Danukeru/authenticator.py

## authenticator.py
#!/usr/bin/env python

# Tested on 2.7.12
# Recommend use of authbind for binding below 1024

from SocketServer import ThreadingMixIn
from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer

import ssl
import os, sys, pwd, grp
import bna
import json

from binascii import unhexlify

sec_endpoint = "your_own_endpoint"

port = 8080
ip = '0.0.0.0'

def drop_privileges(uid_name='nobody', gid_name='nogroup'):
    if os.getuid() != 0:
        return
    running_uid = pwd.getpwnam(uid_name).pw_uid
    running_gid = grp.getgrnam(gid_name).gr_gid
    os.setgroups([])
    os.setgid(running_gid)
    os.setuid(running_uid)
    old_umask = os.umask(077)

# Create custom HTTPRequestHandler class
class ServeBlizzTokenHTTPRequestHandler(BaseHTTPRequestHandler):
    #lol
    server_version = 'nginx/1.4.4'
    sys_version = 'lua/5.2'
    #handle GET command
    def do_GET(self):
        try:
            self.rfile._sock.settimeout(30)
            if self.path[1:] == sec_endpoint:
                siikrit = bytearray("your_own_blizz_siikrit", "ascii")
                siikrit = siikrit.decode("utf-8")
                siikrit = unhexlify(siikrit)
                token, timeRemaining = bna.getToken(secret=siikrit)
                page = {"token": token,
                    "timeRemaining": timeRemaining}
                page = json.JSONEncoder().encode(page)
                page = bytearray(page,"ascii")
                page = page.decode("utf-8")
                self.send_response(200)
                self.send_header('Content-type','application/json; charset=utf-8')
                self.send_header('Access-Control-Allow-Origin','*')
                self.end_headers()

                self.wfile.write(page)

        except IOError:
            self.send_error(404, 'file not found')

# Add in socket threading wrapper
class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
    pass

def run():
    print('https server is starting...')
    server_address = (ip, port)
    httpd = ThreadedHTTPServer(server_address, ServeBlizzTokenHTTPRequestHandler)
    # Generate self-signed with OpenSSL
    httpd.socket = ssl.wrap_socket( httpd.socket,
                                    keyfile="/your/own/keyfile.key",
                                    certfile="/your/own/certificate.pem",
                                    server_side=True, ssl_version= ssl.PROTOCOL_TLSv1_2)

    print('https server is running...')
    httpd.serve_forever()

if __name__ == '__main__':
    drop_privileges(uid_name='www-data', gid_name='www-data')
    run()
	#!/usr/bin/env python

	# Tested on 2.7.12
	# Recommend use of authbind for binding below 1024

	from SocketServer import ThreadingMixIn
	from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer

	import ssl
	import os, sys, pwd, grp
	import bna
	import json

	from binascii import unhexlify

	sec_endpoint = "your_own_endpoint"

	port = 8080
	ip = '0.0.0.0'

	def drop_privileges(uid_name='nobody', gid_name='nogroup'):
	if os.getuid() != 0:
	return
	running_uid = pwd.getpwnam(uid_name).pw_uid
	running_gid = grp.getgrnam(gid_name).gr_gid
	os.setgroups([])
	os.setgid(running_gid)
	os.setuid(running_uid)
	old_umask = os.umask(077)

	# Create custom HTTPRequestHandler class
	class ServeBlizzTokenHTTPRequestHandler(BaseHTTPRequestHandler):
	#lol
	server_version = 'nginx/1.4.4'
	sys_version = 'lua/5.2'
	#handle GET command
	def do_GET(self):
	try:
	self.rfile._sock.settimeout(30)
	if self.path[1:] == sec_endpoint:
	siikrit = bytearray("your_own_blizz_siikrit", "ascii")
	siikrit = siikrit.decode("utf-8")
	siikrit = unhexlify(siikrit)
	token, timeRemaining = bna.getToken(secret=siikrit)
	page = {"token": token,
	"timeRemaining": timeRemaining}
	page = json.JSONEncoder().encode(page)
	page = bytearray(page,"ascii")
	page = page.decode("utf-8")
	self.send_response(200)
	self.send_header('Content-type','application/json; charset=utf-8')
	self.send_header('Access-Control-Allow-Origin','*')
	self.end_headers()

	self.wfile.write(page)

	except IOError:
	self.send_error(404, 'file not found')

	# Add in socket threading wrapper
	class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
	pass

	def run():
	print('https server is starting...')
	server_address = (ip, port)
	httpd = ThreadedHTTPServer(server_address, ServeBlizzTokenHTTPRequestHandler)
	# Generate self-signed with OpenSSL
	httpd.socket = ssl.wrap_socket( httpd.socket,
	keyfile="/your/own/keyfile.key",
	certfile="/your/own/certificate.pem",
	server_side=True, ssl_version= ssl.PROTOCOL_TLSv1_2)

	print('https server is running...')
	httpd.serve_forever()

	if __name__ == '__main__':
	drop_privileges(uid_name='www-data', gid_name='www-data')
	run()