do_call(url, data, method, calltimeout) + if auth_key: self.rest_client.session.headers[ - RestHandler.REST_AUTH_KEY] = cryptor.decode(auth_key) - res = self.rest_client.do_call(url, data, method, calltimeout) - if auth_key and len(auth_key) > self.session_len: - self.rest_client.session.headers[ - RestHandler.REST_AUTH_KEY] = auth_key + RestHandler.REST_AUTH_KEY] = auth_key return res def get_storage(self): From f5f52118ad6bacf9b4c14953d5be4f0c7a23d38b Mon Sep 17 00:00:00 2001 From: yuanyu Date: Wed, 27 Jul 2022 13:57:19 +0800 Subject: [PATCH 3/4] Token encryption --- delfin/drivers/hpe/hpe_3par/rest_handler.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/delfin/drivers/hpe/hpe_3par/rest_handler.py b/delfin/drivers/hpe/hpe_3par/rest_handler.py index 86115efbf..b56048962 100644 --- a/delfin/drivers/hpe/hpe_3par/rest_handler.py +++ b/delfin/drivers/hpe/hpe_3par/rest_handler.py @@ -147,7 +147,8 @@ def login(self): result = res.json() access_session = result.get('key') - self.rest_client.rest_auth_token = access_session + self.rest_client.rest_auth_token = cryptor.encode( + access_session) self.rest_client.session.headers[ RestHandler.REST_AUTH_KEY] = cryptor.encode( access_session) @@ -175,7 +176,8 @@ def logout(self): try: url = RestHandler.REST_LOGOUT_URL if self.rest_client.rest_auth_token is not None: - url = '%s%s' % (url, self.rest_client.rest_auth_token) + url = '%s%s' % ( + url, cryptor.decode(self.rest_client.rest_auth_token)) self.rest_client.rest_auth_token = None if self.rest_client.san_address: self.call(url, method='DELETE') From 03e25fcc7f4e159f881282d081b39ba9379cf5f3 Mon Sep 17 00:00:00 2001 From: yuanyu Date: Wed, 27 Jul 2022 14:05:49 +0800 Subject: [PATCH 4/4] Token encryption --- delfin/drivers/hpe/hpe_3par/rest_handler.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/delfin/drivers/hpe/hpe_3par/rest_handler.py b/delfin/drivers/hpe/hpe_3par/rest_handler.py index b56048962..2880b2099 100644 --- a/delfin/drivers/hpe/hpe_3par/rest_handler.py +++ b/delfin/drivers/hpe/hpe_3par/rest_handler.py @@ -177,7 +177,7 @@ def logout(self): url = RestHandler.REST_LOGOUT_URL if self.rest_client.rest_auth_token is not None: url = '%s%s' % ( - url, cryptor.decode(self.rest_client.rest_auth_token)) + url, cryptor.decode(self.rest_client.rest_auth_token)) self.rest_client.rest_auth_token = None if self.rest_client.san_address: self.call(url, method='DELETE')