summaryrefslogtreecommitdiff
path: root/service/pixelated
diff options
context:
space:
mode:
authorPatrick Maia and Victor Shyba <pixelated-team+pmaia+vshyba@thoughtworks.com>2014-11-26 13:35:08 -0300
committerPatrick Maia <pmaia@thoughtworks.com>2014-11-27 17:05:08 -0300
commit98d5996497530a1069e227f6c9933789c001af30 (patch)
tree390fe69bf4d1ae998141c5cc075a74f5d02fc8b5 /service/pixelated
parent16c1d14808330f23bcfa7f186124533c13b44ddc (diff)
Card #149 - enables https on service
Diffstat (limited to 'service/pixelated')
-rw-r--r--service/pixelated/config/app_factory.py39
-rw-r--r--service/pixelated/config/args.py5
-rw-r--r--service/pixelated/runserver.py8
3 files changed, 43 insertions, 9 deletions
diff --git a/service/pixelated/config/app_factory.py b/service/pixelated/config/app_factory.py
index 38422a64..15577bb8 100644
--- a/service/pixelated/config/app_factory.py
+++ b/service/pixelated/config/app_factory.py
@@ -15,7 +15,11 @@
# along with Pixelated. If not, see <http://www.gnu.org/licenses/>.
import sys
+from OpenSSL import SSL
from twisted.internet import reactor
+from twisted.internet import ssl
+from twisted.web import resource
+from twisted.web.util import redirectTo
from pixelated.config.routes import setup_routes
from pixelated.adapter.mail_service import MailService
from pixelated.adapter.mail import InputMail
@@ -62,7 +66,7 @@ def init_leap_session(app):
leap_session = LeapSession.open(app.config['LEAP_USERNAME'],
app.config['LEAP_PASSWORD'],
app.config['LEAP_SERVER_NAME'])
- except ConnectionError, error:
+ except ConnectionError:
print("Can't connect to the requested provider")
sys.exit(1)
except LeapAuthException, e:
@@ -120,7 +124,36 @@ def init_app(app):
sync_info_controller, attachments_controller, contacts_controller)
-def create_app(app, bind_address, bind_port):
- reactor.listenTCP(bind_port, Site(app.resource()), interface=bind_address)
+def create_app(app, args):
+
+ if args.sslkey and args.sslcert:
+ listen_with_ssl(app, args)
+ else:
+ listen_without_ssl(app, args)
reactor.callWhenRunning(lambda: init_app(app))
reactor.run()
+
+
+def listen_without_ssl(app, args):
+ reactor.listenTCP(args.port, Site(app.resource()), interface=args.host)
+
+
+def listen_with_ssl(app, args):
+ sslContext = ssl.DefaultOpenSSLContextFactory(privateKeyFileName=args.sslkey,
+ certificateFileName=args.sslcert,
+ sslmethod=SSL.TLSv1_METHOD)
+ reactor.listenSSL(args.ssl_port, Site(app.resource()), sslContext, interface=args.host)
+ reactor.listenTCP(args.port, Site(RedirectToSSL(args.ssl_port)))
+
+ return reactor
+
+
+class RedirectToSSL(resource.Resource):
+ isLeaf = True
+
+ def __init__(self, ssl_port):
+ self.ssl_port = ssl_port
+
+ def render_GET(self, request):
+ host = request.getHost().host
+ return redirectTo("https://%s:%s" % (host, self.ssl_port), request)
diff --git a/service/pixelated/config/args.py b/service/pixelated/config/args.py
index 4ac8a2ea..de47996a 100644
--- a/service/pixelated/config/args.py
+++ b/service/pixelated/config/args.py
@@ -24,7 +24,10 @@ def parse():
parser.add_argument('--dispatcher-stdin', help='run in organization mode, the credentials will be read from stdin', default=False, action='store_true', dest='dispatcher_stdin')
parser.add_argument('--host', default='127.0.0.1', help='the host to run the user agent on')
parser.add_argument('--port', type=int, default=3333, help='the port to run the user agent on')
- parser.add_argument('-c', '--config', metavar='configfile', default=None, help='use specified file for credentials (for test purposes only)')
+ parser.add_argument('--ssl-port', type=int, default=3433, help='the port to run the user agent with SSL support')
+ parser.add_argument('-c', '--config', metavar='<configfile>', default=None, help='use specified file for credentials (for test purposes only)')
+ parser.add_argument('-sk', '--sslkey', metavar='<server.key>', default=None, help='use specified file for SSL key')
+ parser.add_argument('-sc', '--sslcert', metavar='<server.pem>', default=None, help='use specified file for SSL certificate')
parser.add_argument('--register', metavar=('provider', 'username'),
nargs=2, help='register a new username on the desired provider')
args = parser.parse_args()
diff --git a/service/pixelated/runserver.py b/service/pixelated/runserver.py
index 5f30913b..b53a682b 100644
--- a/service/pixelated/runserver.py
+++ b/service/pixelated/runserver.py
@@ -19,13 +19,11 @@ import sys
import logging
import json
from klein import Klein
-from twisted.python.log import ILogObserver
klein_app = Klein()
import ConfigParser
from twisted.python import log
-import sys
from leap.common.events import server as events_server
from pixelated.config import app_factory
import pixelated.config.args as input_args
@@ -59,7 +57,7 @@ def setup():
app.config['LEAP_PASSWORD'] = config['password']
else:
configuration_setup(args.config)
- start_services(args.host, args.port)
+ start_services(args)
def register(username, server_name):
@@ -122,9 +120,9 @@ def configuration_setup(config_file):
app.config['LEAP_PASSWORD'] = password
-def start_services(bind_address, bind_port):
+def start_services(args):
events_server.ensure_server(port=8090)
- app_factory.create_app(app, bind_address, bind_port)
+ app_factory.create_app(app, args)
if __name__ == '__main__':