Import the files that were in the infra ansible repo

https://infrastructure.fedoraproject.org/infra/ansible/roles/ipsilon/files/

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>

ipsilon/providers/openid/extensions/api.py

@@ -0,0 +1,113 @@
+# Copyright (C) 2015 Patrick Uiterwijk, for license see COPYING
+
+from __future__ import absolute_import
+
+try:
+    from ipsilon.info.infofas import fas_make_userdata
+except ImportError:
+    fas_make_userdata = None
+from ipsilon.providers.openid.extensions.common import OpenidExtensionBase
+import ipsilon.root
+from ipsilon.util.page import Page
+from ipsilon.util.user import User
+
+import json
+import inspect
+
+
+class OpenidExtension(OpenidExtensionBase):
+
+    def __init__(self, *pargs):
+        super(OpenidExtension, self).__init__('API')
+
+    def enable(self):
+        # This is the most ugly hack in my history of python...
+        # But I need to find the root object, and that is not passed into
+        #  the OpenID extension system anywhere...
+        root_obj = inspect.stack()[5][0].f_locals['self']
+        root_obj.api = APIPage(root_obj)
+
+
+class APIPage(Page):
+    def __init__(self, root_obj):
+        ipsilon.root.sites['api'] = dict()
+        ipsilon.root.sites['api']['template_env'] = \
+            ipsilon.root.sites['default']['template_env']
+        super(APIPage, self).__init__(ipsilon.root.sites['api'])
+        self.v1 = APIV1Page(root_obj)
+
+
+class APIV1Page(Page):
+    def __init__(self, root_obj):
+        ipsilon.root.sites['api_v1'] = dict()
+        ipsilon.root.sites['api_v1']['template_env'] = \
+            ipsilon.root.sites['default']['template_env']
+        super(APIV1Page, self).__init__(ipsilon.root.sites['api_v1'])
+        self.root_obj = root_obj
+
+    def root(self, *args, **kwargs):
+        return json.dumps(self._perform_call(kwargs))
+
+    def _perform_call(self, arguments):
+        required_arguments = ['auth_module', 'username', 'password']
+        for arg in required_arguments:
+            if not arg in arguments:
+                return {'success': False,
+                        'status': 400,
+                        'message': 'Missing argument: %s' % arg
+                        }
+
+        fas = self.root_obj.login.fas.lm
+        openid = self.root_obj.openid
+
+        openid_request = None
+        try:
+            openid_request = openid.cfg.server.decodeRequest(arguments)
+        except Exception as ex:
+            print('Error during openid decoding: %s' % ex)
+            return {'success': False,
+                    'status': 400,
+                    'message': 'Invalid request'
+                    }
+        if not openid_request:
+            print('No OpenID request parsed')
+            return {'success': False,
+                    'status': 400,
+                    'message': 'Invalid request'
+                    }
+        if not arguments['auth_module'] == 'fedoauth.auth.fas.Auth_FAS':
+            print('Unknown auth module selected')
+            return {'success': False,
+                    'status': 400,
+                    'message': 'Unknown authentication module'
+                    }
+        username = arguments['username']
+        password = arguments['password']
+        user = None
+        userdata = None
+        try:
+            _, user = fas.fpc.login(username, password)
+            if fas_make_userdata is None:
+                userdata = fas.page.make_userdata(user.user)
+            else:
+                userdata = fas_make_userdata(user.user)
+        except Exception as ex:
+            print('Error during auth: %s' % ex)
+            pass
+
+        if user is None or userdata is None:
+            print('No user or data: %s, %s' % (user, userdata))
+            return {'success': False,
+                    'status': 400,
+                    'message': 'Authentication failed'}
+
+        us_obj = User(username)
+        fake_session = lambda: None
+        setattr(fake_session, 'get_user', lambda *args: us_obj)
+        setattr(fake_session, 'get_user_attrs', lambda *args: userdata)
+
+        openid_response = openid._response(openid_request, fake_session)
+        openid_response = openid.cfg.server.signatory.sign(openid_response).fields.toPostArgs()
+        return {'success': True,
+                'response': openid_response}
+

ipsilon/providers/openidc/plugins/account-scopes.py

@@ -0,0 +1,22 @@
+from __future__ import absolute_import
+
+from ipsilon.providers.openidc.plugins.common import OpenidCExtensionBase
+
+
+class OpenidCExtension(OpenidCExtensionBase):
+    name = 'fedora-account'
+    display_name = 'Fedora Account Information'
+    scopes = {
+        'fedora': {  # NOTE: This is temporary! DO NOT USE IN NEW PROJECTS!
+            'display_name': 'Fedora',
+            'claims': ['cla', 'zoneinfo', 'groups']
+        },
+        'https://id.fedoraproject.org/scope/groups': {
+            'display_name': 'Fedora Account Groups list',
+            'claims': ['groups']
+        },
+        'https://id.fedoraproject.org/scope/cla': {
+            'display_name': 'Fedora Account CLA status',
+            'claims': ['cla']
+        },
+    }

ipsilon/providers/openidc/plugins/beaker.py

@@ -0,0 +1,14 @@
+from __future__ import absolute_import
+
+from ipsilon.providers.openidc.plugins.common import OpenidCExtensionBase
+
+
+class OpenidCExtension(OpenidCExtensionBase):
+    name = 'beaker'
+    display_name = 'Beaker Jobs'
+    scopes = {
+        'https://beaker-project.org/oidc/scope': {
+            'display_name': 'Full access to your beaker account',
+            'claims': [],
+        },
+    }

ipsilon/providers/openidc/plugins/fpdc.py

@@ -0,0 +1,22 @@
+from __future__ import absolute_import
+
+from ipsilon.providers.openidc.plugins.common import OpenidCExtensionBase
+
+
+class OpenidCExtension(OpenidCExtensionBase):
+    name = 'fpdc'
+    display_name = 'Fedora Product Definition Center'
+    scopes = {
+        'https://fpdc.fedoraproject.org/oidc/create-release': {
+            'display_name': 'Create a Release record',
+            'claims': [],
+        },
+        'https://fpdc.fedoraproject.org/oidc/update-release': {
+            'display_name': 'Update a Release record',
+            'claims': [],
+        },
+        'https://fpdc.fedoraproject.org/oidc/delete-release': {
+            'display_name': 'Delete a Release record',
+            'claims': [],
+        },
+    }

ipsilon/providers/openidc/plugins/kerneltest.py

@@ -0,0 +1,14 @@
+from __future__ import absolute_import
+
+from ipsilon.providers.openidc.plugins.common import OpenidCExtensionBase
+
+
+class OpenidCExtension(OpenidCExtensionBase):
+    name = 'kerneltest'
+    display_name = 'Fedora Kernel tests'
+    scopes = {
+        'https://github.com/jmflinuxtx/kerneltest-harness/oidc/upload_test_run': {
+            'display_name': 'Upload the results of a test run',
+            'claims': [],
+        },
+    }

ipsilon/providers/openidc/plugins/mbs.py

@@ -0,0 +1,14 @@
+from __future__ import absolute_import
+
+from ipsilon.providers.openidc.plugins.common import OpenidCExtensionBase
+
+
+class OpenidCExtension(OpenidCExtensionBase):
+    name = 'mbs'
+    display_name = 'Module Builds'
+    scopes = {
+        'https://mbs.fedoraproject.org/oidc/submit-build': {
+            'display_name': 'Permission to submit new module builds',
+            'claims': [],
+        },
+    }

ipsilon/providers/openidc/plugins/odcs.py

@@ -0,0 +1,22 @@
+from __future__ import absolute_import
+
+from ipsilon.providers.openidc.plugins.common import OpenidCExtensionBase
+
+
+class OpenidCExtension(OpenidCExtensionBase):
+    name = 'odcs'
+    display_name = 'On Demand Composes'
+    scopes = {
+        'https://pagure.io/odcs/new-compose': {
+            'display_name': 'Permission to request new composes',
+            'claims': [],
+        },
+        'https://pagure.io/odcs/renew-compose': {
+            'display_name': 'Permission to renew the expiry on composes',
+            'claims': [],
+        },
+        'https://pagure.io/odcs/delete-compose': {
+            'display_name': 'Permission to delete composes',
+            'claims': [],
+        },
+    }

ipsilon/providers/openidc/plugins/src.py

@@ -0,0 +1,14 @@
+from __future__ import absolute_import
+
+from ipsilon.providers.openidc.plugins.common import OpenidCExtensionBase
+
+
+class OpenidCExtension(OpenidCExtensionBase):
+    name = 'src'
+    display_name = 'Dist-Git'
+    scopes = {
+        'https://src.fedoraproject.org/push': {
+            'display_name': 'Push to Fedora Dist-Git',
+            'claims': [],
+        },
+    }

ipsilon/providers/openidc/plugins/waiverdb.py

@@ -0,0 +1,14 @@
+from __future__ import absolute_import
+
+from ipsilon.providers.openidc.plugins.common import OpenidCExtensionBase
+
+
+class OpenidCExtension(OpenidCExtensionBase):
+    name = 'waiverdb'
+    display_name = 'Waiver DB'
+    scopes = {
+        'https://waiverdb.fedoraproject.org/oidc/create-waiver': {
+            'display_name': 'Permission to create new waivers',
+            'claims': [],
+        },
+    }

ipsilon/providers/openidc/plugins/wiki.py

@@ -0,0 +1,14 @@
+from __future__ import absolute_import
+
+from ipsilon.providers.openidc.plugins.common import OpenidCExtensionBase
+
+
+class OpenidCExtension(OpenidCExtensionBase):
+    name = 'wiki'
+    display_name = 'Fedora Wiki'
+    scopes = {
+        'https://fedoraproject.org/wiki/api': {
+            'display_name': 'Fedora Wiki API access',
+            'claims': [],
+        },
+    }