4 files changed, 90 insertions, 0 deletions

diff --git a/test/nagios/support/__init__.py b/test/nagios/support/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/test/nagios/support/__init__.py
diff --git a/test/nagios/support/api.py b/test/nagios/support/api.py
new file mode 100644
index 0000000..3b6a90f
--- /dev/null
+++ b/test/nagios/support/api.py
@@ -0,0 +1,33 @@
+import requests
+import json
+
+class Api():
+    def __init__(self, config, verify=True):
+        self.config = config.api
+        self.session = requests.session()
+        self.verify = verify
+    
+    def api_url(self, path):
+        return self.api_root() + path
+
+    def api_root(self):
+        return "https://{domain}:{port}/{version}/".format(**self.config)
+
+    def get(self, path, **args):
+        response = self.session.get(self.api_url(path),
+                verify=self.verify,
+                **args)
+        return response.json()
+
+    def post(self, path, **args):
+        response = self.session.post(self.api_url(path),
+                verify=self.verify,
+                **args)
+        return response.json()
+
+    def put(self, path, **args):
+        response = self.session.put(self.api_url(path),
+                verify=self.verify,
+                **args)
+        return response.json()
+
diff --git a/test/nagios/support/config.py b/test/nagios/support/config.py
new file mode 100644
index 0000000..afb4464
--- /dev/null
+++ b/test/nagios/support/config.py
@@ -0,0 +1,14 @@
+import yaml
+
+class Config():
+    def __init__(self, filename="/etc/leap/hiera.yaml"):
+        with open("/etc/leap/hiera.yaml", 'r') as stream:
+            config = yaml.load(stream)
+        self.user = config['webapp']['nagios_test_user']
+        if 'username' not in self.user:
+            raise Exception('nagios test user lacks username')
+        if 'password' not in self.user:
+            raise Exception('nagios test user lacks password')
+        self.api = config['api']
+        self.api['version'] = config['webapp']['api_version']
+
diff --git a/test/nagios/support/user.py b/test/nagios/support/user.py
new file mode 100644
index 0000000..8e49c4b
--- /dev/null
+++ b/test/nagios/support/user.py
@@ -0,0 +1,43 @@
+import srp._pysrp as srp
+import binascii
+
+safe_unhexlify = lambda x: binascii.unhexlify(x) if (
+    len(x) % 2 == 0) else binascii.unhexlify('0' + x)
+
+class User():
+    def __init__(self, config):
+        self.config = config.user
+        self.srp_user = srp.User(self.config['username'], self.config['password'], srp.SHA256, srp.NG_1024)
+
+    def login(self, api):
+        init=self.init_authentication(api)
+        if ('errors' in init):
+            raise Exception('test user not found')
+        auth=self.authenticate(api, init)
+        if ('errors' in auth):
+            raise Exception('srp password auth failed')
+        self.verify_server(auth)
+        if not self.is_authenticated():
+            raise Exception('user is not authenticated')
+
+    def init_authentication(self, api):
+        uname, A = self.srp_user.start_authentication()
+        params = {
+            'login': uname,
+            'A': binascii.hexlify(A)
+        }
+        return api.post('sessions', data=params)
+
+    def authenticate(self, api, init):
+        M = self.srp_user.process_challenge(
+            safe_unhexlify(init['salt']), safe_unhexlify(init['B']))
+        auth = api.put('sessions/' + self.config["username"],
+                           data={'client_auth': binascii.hexlify(M)})
+        return auth
+
+    def verify_server(self, auth):
+        self.srp_user.verify_session(safe_unhexlify(auth["M2"]))
+
+    def is_authenticated(self):
+        return self.srp_user.authenticated()
+