Cern Single-Single-Sign-On driver
Project description
This is a re-implementation of the Perl script cern-get-sso-cookie. as a Python library. As a bonus, a shell client re-implementing (most of) the functionality of cern-get-sso-cookie, is also provided.
Prerequisites
This package assumes a working Kerberos and OpenSSL setup, but should be compatible with both python 2.7 and 3.
Usage
The module provides only two functions: krb_sign_on and cert_sign_on, used for authentication with Kerberos and certificates respectively. Both take an optional cookiejar (which can be a Requests CookieJar, or a MozillaCookieJar) which is filled during operations. In any event, a cookie jar is also returned by both functions.
The returned cookie jar can be used directly as an argument to Requests’ cookies
import cern_sso
import requests
my_url = "https://my-secret-place.cern.ch"
cookies = cern_sso.krb_sign_on(my_url)
# Perform request
r1 = requests.get(my_url, cookies=cookies)
It is assumed that the user running the program is already authenticated against Kerberos.
This is what the same procedure would look like using SSL certificates:
import cern_sso
import requests
my_url = "https://my-secret-place.cern.ch"
cert_file = "/home/albin/myCert.pem"
key_file = "/home/albin/myCert.key"
cookies = cern_sso.cert_sign_on(my_url, cert_file=cert_file,
key_file=key_file)
# Perform request
r1 = requests.get(my_url, cookies=cookies)
Certain limitations apply to the certificate and key files, please see the following section on command-line usage for further information on this.
For an example of how to use an external CookieJar, see bin/cern-get-sso-cookie.py.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.