jyio/nuVistA
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Store and verify connection parameters

Browse Source
This commit is contained in:
Jiang Yio 2022-09-24 14:42:35 -04:00
parent 5035ff2dd1
commit 31ffadbae3
3 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/vistax.mjs
View File

@ -159,7 +159,11 @@ Client.fromCookie = async function(secret, host='vista.northport.med.va.gov', po
console.log('Using saved secret and connection', secret); console.log('Using saved secret and connection', secret);
var cid = cookie.get('cid'); var cid = cookie.get('cid');
var client = Client.fromID(cid, secret); var client = Client.fromID(cid, secret);
if((await vista.call(cid, 'XWB_IM_HERE')).result == '1') return client; if((await vista.call(cid, 'XWB_IM_HERE')).result == '1') {
var server = await client.serverinfo();
if((host == server.result.host) && (port == server.result.port)) return client;
else console.log('Rejecting previous connection to different server', server);
}
cookie.reset('cid'); cookie.reset('cid');
return await Client.fromCookie(secret, host, port); return await Client.fromCookie(secret, host, port);
} }

6
main.py
View File

@ -66,7 +66,7 @@ def application():
def cb_serverinfo(cid): def cb_serverinfo(cid):
try: try:
client = clients[cid] client = clients[cid]
return jsonify({ 'result': client._obj._server._asdict() if client._obj._server else None, 'error': None, 'id': request.json.get('id') }) return jsonify({ 'result': client._obj._server, 'error': None, 'id': request.json.get('id') })
except Exception as ex: except Exception as ex:
logger.exception(request.url) logger.exception(request.url)
return jsonify({ 'result': None, 'error': { 'type': ex.__class__.__name__, 'args': ex.args }, 'id': request.json.get('id') }) return jsonify({ 'result': None, 'error': { 'type': ex.__class__.__name__, 'args': ex.args }, 'id': request.json.get('id') })
@ -87,13 +87,13 @@ def application():
client = clients[cid] client = clients[cid]
if 'avcode' in params: if 'avcode' in params:
user = client.authenticate(params['avcode']) user = client.authenticate(params['avcode'])
client._cache_persistent(persistent=util.Store(f'cache.{client._server.volume.lower()}.{client._server.uci.lower()}.{user[0]}.db', journal_mode='WAL').memo) client._cache_persistent(persistent=util.Store(f'cache.{client._server["volume"].lower()}.{client._server["uci"].lower()}.{user[0]}.db', journal_mode='WAL').memo)
return jsonify({ 'result': user, 'error': None, 'id': request.json.get('id') }) return jsonify({ 'result': user, 'error': None, 'id': request.json.get('id') })
else: else:
from auth import XUIAMSSOi_MySsoTokenVBA from auth import XUIAMSSOi_MySsoTokenVBA
if token := XUIAMSSOi_MySsoTokenVBA(): if token := XUIAMSSOi_MySsoTokenVBA():
user = client.authenticate(token) user = client.authenticate(token)
client._cache_persistent(persistent=util.Store(f'cache.{client._server.volume.lower()}.{client._server.uci.lower()}.{user[0]}.db', journal_mode='WAL').memo) client._cache_persistent(persistent=util.Store(f'cache.{client._server["volume"].lower()}.{client._server["uci"].lower()}.{user[0]}.db', journal_mode='WAL').memo)
return jsonify({ 'result': user, 'error': None, 'id': request.json.get('id') }) return jsonify({ 'result': user, 'error': None, 'id': request.json.get('id') })
else: else:
return jsonify({ 'result': None, 'error': { 'type': 'Unauthorized', 'args': [] }, 'id': request.json.get('id') }) return jsonify({ 'result': None, 'error': { 'type': 'Unauthorized', 'args': [] }, 'id': request.json.get('id') })

10
rpc.py
View File

@ -99,7 +99,8 @@ class ClientSync(object):
self.sock.connect((host, port)) self.sock.connect((host, port))
self.recv_rpc_msg = recv_rpc_msg(self.sock) self.recv_rpc_msg = recv_rpc_msg(self.sock)
self.lock = threading.Lock() self.lock = threading.Lock()
self._server = self._user = None self._server = { 'host': host, 'port': port }
self._user = None
self.context = 'XUS SIGNON' self.context = 'XUS SIGNON'
if TCPConnect and (res := self.TCPConnect(self.sock.getsockname()[0], '0', socket.gethostname())) != 'accept': if TCPConnect and (res := self.TCPConnect(self.sock.getsockname()[0], '0', socket.gethostname())) != 'accept':
raise RPCExcInvalidResult('TCPConnect', self.sock.getsockname()[0], '0', socket.gethostname(), res) raise RPCExcInvalidResult('TCPConnect', self.sock.getsockname()[0], '0', socket.gethostname(), res)
@ -129,7 +130,7 @@ class ClientSync(object):
self.sock = self.recv_rpc_msg = None self.sock = self.recv_rpc_msg = None
return res return res
def authenticate(self, identity: str, *, context=('XUS SIGNON',)): def authenticate(self, identity: str, *, context=('XUS SIGNON',)):
self._server = RecordServerInfo(*self('XUS SIGNON SETUP', '', '1', context=context)) self._server.update(RecordServerInfo(*self('XUS SIGNON SETUP', '', '1', context=context))._asdict())
res = self('XUS AV CODE', XWBHash_encrypt(identity)) res = self('XUS AV CODE', XWBHash_encrypt(identity))
if res[0] == '0' or res[2] != '0': if res[0] == '0' or res[2] != '0':
raise RPCExcAuth(res[3], res) raise RPCExcAuth(res[3], res)
@ -170,7 +171,8 @@ class ClientAsync(object):
self.reader, self.writer = await asyncio.open_connection(host, port) self.reader, self.writer = await asyncio.open_connection(host, port)
self.arecv_rpc_msg = arecv_rpc_msg(self.reader) self.arecv_rpc_msg = arecv_rpc_msg(self.reader)
self.lock = asyncio.Lock() self.lock = asyncio.Lock()
self._server = self._user = None self._server = { 'host': host, 'port': port, 'info': None }
self._user = None
self.context = 'XUS SIGNON' self.context = 'XUS SIGNON'
if TCPConnect and (res := await self.TCPConnect(self.writer.get_extra_info('sockname')[0], '0', socket.gethostname())) != 'accept': if TCPConnect and (res := await self.TCPConnect(self.writer.get_extra_info('sockname')[0], '0', socket.gethostname())) != 'accept':
raise RPCExcInvalidResult('TCPConnect', self.writer.get_extra_info('sockname')[0], '0', socket.gethostname(), res) raise RPCExcInvalidResult('TCPConnect', self.writer.get_extra_info('sockname')[0], '0', socket.gethostname(), res)
@ -205,7 +207,7 @@ class ClientAsync(object):
self.reader = self.writer = None self.reader = self.writer = None
return res return res
async def authenticate(self, identity: str, *, context=('XUS SIGNON',)): async def authenticate(self, identity: str, *, context=('XUS SIGNON',)):
self._server = RecordServerInfo(*await self('XUS SIGNON SETUP', '', '1', context=context)) self._server.update(RecordServerInfo(*await self('XUS SIGNON SETUP', '', '1', context=context))._asdict())
res = await self('XUS AV CODE', XWBHash_encrypt(identity)) res = await self('XUS AV CODE', XWBHash_encrypt(identity))
if res[0] == '0' or res[2] != '0': if res[0] == '0' or res[2] != '0':
raise RPCExcAuth(res[3], res) raise RPCExcAuth(res[3], res)