collective/nu-vpn-proxy
17
0
Fork 0
Code

persist cookies

Browse Source
This commit is contained in:
Daniel Lenski 2019-09-16 19:56:16 -07:00
parent 4e5cd24588
commit d30ca2c960
1 changed files with 20 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
gp-saml-gui.py
View File

@ -6,6 +6,7 @@ import pprint
import urllib import urllib
import requests import requests
import xml.etree.ElementTree as ET import xml.etree.ElementTree as ET
import os
from sys import stderr from sys import stderr
from binascii import a2b_base64 from binascii import a2b_base64
@ -17,18 +18,20 @@ gi.require_version('WebKit2', '4.0')
from gi.repository import WebKit2 from gi.repository import WebKit2
class SAMLLoginView: class SAMLLoginView:
def __init__(self, uri, html=None, verbose=False): def __init__(self, uri, html=None, verbose=False, cookies=None):
window = Gtk.Window() window = Gtk.Window()
# API reference: https://lazka.github.io/pgi-docs/#WebKit2-4.0 # API reference: https://lazka.github.io/pgi-docs/#WebKit2-4.0
# TODO: cookies, see https://stackoverflow.com/questions/48368219/webkit2-webview-how-to-store-cookies-and-reuse-it-again
self.success = False self.success = False
self.ctx = WebKit2.WebContext.get_default()
self.cookies = self.ctx.get_cookie_manager()
if args.cookies:
self.cookies.set_accept_policy(WebKit2.CookieAcceptPolicy.ALWAYS)
self.cookies.set_persistent_storage(args.cookies, WebKit2.CookiePersistentStorage.TEXT)
self.wview = WebKit2.WebView() self.wview = WebKit2.WebView()
if html:
self.wview.load_html(html, uri)
else:
self.wview.load_uri(uri)
window.resize(500, 500) window.resize(500, 500)
window.add(self.wview) window.add(self.wview)
window.show_all() window.show_all()
@ -36,6 +39,11 @@ class SAMLLoginView:
window.connect('delete-event', Gtk.main_quit) window.connect('delete-event', Gtk.main_quit)
self.wview.connect('load-changed', self.get_saml_headers) self.wview.connect('load-changed', self.get_saml_headers)
if html:
self.wview.load_html(html, uri)
else:
self.wview.load_uri(uri)
def get_saml_headers(self, webview, event): def get_saml_headers(self, webview, event):
if event != WebKit2.LoadEvent.FINISHED: if event != WebKit2.LoadEvent.FINISHED:
return return
@ -61,6 +69,8 @@ def parse_args(args = None):
p.add_argument('-v','--verbose', default=0, action='count') p.add_argument('-v','--verbose', default=0, action='count')
p.add_argument('server', help='GlobalProtect server (portal or gateway)') p.add_argument('server', help='GlobalProtect server (portal or gateway)')
p.add_argument('--no-verify', dest='verify', action='store_false', default=True, help='Ignore invalid server certificate') p.add_argument('--no-verify', dest='verify', action='store_false', default=True, help='Ignore invalid server certificate')
p.add_argument('-C', '--no-cookies', dest='cookies', action='store_const', const=None,
default='~/.gp-saml-gui-cookies', help="Don't use cookies (stored in %(default)s)")
x = p.add_mutually_exclusive_group() x = p.add_mutually_exclusive_group()
x.add_argument('-p','--portal', dest='portal', action='store_true', help='SAML auth to portal') x.add_argument('-p','--portal', dest='portal', action='store_true', help='SAML auth to portal')
x.add_argument('-g','--gateway', dest='portal', action='store_false', help='SAML auth to gateway (default)') x.add_argument('-g','--gateway', dest='portal', action='store_false', help='SAML auth to gateway (default)')
@ -72,6 +82,9 @@ def parse_args(args = None):
args.extra = dict(x.split('=', 1) for x in args.extra) args.extra = dict(x.split('=', 1) for x in args.extra)
if args.cookies:
args.cookies = os.path.expanduser(args.cookies)
if args.cert and args.key: if args.cert and args.key:
args.cert, args.key = (args.cert, args.key), None args.cert, args.key = (args.cert, args.key), None
elif args.cert: elif args.cert:
@ -108,7 +121,7 @@ if __name__ == "__main__":
p.error("Unknown SAML method (%s)" % sam.text) p.error("Unknown SAML method (%s)" % sam.text)
# spawn WebKit view to do SAML interactive login # spawn WebKit view to do SAML interactive login
slv = SAMLLoginView(uri, html, verbose=args.verbose) slv = SAMLLoginView(uri, html, verbose=args.verbose, cookies=args.cookies)
Gtk.main() Gtk.main()
if not slv.success: if not slv.success:
p.error('''Login window closed without producing SAML cookie''') p.error('''Login window closed without producing SAML cookie''')