| Server IP : 172.24.0.40 / Your IP : 216.73.216.10 Web Server : Apache System : Linux dbweb26.ust.edu.ph 4.18.0-513.5.1.el8_9.x86_64 #1 SMP Fri Sep 29 05:21:10 EDT 2023 x86_64 User : apache ( 48) PHP Version : 8.2.18 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/lib64/python3.6/site-packages/rhsm/__pycache__/ |
Upload File : |
3
a�e4 ��������������
���@���s���d�dl�mZmZmZ�d�dlZd�dlmZ�d�dlZd�dlZ d�dl
Z
d�dl
Z
d�dl
Z
d�dl
Z
d�dlZd�dlZd�dlZd�dlZd�dlmZ�d�dlmZ�d�dlmZ�d�dlmZmZ�d�dlm
Z
�d�d l
m
Z
m Z m Z �d�d
l!m"Z"�d�d
lm#Z$�d�d
lm%Z%�yd�dl&Z'e'j(j)Z*W�n�e+k
�r
���d
Z*Y�nX�e"��Z,dZ-dIdd�Z.dd��Z/dJdd�Z0G�dd��de
j1�Z2e2��Z3e
j4d�j5e3��e
j4e6�Z7G�dd��de8�Z9G�dd
��d
e8�Z:G�d
d
��d
e8�Z;G�d d ��d e:�Z<G�d!d"��d"e:�Z=G�d#d$��d$e:�Z>G�d%d&��d&e?�Z@G�d'd(��d(e8�ZAG�d)d*��d*e@�ZBG�d+d,��d,e:�ZCG�d-d.��d.eC�ZDG�d/d0��d0e:�ZEG�d1d2��d2e:�ZFG�d3d4��d4eF�ZGG�d5d6��d6eC�ZHG�d7d8��d8eG�ZIG�d9d:��d:eG�ZJG�d;d<��d<e:�ZKd=d>��ZLG�d?d@��d@e@�ZMdAdB��ZNG�dCdD��dDe?�ZOG�dEdF��dFeO�ZPG�dGdH��dHe@�ZQdS�)K�����)�print_function�division�absolute_importN)�
certificate)�Optional)�Path)�format_datetime)�httplib�ssl)�
proxy_bypass)� urlencode�quote�
quote_plus)�get_config_parser)�ourjson)�utils�unknownZmulti_environmentc����������
���C���s"���yt�|��S��tk
r
���|S�X�d�S�)N)�int� Exception)�valueZ
safe_value��r����"/usr/lib64/python3.6/connection.py�safe_int7���s����r���c�������������C���s���d|�krd|��S�|�S�dS�)a`��
When you want to use IPv6 address and port in e.g. HTTP header, then you cannot use following
notation common for IPv4 (147.230.16.1:53). You have to use following notation for IPv6
[2001:718:1c01:16::aa]:53.
:param host: hostname or IPv4 or IPv6 address
:return: When host is IPv6 address, then it encapsulated in [] brackets
�:z[%s]Nr���)�hostr���r���r����normalized_host>���s����r�������c�������������C���sz���d}|�rvy@t�jj|��}tjj��j|jd�}tj|d�}t||��|k}W�n,�t k
rt�}�zt
j
|��W�Y�dd}~X�nX�|S�)zx
Takes in a RFC 1123 date and returns True if the current time
is greater then the supplied number of hours
F)�tzinfo)�hoursN)
�dateutil�parser�parse�datetimeZutcnow�replacer
���Z timedelta�absr����log�error)Zutc_time_stringr
���ZdriftZ
utc_datetimeZlocal_datetimeZdelta�er���r���r����
drift_checkL���s����
r(���c���������������@���s���e�Zd�Zdd��ZdS�)�
NullHandlerc�������������C���s���d�S�)Nr���)�self�recordr���r���r����emitb���s����zNullHandler.emitN)�__name__�
__module__�
__qualname__r,���r���r���r���r���r)���a���s���r)����rhsmc���������������@���s���e�Zd�ZdZdS�)�NoValidEntitlementzFThrow when there is no valid entitlement certificate for accessing CDNN)r-���r.���r/����__doc__r���r���r���r���r1���l���s���r1���c���������������@���s
���e�Zd�ZdS�)�ConnectionExceptionN)r-���r.���r/���r���r���r���r���r3���q���s���r3���c���������������@���sZ���e�Zd�ZdZd
eeee�d�dd�Ze ed�dd��Z
e ed�d d
��Z
ed�d
d
�Z
dS�)�ProxyExceptionz?
Thrown in case of errors related to the proxy server.
N)�hostname�port�excc�������������C���s���||�_�||�_||�_d�S�)N)� _hostnamer6���r7���)r*���r5���r6���r7���r���r���r����__init__z���s����zProxyException.__init__)�returnc�������������C���s
���t�|�j�S�)N)r���r8���)r*���r���r���r���r5������s����zProxyException.hostnamec�������������C���s���|�j���d|�j���S�)Nr���)r5���r6���)r*���r���r���r����address����s����zProxyException.addressc�������������C���s.���|�j�}d|���}|�jd�k r*|��d|�j���}|S�)NzProxy error at z: )r;���r7���)r*���Zaddr�errr���r���r����__str__����s
����
zProxyException.__str__)NNN)
r-���r.���r/���r2����strr���r���r���r9����propertyr5���r;���r=���r���r���r���r���r4���u���s���r4���c���������������@���s
���e�Zd�ZdS�)�ConnectionSetupExceptionN)r-���r.���r/���r���r���r���r���r@�������s���r@���c���������������@���s ���e�Zd�ZdZdd��Zdd��ZdS�)�BadCertificateExceptionz< Thrown when an error parsing a certificate is encountered. c�������������C���s���||�_�||�_dS�)z, Pass the full path to the bad certificate. N)� cert_path�ssl_exc)r*���rB���rC���r���r���r���r9�������s����z BadCertificateException.__init__c�������������C���s
���d|�j��S�)NzBad certificate at %s)rB���)r*���r���r���r���r=�������s����z BadCertificateException.__str__N)r-���r.���r/���r2���r9���r=���r���r���r���r���rA�������s���rA���c���������������@���s$���e�Zd�ZdZeeeed�dd�ZdS�)�ConnectionOSErrorExceptionz�
Thrown in case of OSError during the connect() of HTTPSConnection,
in case the OSError does not come from a syscall failure (and thus
its 'errno' attribute is None.
)r���r6����handlerr7���c�������������C���s
���||�_�||�_||�_||�_d�S�)N)r���r6���rE���r7���)r*���r���r6���rE���r7���r���r���r���r9�������s����z#ConnectionOSErrorException.__init__N)r-���r.���r/���r2���r>���r����OSErrorr9���r���r���r���r���rD�������s���rD���c���������������@���s���e�Zd�Zddd�ZdS�)�BaseConnectionNc������� ������K���sN��|pt�}|ptjdd�|�_|p(tjdd�|�_|p>ttjdd��|�_|pTttjdd��|�_|
pftjdd�}|rv|tj d<�t
j
���t
j
d|���t|�j�r�d�|�_d�|�_d�|�_d�|�_n�t
j��}|d�k r�||�_ntjdd�p�|d�|�_|d�k r�||�_ntjdd ��p|d �|�_| d�k �r| |�_ntjdd
��p,|d
�|�_|
d�k �rB|
|�_ntjdd
��pV|d
�|�_||�_||�_|
|�_|
|�_||�_|�p�tjd
d�|�_ttjdd��|�_||�_|d�k�r�d|�_ttjdd��}|�r�d|�_d}d}d}d}
|
�r�|
�r�d}n(|�r|�rd}n|�rd}n
|�rd}
t
dd��|||
|fD���dk�rBt
d��d�}
|�j�rn|�j�rndt
|�j�t|�j�f�}
||�j|�j|�j|�j|�j|�j|�j|�j|�j|�j|�j|�j|�j|�j||�j|�j||d�|�_ |
�r�d|�}
n8|�r�d|
�}
n(|�r�d|�j|�jf�}
n|�rd
}
nd
}
d�|�_ d�|�_!d
} |
�r$| |
7�} | d |�j|�j|�j|
f�7�} t
j
d | ��d�S�)!NZserverr5����prefixr6���Zserver_timeout�no_proxyz-Environment variable NO_PROXY=%s will be used�proxy_hostname�
proxy_port�
proxy_userZproxy_username�proxy_passwordr0���Z
ca_cert_dir�ssl_verify_depthF�insecureTc�������������S���s���g�|�]
}|r|�qS�r���r���)�.0r���r���r���r����
<listcomp>
��s����z+BaseConnection.__init__.<locals>.<listcomp>r
���z"Cannot specify multiple auth typeszhttp_proxy=%s:%s )�username�password�token� cert_file�key_filerJ���rK���rL���rM����ca_dirrO����cert_dirrN����timeout�correlation_id�
user_agentzauth=bearer %szauth=basic username=%sz(auth=identity_cert ca_dir=%s insecure=%szauth=entitlement_certsz auth=none��z
host=%s port=%s handler=%s %szConnection built: %s)"�Restlib�config�getr���rE���r����ssl_portrY����os�environr���Z
fix_no_proxyr%����debugr
���rJ���rK���rL���rM���Zget_env_proxy_inforU���rV���rR���rS���rT���rW���rN���rO����lenr���r����conn� resources�
capabilities) r*���Z
restlib_classr���r`���rE���rW���rO���rJ���rK���rL���rM���rI���rR���rS���rU���rV���rX���rT���r[���rZ���rY����kwargsZno_proxy_override�infoZconfig_insecureZusing_basic_authZusing_id_cert_authZusing_ent_cert_authZusing_keycloak_authZproxy_descriptionZauth_descriptionZconnection_descriptionr���r���r���r9�������s�����
zBaseConnection.__init__)NNNNNNNNNNNNNNNNNNNN)r-���r.���r/���r9���r���r���r���r���rG�������s(����������������������rG���c���������������@���s
���e�Zd�ZdS�)�TokenAuthExceptionN)r-���r.���r/���r���r���r���r���rj���9��s���rj���c�������������������s(���e�Zd�ZdZ��fdd�Zdd��Z���ZS�)�KeycloakConnectionz)
Keycloak Based Authentication
c�������������
���sl���t�jjjj|�jpd}t�jjjj|�j}t�jjjj|�jp<d}tt |��j
f�|||d�|���||�_
||�_
d�S�)Nr\���i���)r���r`���rE���)
�six�moves�urllibr!���Zurlparser5����pathr6����superrk���r9����realm�resource)r*���rq���Zauth_urlrr���rh���r���rE���r`���)� __class__r���r���r9���B��s
����
zKeycloakConnection.__init__c�������������C���sz���d|�j��d�}|�jd|d�}ddi}y|�jj|||�}|d�S��tk
rt�}�z
|jdkrbt|j����W�Y�d�d�}~X�nX�d�S�) Nz/realms/z
/protocol/openid-connect/token�
refresh_token)Z client_idZ
grant_typert���z
Content-typez!application/x-www-form-urlencodedZ
access_tokeni���)rq���rr���re����
request_post�RestlibException�coderj����msg)r*���Z
refreshtoken�method�params�headers�datar'���r���r���r���� get_access_token_through_refreshJ��s����
z3KeycloakConnection.get_access_token_through_refresh)r-���r.���r/���r2���r9���r}����
__classcell__r���r���)rs���r���rk���=��s���
rk���c���������������@���s.���e�Zd�ZdZd dd�Zedd���Zdd��ZdS�)
rv���z�
Raised when a response with a valid json body is received along with a status code
that is not in [200, 202, 204, 410, 429]
See RestLib.validateResponse to see when this and other exceptions are raised.
Nc�������������C���s
���||�_�|p
d|�_|pi�|�_d�S�)Nr\���)rw���rx���r{���)r*���rw���rx���r{���r���r���r���r9���_��s����
zRestlibException.__init__c�������������C���s���t�jj|�jd�S�)N�Unknown)r ���� responsesr_���rw���)r*���r���r���r����titled��s����zRestlibException.titlec�������������C���s
���d|�j���d|�j��d|�j���S�)Nz
HTTP error (z - z): )rw���r����rx���)r*���r���r���r���r=���h��s����zRestlibException.__str__)NN)r-���r.���r/���r2���r9���r?���r����r=���r���r���r���r���rv���X��s���
rv���c���������������@���s���e�Zd�ZdZdd��ZdS�)�
GoneExceptiona���
GoneException is used to detect when a consumer has been deleted on the candlepin side.
A client handling a GoneException should verify that GoneException.deleted_id
matches the consumer uuid before taking any action (like deleting the consumer
cert from disk).
This is to prevent an errant 410 response from candlepin (or a reverse_proxy in
front of it, or it's app server, or an injected response) from causing
accidental consumer cert deletion.
c�������������C���s���t�j|�||��||�_d�S�)N)rv���r9����
deleted_id)r*���rw���rx���r����r���r���r���r9���x��s����zGoneException.__init__N)r-���r.���r/���r2���r9���r���r���r���r���r����l��s���
r����c���������������@���sF���e�Zd�ZdZd
eee�ee�d�dd�Zeed�dd��Z d d
��Z
dS�)
�UnknownContentExceptionz�
Thrown when the response of a request has no valid json content
and the http status code is anything other than the following:
[200, 202, 204, 401, 403, 410, 429, 500, 502, 503, 504]
N)rw����
content_type�contentc�������������C���s���||�_�||�_||�_d�S�)N)rw���r����r����)r*���rw���r����r����r���r���r���r9������s����z UnknownContentException.__init__)r:���c�������������C���s���t�jj|�jd�S�)Nr���)r ���r����r_���rw���)r*���r���r���r���r�������s����z
UnknownContentException.titlec�������������C���sX���d|�j���d|�j���}|�jd�k r.|d|�j���7�}|�jd�k rL|dt|�j����7�}|d7�}|S�)Nz
Unknown content error (HTTP z - z, type z, len �))rw���r����r����r����rd���)r*����sr���r���r���r=������s����
z UnknownContentException.__str__)NN)
r-���r.���r/���r2���r���r���r>���r9���r?���r����r=���r���r���r���r���r����~��s
���
r����c���������������@���s"���e�Zd�ZdZddd�Zdd��ZdS�)�RemoteServerExceptionz�
Thrown when the response to a request has no valid json content and
one of these http status codes: [404, 410, 500, 502, 503, 504]
Nc�������������C���s���||�_�||�_||�_d�S�)N)rw����
request_typerE���)r*���rw���r����rE���r���r���r���r9������s����z
RemoteServerException.__init__c�������������C���s*���|�j�r |�jr d|�j�|�j|�jf�S�d|�j�S�)Nz5Server error attempting a %s to %s returned status %szServer returned %s)r����rE���rw���)r*���r���r���r���r=������s
����
z
RemoteServerException.__str__)NN)r-���r.���r/���r2���r9���r=���r���r���r���r���r�������s����
r����c�������������������s ���e�Zd�ZdZ��fdd�Z���ZS�)�AuthenticationExceptionzAuthentication errorc����������������s(���t�t|��j��}|d7�}|d|�j�7�}|S�)N�
z$%s: Invalid credentials for request.)rp���r����r=���rH���)r*���Zbuf)rs���r���r���r=������s����z AuthenticationException.__str__)r-���r.���r/���rH���r=���r~���r���r���)rs���r���r�������s���r����c�������������������s"���e�Zd�ZdZd��fdd� Z���ZS�)�RateLimitExceededExceptiona��
Thrown in response to a http code 429.
This means that too many requests have been made in a given time period.
The retry_after attribute is an int of seconds to retry the request after.
The retry_after attribute may not be included in the response.
Nc����������������sZ���t�t|��j||��|pi�|�_t|�jjd��|�_|p4d|�_|�jd�k rV|��jd|�j�7��_d�S�)Nz
retry-afterzAccess rate limit exceededz!, retry access after: %s seconds.)rp���r����r9���r{���r���r_���Z
retry_afterrx���)r*���rw���rx���r{���)rs���r���r���r9������s
����
z#RateLimitExceededException.__init__)NN)r-���r.���r/���r2���r9���r~���r���r���)rs���r���r�������s���r����c���������������@���s���e�Zd�ZdZdZdS�)�UnauthorizedExceptionzO
Thrown in response to http status code 401 with no valid json content
Z
UnauthorizedN)r-���r.���r/���r2���rH���r���r���r���r���r�������s���r����c���������������@���s���e�Zd�ZdZdZdS�)�ForbiddenExceptionzO
Thrown in response to http status code 403 with no valid json content
Z ForbiddenN)r-���r.���r/���r2���rH���r���r���r���r���r�������s���r����c���������������@���s
���e�Zd�ZdS�)�
ExpiredIdentityCertExceptionN)r-���r.���r/���r���r���r���r���r�������s���r����c�������������C���s(���t�jdj|�|f�jd��jd�}d|�S�)Nr���zutf-8zBasic %s)�base64Z b64encode�join�encode�decode)rR���rS���Zencodedr���r���r����
_encode_auth���s���� r����c�������������������s0���e�Zd�Zd��fdd� Zd dd�Zdd��Z���ZS�)
�ContentConnectionNc�������������
���sX���t�jd��dtjtj��}d|kr.||d�7�}|p4d}tt|��jf�d||d�|���d�S�)Nr����zRHSM-content/1.0 (cmd=%s)�client_versionz/etc/pki/entitlement�/)rE���rX���r[���) r%���rc���r����cmd_name�sys�argvrp���r����r9���)r*���rX���rh���r[���)rs���r���r���r9������s����
zContentConnection.__init__c�������������C���s"���d|�j�|f�}|�jj||d�}|S�)aI��
Get list of available release versions from the given path
:param path: path, where is simple text file containing supported release versions
:param cert_key_pairs: optional argument including list of supported cert and keys
to reduce number of failed http requests.
:return:
z%s/%s)�cert_key_pairs)rE���re����
request_get)r*���ro���r����rE����resultr���r���r����
get_versions���s����z
ContentConnection.get_versionsc�������������C���s���d�S�)Nr���)r*���Z
product_idr���r���r����_get_versions_for_product���s����z+ContentConnection._get_versions_for_product)N)N)r-���r.���r/���r9���r����r����r~���r���r���)rs���r���r�������s���
r����c��������������C���sz���d�}�y
t�j��}�W�nP�t�jtfk
r`���y
t�j��}�W�n(�t�jk
rH���Y�n�tk
rZ���Y�nX�Y�nX�|�rv|�dkrv|�d�S�d�S�)Nr���)NN)�localeZ getlocale�Error�
ValueError�getdefaultlocale)�lr���r���r����
_get_locale���s����
r����c���������������@���s����e�Zd�ZdZdZd(dd�Zdd ��Zd
d
��Zd)d
d
�Zdd��Z e
dd���Z
dd��Z
d*dd�Z
dd��Zd+dd�Zdd��Zd,d
d
�Zd-d
d �Zd.d d!�Zd/d"d#�Zd0d$d%�Ze
d&d'���ZdS�)1�
BaseRestLibzp
A low-level wrapper around httplib
to make rest calls easy and expose the details of
responses
g�������?NFr
���c�������������C���s����||�_�||�_||�_|pd|�_ddtd�|�_|r8||�jd<�|
|�_|
|�_|
|�_|
|�_ ||�_
||�_
||�_
||�_
||�_||�_||�_||�_| |�_d�|�_||�_d�|�_|r�|r�t||�|�jd<�n|r�d|�|�jd<�d�S�)Nzpython-rhsm-user-agentzapplication/json)z
Content-type�Acceptz
x-subscription-manager-versionzX-Correlation-ID�
AuthorizationzBearer )r���r`����
apihandlerr[����subman_versionr{���rU���rV���rX���rW���rO���rR���rS���rY���rN���rJ���rK���rL���rM����
smoothed_rtrT����is_consumer_cert_key_validr����)r*���r���r`���r����rR���rS���rJ���rK���rL���rM���rU���rV���rX���rW���rO���rN���rY���rZ���rT���r[���r���r���r���r9�����s:����
zBaseRestLib.__init__c�������������C���s����g�}|�j�dkr
|�j|�jfgS�xhtj|�j��D�]X}|jd�r*|jd�
�r*tjj|�j�|�}tjj|�j�d|jdd�d���}|j ||f��q*W�|S�)zN
Create list of cert-key pairs to be used with the connection
Nz.pemz-key.pemz
%s-key.pem�.r
���r���)
rX���rU���rV���ra����listdir�endswithro���r�����split�append)r*���r����rU���rB���Zkey_pathr���r���r����_get_cert_key_listC��s����
z
BaseRestLib._get_cert_key_listc�������������C���s���t�jj|�j�s"tjd|�j���dS�g�}d}yHxBt�j|�j�D�]2}|jd�r:t�jj|�j|�}|j |��|j
|��q:W�W�nX�t
j
k
r��}�zt
||��W�Y�dd}~X�n,�tk
r��}�zt|j��W�Y�dd}~X�nX�|r�tjd|�jdj|�f���ntjd|�j���dS�)zx
Tries to load CA certificates to SSL context
:param context: SSL context
:return: None
z.Directory "%s" with CA certificates is missingNr\���z.pemz"Loaded CA certificates from %s: %sz, z*Unable to load any CA certificate from: %s)ra���ro����isdirrW���r%����warningr����r����r����Zload_verify_locationsr����r
����SSLErrorrA���rF���r@����strerrorrc���)r*����contextZloaded_ca_certsrB���rU���r7���r'���r���r���r����_load_ca_certificatesU��s$����
z!BaseRestLib._load_ca_certificatesc�������������C���s8��t�jt�j�}t�jt�jB�|_|�jr*t�j|_n
t�j |_|�j
d�k rF|�j
|��|rdt
j
j|�rd|j||d��|�jon|�j�r
tjdt|�j�t|�j�f���|�jdt|�j�t|�j�f�d�}|�jr�|�jr�t|�j|�j�|d<�t
j
|�j|�j||�j
d�}|j |�jt|�j�|��dt|�j�t|�j�f�|�j d<�nt
j
|�j|�j||�j
d�}|S�)N)ZkeyfilezUsing proxy: %s:%sz%s:%s)z
User-Agent�HostzProxy-Authorization)r����rY���r����)!r
���Z
SSLContextZPROTOCOL_SSLv23Z
OP_NO_SSLv2Z
OP_NO_SSLv3�optionsrO���Z CERT_NONEZ
verify_modeZ
CERT_REQUIREDrW���r����ra���ro����existsZload_cert_chainrJ���rK���r%���rc���r���r���r[���r���r`���rL���rM���r����r ���ZHTTPSConnectionrY���Z
set_tunnelr{���)r*���rU���rV���r����Z
proxy_headersre���r���r���r����_create_connectionq��s(����
z
BaseRestLib._create_connectionc����������
���C���s���dt�jk�r�d}d}d}d}d} |�jdkr8|d�| �}
n
|d �| �}
|
|d
|�j|�j||f��| �7�}
|�jr�|�jr�|
|d
�|�|�j��d
|�j����| �7�}
d
t�jkr�|
|d|��| �7�}
dt�jkr�|dk r�|
|d|��| �7�}
t���t|
��t���dt�jk�r�td�}
|
j dd��t
j
j
��j
d�}
d}
x6t|
��d|
��d��}|
|�}|j
���sLP�|
d7�}
�q$W�|jddd��}tj|d
��W�dQ�R�X�t|d
t|���d
��| ���t���dS�) a���
This method can print debug information about sent http request. We do not use
httplib.HTTPConnection.debuglevel = 1, because it doesn't provide control about displayed information.
The debug print is printed to stdout, when environment variable SUBMAN_DEBUG_PRINT_REQUEST is set.
Output can be modified with following environment variables:
* SUBMAN_DEBUG_PRINT_REQUEST_HEADER
* SUBMAN_DEBUG_PRINT_REQUEST_BODY
:param request_type: (GET, POST, PUT, ...)
:param handler: e.g. /candlepin/status
:param final_headers: HTTP header used by request
:param body: request can contain body
:return: None
ZSUBMAN_DEBUG_PRINT_REQUESTz[93mz[94mz[92mz[91mz[0mTzMaking insecure request:zMaking request:z
%s:%s %s %sz
using proxy r���Z!SUBMAN_DEBUG_PRINT_REQUEST_HEADERz %sZ SUBMAN_DEBUG_PRINT_REQUEST_BODYNZ
SUBMAN_DEBUG_SAVE_TRACEBACKSz
/tmp/rhsm/)�exist_okz%Y-%m-%d_%H-%M-%Sr����_z.logr
����wzutf-8)�encoding)�filezTraceback saved to r����)ra���rb���rO���r���r`���rJ���rK����printr����mkdirr"���ZnowZstrftimer�����open� traceback�
print_stackr>���)r*���r����rE����
final_headers�bodyZ
yellow_colZblue_colZ green_colZred_colZend_colrx���Z debug_dir� timestamp�i�filenameZ debug_logZhandler���r���r���� _print_debug_info_about_request���sD����
&
z+BaseRestLib._print_debug_info_about_requestc�������������C���s8���dt�jkr4td|�d�|�d�f���t|�d���t���dS�)z�
This method can print result of HTTP request to stdout, when environment variable SUBMAN_DEBUG_PRINT_RESPONSE
is set.
:param result: response from candlepin server
:return: None
ZSUBMAN_DEBUG_PRINT_RESPONSEz%s %s�statusr{���r����N)ra���rb���r����)r����r���r���r���� _print_debug_info_about_response���s����
z,BaseRestLib._print_debug_info_about_responsec�������������C���s����y4ddl�}y|jjj}W�n�tk
r0���d}Y�nX�W�n�tk
rL���d}Y�nX�|dkr^t��}n|}|r�|j��jdd�j dd�d�|�j
d<�dS�)z}
Set accept language in http header according current settings or environment variable
:return: None
r���Nr�����-r����r
���zAccept-Language)
Zsubscription_manager.i18nZi18n�LOCALE�language�AttributeError�
ImportErrorr�����lowerr#���r����r{���)r*����subscription_managerr����Zlcr���r���r����
_set_accept_language_in_header���s����
z*BaseRestLib._set_accept_language_in_headerc�������������C���s���|�j�|�}|�j���|d�ks&t|�dkr.|�j��}|d�k rbd|krb|d�dkrbtjjjj|�j d�}n
|d�k r|t
j
|t
j d�}nd�}t
j
d||f���|�jr�|�j|�jd<�|�jj��}|d�kr�d|d <�|r�|j|��|�j||||��d�} d�}
�x
|D��]�\}
}
y�|�j|
|
d
�}
tj��}|
j||||d
��tj��}|
j��} |�j||���| j��jd�| jt| j
���d
�}
| jd
k�rtd|�_
P�n
|�j
�r�t
j
d|
|�j f���W�q��t j!k
�r����|�j"�r�|�j
��r�t#j$|�j"�}|j%���s�d|�_
t&���|�j
�s��Y�q��t'j(k
�r0�}�z*|�j)�r
|�j*�r
t+|�j)|�j*|d����W�Y�d�d�}~X�q��t'j,t-fk
�r��}�z�t.|t/��rv|�j)�rv|�j*�rvt+|�j)|�j*|d��tj0�r�t1j2}nt1j2j3}t4|�t4|�k�r�t+|�j)|�j*|d��|j5d�k�r�t6|�j |�j7|�j�|����W�Y�d�d�}~X�q�X�q�W�|�j
�rt8d|�j |f���|�j9|
��dt4|
d���}| j:d��r<d|| j:d�f�}d|||f�}t
j
|��t;| j:d���rnt
j<d��|�j=|
||��|
S�)Nr���z
Content-typez!application/x-www-form-urlencodedzutf-8)�defaultzMaking request: %s %sz
User-Agent�0zContent-Length)rU���rV���)r����r{���)r����r����r{��������Tz-Unable to get valid response: %s from CDN: %sF)r5���r6���r7���zKCannot access CDN content on: %s using any of entitlement cert-key pair: %szResponse: status=r����zx-candlepin-request-uuidz%s, requestUuid=%sz%s, request="%s %s"Zdatez2Clock skew detected, please check your system time)>r����r����rd���r����rl���rm���rn���r!���r
���r�����json�dumpsr%���rc���r[���r{����copy�updater����r�����timeZrequestZ
getresponse�
_update_smoothed_response_time�readr����r�����dictZ
getheadersr����rX���r���r
���r����rU���r����create_from_file�is_validr�����socketZgaierrorrJ���rK���r4���r&���rF����
isinstance�ConnectionErrorZPY2r ����
PROXY_AUTHENTICATION_REQUIREDr���r>����errnorD���r`���r1���r����Z getheaderr(���r�����validateResponse)r*���r����ry���ri���r{���r����rE���r����r�����responser����rU���rV���re���Zts_startZts_end�id_certr<���rw���Z
response_logr���r���r����_request���s�����
zBaseRestLib._requestc�������������C���sF���|�j�dkr||�_�n
|�j|�j��d|�j�|��|�_�tjd||�j�f���dS�)z�
Method for computing smoothed time of response. It is based on computing SRTT (See RFC 793).
:param response_time: response time of the latest http request
:return: None
Nr
���z-Response time: %s, Smoothed response time: %s)r�����ALPHAr%���rc���)r*���Z
response_timer���r���r���r����j��s����
z*BaseRestLib._update_smoothed_response_timec�������������C���s���t�|d��dk�r�i�}|jd�s&i�}n�ytj|d��}W�n~�tk
rz�}�z&tjd|d����tjd|���W�Y�d�d�}~X�n>�tk
r��}�z"tjd|d����tj|��W�Y�d�d�}~X�nX�|�r�t�|d��d kr�t |d�|d
�|d
���n(t�|d��t�t
j
�k�rt
|�j
|�jd
��|�j|�}t�|d��dk�rDt|d�||jd�d��t�|d��d
k�r�|�j
�r�|�j�r�tj|�j�}|j���r�t|d�d|jd���t|d�||jd���n�t�|d��d
k�r�t|d�||d��n�t�|d��d
k�r�t|d�||d��n�t�|d��d k�r
t|d�||d��nxt�|d��d k�rFt|d�|jd�d��nNt�|d��t�t
j
�k�rpt
|�j
|�jd
��n$t|d�|jdi��jd�|jd���d�S�)!Nr�����200�202�204�304r����z
Response: %szJSON parsing error: %s�410�displayMessageZ deletedId)r5���r6����429r{���)r{����401zmUnable to make a connection using SSL client certificate. Please review proxy configuration and connectivity.�404�500�502�503�504)r����rE����403z
Content-Type)r����r����r����r����)r����)r����)r����r����r����r����r����r����)r����)r����)r����)r>���r_���r�����loadsr����r%���r&���r���Z exceptionr����r ���r����r4���rJ���rK����#_parse_msg_from_error_response_bodyr����rU���r���r����r����rv���r����r����r����r����)r*���r����r����rE���Zparsedr'���Z error_msgr����r���r���r���r����v��sl����
z
BaseRestLib.validateResponsec�������������C���sD���d|kr|d�S�d|kr0dj�dd��|d�D���S�d|kr@|d�S�d�S�)Nr�����errors� c�������������s���s���|�]}d�|�V��qdS�)z%sNr���)rP����errmsgr���r���r���� <genexpr>���s����zBBaseRestLib._parse_msg_from_error_response_body.<locals>.<genexpr>Zerror_description)r����)r*���r����r���r���r���r�������s
����z/BaseRestLib._parse_msg_from_error_response_bodyc�������������C���s���|�j�d|||d�S�)NZGET)r{���r����)r����)r*���ry���r{���r����r���r���r���r�������s����zBaseRestLib.request_getc�������������C���s���|�j�d|||d�S�)NZPOST)r{���)r����)r*���ry���rz���r{���r���r���r���ru������s����zBaseRestLib.request_postc�������������C���s���|�j�d||d�S�)NZHEAD)r{���)r����)r*���ry���r{���r���r���r����
request_head���s����zBaseRestLib.request_headc�������������C���s���|�j�d|||d�S�)NZPUT)r{���)r����)r*���ry���rz���r{���r���r���r����
request_put���s����zBaseRestLib.request_putc�������������C���s���|�j�d|||d�S�)NZDELETE)r{���)r����)r*���ry���rz���r{���r���r���r����request_delete���s����zBaseRestLib.request_deletec�������������C���s
���t�|�dd�S�)zJ
Format a datetime to HTTP-date as described by RFC 7231.
T)Zusegmt)r���)Zdtr���r���r����_format_http_date���s����z
BaseRestLib._format_http_date)NNNNNNNNNNFr
���NNNN)NN)NNN)NN)NN)NN)N)NN)NN)r-���r.���r/���r2���r����r9���r����r����r����r�����
staticmethodr����r����r����r����r����r����r����ru���r��r��r��r��r���r���r���r���r����
��s0��������
(
(8
t
X
r����c�������������������s"���e�Zd�ZdZd��fdd� Z���ZS�)r]���z�
A wrapper around httplib to make rest calls easier
See validateResponse() to learn when exceptions are raised as a result
of communication with the server.
Nc����������
������sX���t�t|��j|||||d�}t|d��s*d�S�ytj|d��S��tjk
rR���|d�S�X�d�S�)N)ri���r{���r����r����)rp���r]���r����rd���r����r����ZJSONDecodeError)r*���r����ry���ri���r{���r����r����)rs���r���r���r�������s����
zRestlib._request)NNN)r-���r.���r/���r2���r����r~���r���r���)rs���r���r]������s���r]���c�������������������s���e�Zd�ZdZ��fdd�Zdd��Zdd��Zdd ��Zd
d
��Zd
d
��Z dd��Z
d�dd�Z
dd��Z
ddi�ddddddddddddfdd�Z
d�dd�Zd�dd
�Zi�fd
d
�Zd�d d �Zd!d"��Zd#d$��Zd%d&��Zd'd(��Zd)d*��Zd+d,��Zd-d.��Zd/d0��Zd�d1d2�Zd�d3d4�Zd�d5d6�Z
d�d7d8�Z
d9d:��Z
d�d;d<�Z d=d>��Z d?d@��Z!dAdB��Z"dCdD��Z#dEdF��Z$d�dGdH�Z%dIdJ��Z&g�fdKdL�Z'dMdN��Z(d�dOdP�Z)d�dQdR�Z*dSdT��Z+d�dUdV�Z,dWdX��Z-dYdZ��Z.d[d\��Z/d]d^��Z0d�d_d`�Z1d�dcdd�Z2d�dedf�Z3dgdh��Z4didj��Z5dkdl��Z6d�dmdn�Z7dodp��Z8dqdr��Z9d�dsdt�Z:dudv��Z;dwdx��Z<d�dzd{�Z=d�d|d}�Z>d~d��Z?d�d���Z@d�d���ZAd�d�d��ZBd�d�d��ZCd�d���ZDd�d�d��ZEd�d���ZFd�d���ZGd�d���ZHd�d�d��ZI���ZJS�)��
UEPConnectionzh
Class for communicating with the REST interface of a Red Hat Unified
Entitlement Platform.
c�������������
���sV���dt�jtj��}d|kr$||d�7�}d|kr8||d�7�}tt|��jf�d|i|���dS�)aT��
Multiple ways to authenticate:
- username/password for HTTP basic authentication. (owner admin role)
- uuid/key_file/cert_file for identity cert authentication.
(consumer role)
- token (when supported by the server)
Must specify only one method of authentication.
zRHSM/1.0 (cmd=%s)r����Z
dbus_senderr[���N)r���r����r����r����rp���r��r9���)r*���rh���r[���)rs���r���r���r9�����s
����
zUEPConnection.__init__c�������������C���sD���i�|�_�|�jjd�}x
|D�]}|d�|�j�|d�<�qW�tjd|�j���dS�)a���
Load the list of supported resources by doing a GET on the root
of the web application we're configured to use.
Need to handle exceptions here because sometimes UEPConnections are
created in a state where they can't actually be used. (they get
replaced later) If something goes wrong making this request, just
leave the list of supported resources empty.
r����ZhrefZrelz+Server supports the following resources: %sN)rf���re���r����r%���rc���)r*���Zresources_list�rr���r���r����_load_supported_resources#��s
����
z'UEPConnection._load_supported_resourcesc�������������C���s���|�j�dkr|�j���|�j�S�)z_
Get list of supported resources.
:return: list of supported resources
N)rf���r
��)r*���r���r���r����get_supported_resources4��s����
z%UEPConnection.get_supported_resourcesc�������������C���s
���|�j�dkr|�j���||�j�kS�)z�
Check if the server we're connecting too supports a particular
resource. For our use cases this is generally the plural form
of the resource.
N)rf���r
��)r*���Z
resource_namer���r���r����supports_resource>��s����
z UEPConnection.supports_resourcec�������������C���s^���|�j���}|jd�}|dkr.tjd|���g�}n,t|t�rN|
�rNtjd|���n
tjd|��|S�)zo
Loads manager capabilities by doing a GET on the status
resource located at '/status'
ZmanagerCapabilitiesNzaThe status retrieved did not include key 'managerCapabilities'.
Status:'%s'zHThe managerCapabilities list was empty
Status:'%s'z)Server has the following capabilities: %s)� getStatusr_���r%���rc���r�����list)r*���r����rg���r���r���r����_load_manager_capabilitiesI��s����
z(UEPConnection._load_manager_capabilitiesc�������������C���s
���|�j�dkr|�j��|�_�||�j�kS�)zU
Check if the server we're connected to has a particular capability.
N)rg���r��)r*���Z
capabilityr���r���r����has_capability[��s����
z
UEPConnection.has_capabilityc�������������C���s���|�j�j���tjd��d�S�)Nzremote connection closed)re����closer%���rc���)r*���r���r���r����shutDownc��s����
zUEPConnection.shutDownNc�������������C���s
���|�j�jd�S�)Nz/status/)re���r����)r*���rR���rS���r���r���r����pingg��s����zUEPConnection.pingc�������������C���s(���|||d�}ddd�}|�j�jd||d�S�)a
��
When automatic registration is enabled in rhsm.conf and it was possible
to gather cloud metadata, then it is possible to try to get JSON Web Token
for automatic registration. When candlepin does not provide automatic
registration, then raise exception.
:param cloud_id: ID of cloud provider, e.g. "aws", "azure", "gcp"
:param metadata: string with base64 encoded metadata
:param signature: string with base64 encoded signature
:return: string with JWT
)�type�metadata� signaturezapplication/jsonz
text/plain)z
Content-typer����z/cloud/authorize)ry���rz���r{���)re���ru���)r*���Zcloud_idr��r��rz���r{���r���r���r����
getJWTokenj��s����
zUEPConnection.getJWTokenr����systemc�������������C���sn��|||d�}|r||d<�|r$||d<�| dk r8d| i|d<�|
dk rH|
|d<�|
dk rX|
|d<�|
dk rh|
|d<�|dk rx||d <�|
dk r�|
|d
<�|dk r�|�j�t�r�g�}x |jd
�D�]}|jd
|i��q�W�||d
<�i�}|r�dj|d�|d<�d}|o�|�j�t�
��rd|�j|��}nV|�r\td|i�}d||f�}d}|�r\|d�}x$|D�]
}||�|�j|��}d
}�q<W�|�jj|||d�S�)z8
Creates a consumer on candlepin server
)r���name�facts�installedProducts�uuidN�
hypervisorId�
contentTags�role�addOns�usage�
serviceLevel�,�id�
environmentszBearer {jwt_token})� jwt_tokenr����z
/consumersz/environments/%s/consumers�ownerz%s?%sr\���z&activation_keys=)r{���) r��� MULTI_ENVr����r�����format�sanitizer
���re���ru���)r*���r��r��r��r'��r%���keys�installed_productsr
���
hypervisor_id�
content_tagsr ���addons�
service_levelr!��r&��rz����env_list�
environmentr{����url�
query_paramZprepend�keyr���r���r����registerConsumer���sP����
z
UEPConnection.registerConsumerc�������
������C���s����|�j�d�r~|�jjd�}d|�jjd<�|dd�}|rN|jrNt|j�dkrN|j|d<�t|�}d||f�}|�jj||�} ||�jjd<�n$t||d ��}d
|�}|�jj||�} | S�)
a&��
Sends a mapping of hostIds to list of guestIds to candlepin
to be registered/updated.
This method can raise the following exceptions:
- RestLibException with http code 400: this means no mapping
(or a bad one) was provided.
- RestLibException with other http codes: Please see the
definition of RestLibException above for info about this.
- RateLimitExceededException: This means that too many requests
have been made in the given time period.
Zhypervisors_asyncz
Content-typez
text/plainF)�envZcloakedr����
reporter_idz/hypervisors/%s?%s)r'��r7��z/hypervisors?%s)r��re���r{���r8��rd���r
���ru���)
r*���r'��r7��Zhost_guest_mappingr����ZpriorContentTyperz����
query_paramsr3���resr���r���r����hypervisorCheckIn���s
����
z UEPConnection.hypervisorCheckInc�������������C���sX���|�j�d�
�s&|o"|jo"t|j�dk
�r*dS�i�}|j|d<�t|�}d||f�}|�jj|�S�)a*��
Sends the reporter id to candlepin
to update the hypervisors it has previously reported.
This method can raise the following exception:
- RateLimitExceededException: This means that too many requests
have been made in the given time period.
Zhypervisors_heartbeatr���Nr8��z
/hypervisors/%s/heartbeat?%s)r��r8��rd���r
���re���r��)r*���r'��r����rz���r9��r3��r���r���r����hypervisorHeartbeat���s���� &
z!UEPConnection.hypervisorHeartbeatc�������������C���s���|�j�||d�S�)z>
Update a consumers facts on candlepin server
)r��)�updateConsumer)r*����
consumer_uuidr��r���r���r����updateConsumerFacts���s����z!UEPConnection.updateConsumerFactsc�������������C���s:��i�}|dk r||d<�|dk r*|�j�|�|d<�|dk r:||d<�|dk rJ||d<�|dk rZ||d<�|dk rnd|i|d<�| dk r~| |d<�|
dk r�|
|d <�|
dk r�t|
t�r�|
|d
<�nt|
tj�r�|
g|d
<�|
dk r�|
|d
<�|
dk �rg�}x |
jd
�D�]}|jd
|i��q�W�||d<�|dk �r||d<�d|�j|��}|�jj ||�}|S�)a���
Update a consumer on the server.
Rather than requiring a full representation of the consumer, only some
information is passed depending on what we wish to update.
Note that installed_products and guest_uuids expects a certain format,
example parsing is in subscription-manager's format_for_server() method.
This can raise the following exceptions:
- RestlibException - This will include an http error code and a
translated message that provides some detail as to what happend.
- GoneException - This indicates that the consumer has been deleted
Nr���guestIdsr��Z
releaseVer�autohealr
��r
��r ��r ��r!��r#��r$��r%��r"��z
/consumers/%s)
�sanitizeGuestIdsr����r��rl���Z text_typer����r����r*��re���r��)r*���r
��r��r,��Z
guest_uuidsr0���releaserA��r-��r.��r ��r/��r!��r%��rz���r1��r2��ry����retr���r���r���r=�����sD����
z
UEPConnection.updateConsumerc�������������C���sD���t�|tj�r|}i�}n|d�}d|�j|�|�j|�f�}|�jj||�S�)N�guestIdz/consumers/%s/guestids/%s)r����rl����
string_typesr*��re���r��)r*���r
��rE���
guest_uuidry���r���r���r����addOrUpdateGuestId1��s
����
z UEPConnection.addOrUpdateGuestIdc�������������C���s���d|�j�|��}|�jj|�S�)Nz/consumers/%s/guestids)r*��re���r����)r*���r
��ry���r���r���r����
getGuestIds:��s����zUEPConnection.getGuestIdsc�������������C���s$���d|�j�|�|�j�|�f�}|�jj|�S�)Nz/consumers/%s/guestids/%s)r*��re���r����)r*���r
��rG��ry���r���r���r����
getGuestId>��s����zUEPConnection.getGuestIdc�������������C���s$���d|�j�|�|�j�|�f�}|�jj|�S�)Nz/consumers/%s/guestids/%s)r*��re���r��)r*���r
��rG��ry���r���r���r����
removeGuestIdB��s����zUEPConnection.removeGuestIdc����������������s�����fdd�|pg�D��S�)Nc����������������s���g�|�]}��j�|��qS�r���)�sanitizeGuestId)rP���rE��)r*���r���r���rQ���G��s����z2UEPConnection.sanitizeGuestIds.<locals>.<listcomp>r���)r*���r@��r���)r*���r���rB��F��s����z
UEPConnection.sanitizeGuestIdsc�������������C���sD���t�|tj�r|S�t�|t�r@dt|j���kr@|�jd�r8|S�|d�S�d�S�)NrE��Zguestids)r����rl���rF��r����r��r+��r
��)r*���rE��r���r���r���rL��I��s
����
z
UEPConnection.sanitizeGuestIdc�������������C���s
���d|�j�|��}|�jj||�S�)z�
Updates the consumer's package profile on the server.
pkg_dicts expected to be a list of dicts, each containing the
package headers we're interested in. See profile.py.
z/consumers/%s/packages)r*��re���r��)r*���r>��Z pkg_dictsry���r���r���r����updatePackageProfileS��s����z"UEPConnection.updatePackageProfilec�������������C���s
���d|�j�|��}|�jj||�S�)a��
Updates the costumers' combined profile containing package profile,
enabled repositories and dnf/yum modules.
:param consumer_uuid: UUID of consumer
:param profile: Combined profile
:return: Dict containing response from HTTP server
z/consumers/%s/profiles)r*��re���r��)r*���r>��Zprofilery���r���r���r����updateCombinedProfile]��s����z#UEPConnection.updateCombinedProfilec�������������C���s���d|�j�|��}|�jj|�S�)zO
Returns a consumer object with pem/key for existing consumers
z
/consumers/%s)r*��re���r����)r*���r
��rR���rS���ry���r���r���r����
getConsumeri��s����zUEPConnection.getConsumerc�������������C���s ���d}|rd||f�}|�j�j|�S�)z-
Returns a list of consumers
z
/consumers/z
%s?owner=%s)re���r����)r*���r'��ry���r���r���r����
getConsumersp��s����
zUEPConnection.getConsumersc�������������C���s8���d|�j�|��}|r,d||�j�|j��dd�f�}|�jj|�S�)zP
Returns a compliance object with compliance status information
z/consumers/%s/compliancez
%s?on_date=%sT)�plus)r*��� isoformatre���r����)r*���r
���on_datery���r���r���r����
getCompliancez��s
����zUEPConnection.getCompliancec�������������C���s8���d|�j�|��}|r,d||�j�|j��dd�f�}|�jj|�S�)z_
Returns a system purpose compliance object with compliance status information
z /consumers/%s/purpose_compliancez
%s?on_date=%sT)rQ��)r*��rR��re���r����)r*���r
��rS��ry���r���r���r����getSyspurposeCompliance���s
����z%UEPConnection.getSyspurposeCompliancec�������������C���s���d|�j�|��}|�jj|�S�)zM
Retrieves the system purpose settings available to an owner
z/owners/%s/system_purpose)r*��re���r����)r*���� owner_keyry���r���r���r����
getOwnerSyspurposeValidFields���s����z+UEPConnection.getOwnerSyspurposeValidFieldsc�������������C���s&���d|i}|r||d<�d}|�j�j||�S�)Nr5��Z
displayNamez/owners/)re���ru���)r*���ZownerKeyZownerDisplayNamerz���ry���r���r���r����
createOwner���s
����zUEPConnection.createOwnerc�������������C���s���d|�j�|��}|�jj|�S�)zM
Returns an owner object with pem/key for existing consumers
z/consumers/%s/owner)r*��re���r����)r*���r
��ry���r���r���r����getOwner���s����zUEPConnection.getOwnerc�������������C���s���d|�j�|��}|�jj|�S�)z"
deletes an owner
z
/owners/%s)r*��re���r��)r*���r5��ry���r���r���r����
deleteOwner���s����zUEPConnection.deleteOwnerc�������������C���s���d}|�j�j|�S�)z.
Returns a list of all owners
z/owners)re���r����)r*���ry���r���r���r���� getOwners���s����zUEPConnection.getOwnersc�������������C���s���d|�j�|��}|�jj|�S�)z'
Returns an owner info
z/owners/%s/info)r*��re���r����)r*���r'��ry���r���r���r����
getOwnerInfo���s����zUEPConnection.getOwnerInfoc�������������C���s0���d|�j�|��}|�jj|�}dd��|p&g�D��}|S�)zN
Returns an owner objects with pem/key for existing consumers
z/users/%s/ownersc�������������S���s���g�|�]}|d�k r|�qS�)Nr���)rP����xr���r���r���rQ������s����z.UEPConnection.getOwnerList.<locals>.<listcomp>)r*��re���r����)r*���rR���ry���Zownersr���r���r����
getOwnerList���s����
zUEPConnection.getOwnerListc�������������C���s8���d|�}x"|pg�D�]}|d|�j�|��7�}qW�|�jj|�S�)zb
If hypervisor_ids is populated, only hypervisors with those ids will be returned
z/owners/%s/hypervisors?z&hypervisor_id=%s)r*��re���r����)r*���rV��Zhypervisor_idsry���r-��r���r���r����getOwnerHypervisors���s����z!UEPConnection.getOwnerHypervisorsc�������������C���s���d|�j�|��}|�jj|�S�)z;
Deletes a consumer from candlepin server
z
/consumers/%s)r*��re���r��)r*����
consumerIdry���r���r���r����unregisterConsumer���s����z UEPConnection.unregisterConsumerc�������������C���s<���d|�j�|��}t|�dkr0dj|�}d||f�}|�jj|�S�)z�
Fetch all entitlement certificates for this consumer.
Specify a list of serial numbers to filter if desired.
z/consumers/%s/certificatesr���r#��z
%s?serials=%s)r*��rd���r����re���r����)r*���r>��Zserialsry���Z
serials_strr���r���r����getCertificates���s
����
z
UEPConnection.getCertificatesc�������������C���s���d|�j�|��}|�jj|�S�)zC
Get serial numbers for certs for a given consumer
z"/consumers/%s/certificates/serials)r*��re���r����)r*���r`��ry���r���r���r����getCertificateSerials���s����z#UEPConnection.getCertificateSerialsc�������������C���s2���d|�}i�}|r"t�j|�}||d<�|�jj||d�S�)a-��
Get the content of the accessible content cert for a given consumer.
:param consumerId: consumer id
:param if_modified_since: if present, only return the content if it was altered since the given date
:return: json with the last modified date and the content
z /consumers/%s/accessible_contentzIf-Modified-Since)r{���)r����r��re���r����)r*���r`��Zif_modified_sincery���r{���r����r���r���r����getAccessibleContent���s
����
z"UEPConnection.getAccessibleContentc�������������C���s4���d|�j�|�|�j�|�f�}|r(d||f�}|�jj|�S�)zC
Subscribe consumer to a subscription by pool ID.
z"/consumers/%s/entitlements?pool=%sz%s&quantity=%s)r*��re���ru���)r*���r`���poolIdZquantityry���r���r���r����bindByEntitlementPool���s����
z#UEPConnection.bindByEntitlementPoolc�������������C���s0���dj�dd��|D���}dt|�|f�}|�jj|�S�)z�
Subscribe consumer directly to one or more products by their ID.
This will cause the UEP to look for one or more pools which provide
access to the given product.
�&c�������������S���s
���g�|�]}d�|j�dd���qS�)zproduct=r���z%20)r#���)rP����productr���r���r���rQ�����s����z/UEPConnection.bindByProduct.<locals>.<listcomp>z
/consumers/%s/entitlements?%s)r����r>���re���ru���)r*���r`��Zproducts�argsry���r���r���r����
bindByProduct���s����zUEPConnection.bindByProductc�������������C���s8���d|�j�|��}|r,d||�j�|j��dd�f�}|�jj|�S�)a:��
Same as bindByProduct, but assume the server has a list of the
system's products. This is useful for autosubscribe. Note that this is
done on a best-effort basis, and there are cases when the server will
not be able to fulfill the client's product certs with entitlements.
z/consumers/%s/entitlementsz%s?entitle_date=%sT)rQ��)r*��rR��re���ru���)r*���r`��Z
entitle_datery���r���r���r����bind��s
����zUEPConnection.bindc�������������C���s<���|dkrd|�j�|��}nd|�j�|�|�j�|�f�}|�jj|�S�)aW��
Performs a dry-run autobind on the server and returns the results of
what we would get. Callers can use this information to determine if
they wish to perform the autobind, and to explicitly grab entitlements
from each pool returned.
Return will be a dict containing a "quantity" and a "pool".
Nz"/consumers/%s/entitlements/dry-runz3/consumers/%s/entitlements/dry-run?service_level=%s)r*��re���r����)r*���r>��r0��ry���r���r���r����
dryRunBind��s
���� zUEPConnection.dryRunBindc�������������C���s(���d|�j�|�|�j�t|��f�}|�jj|�S�)Nz
/consumers/%s/certificates/%s)r*��r>���re���r��)r*���r`���serialry���r���r���r����unbindBySerial(��s����
z
UEPConnection.unbindBySerialc�������������C���s$���d|�j�|�|�j�|�f�}|�jj|�S�)Nz"/consumers/%s/entitlements/pool/%s)r*��re���r��)r*���r>��Zpool_idry���r���r���r����unbindByPoolId,��s����z
UEPConnection.unbindByPoolIdc�������������C���s���d|�j�|��}|�jj|�S�)Nz/consumers/%s/entitlements)r*��re���r��)r*���r`��ry���r���r���r���� unbindAll0��s����zUEPConnection.unbindAllc�������������C���s8���d|�j�|��}|r,d||�j�|j��dd�f�}|�jj|�S�)Nz/consumers/%s/checkinz%s?checkin_date=%sT)rQ��)r*��rR��re���r��)r*���r`��Z
checkin_datery���r���r���r����checkin4��s
����zUEPConnection.checkinFr���c
�������
������C���s����|r$d|�j�|��}
|r:d|
|f�}
n|r2d|�}
ntd��|rFd|
�}
|dkrZd|
|f�}
|rxd |
|�j�|j��d
d
�f�}
|r�|
�r�d
|
|�j�|j��d
d
�f�}
|r�d
|
|�j�|d
d
�f�}
|dkr�d|
|�j�|�f�}
| dkr�d|
|�j�| �f�}
|�jj|
�}
|
S�)z�
List pools for a given consumer or owner.
Ideally, try to always pass the owner key argument. The old method is deprecated
and may eventually be removed.
z/owners/%s/pools?z
%sconsumer=%sz/pools?consumer=%sz2Must specify an owner or a consumer to list pools.z%s&listall=true�add�onlyz%s&%s_future=truez
%s&after=%sT)rQ��z%s&activeon=%sz
%s&matches=%sr���z
%s&page=%sz%s&per_page=%s)rr��rs��)r*��r���rR��re���r����)
r*���ZconsumerZlistAllZ active_onr'��Z
filter_stringZfutureZ
after_dateZpageZitems_per_pagery����resultsr���r���r����
getPoolsList=��s.����
zUEPConnection.getPoolsListc�������������C���s0���d|�j�|��}|r$d||�j�|�f�}|�jj|�S�)Nz /pools/%sz%s?consumer=%s)r*��re���r����)r*���re��r`��ry���r���r���r����getPoole��s����zUEPConnection.getPoolc�������������C���s���d|�j�|��}|�jj|�S�)Nz
/products/%s)r*��re���r����)r*���Z
product_uuidry���r���r���r����
getProductk��s����zUEPConnection.getProductc�������������C���s
���d|�j�|��}|�jj|�}|S�)Nz/consumers/%s/release)r*��re���r����)r*���r`��ry���rt��r���r���r����
getReleaseo��s����
zUEPConnection.getReleasec�������������C���s���d|�j�|��}|�jj|�S�)a3��
Gets the available content releases for a consumer.
NOTE: Used for getting the available release versions
from katello. In hosted candlepin scenario, the
release versions will come from the CDN directly
(API not implemented in candlepin).
z /consumers/%s/available_releases)r*��re���r����)r*���r`��ry���r���r���r����getAvailableReleasest��s���� z"UEPConnection.getAvailableReleasesc�������������C���s0���d|�j�|��}|sd}nd}|�jj||��}|S�)Nz/consumers/%s/entitlementsz3?exclude=certificates.key&exclude=certificates.certr\���)r*��re���r����)r*���r`��Z
request_certsry����filtersrt��r���r���r����getEntitlementList���s
����z UEPConnection.getEntitlementListc�������������C���s
���d|�j�|��}|�jj|�}|S�)zA
List the service levels available for an owner.
z/owners/%s/servicelevels)r*��re���r����)r*���rV��ry���rt��r���r���r����getServiceLevelList���s����
z!UEPConnection.getServiceLevelListc�������������C���s
���d|�j�|��}|�jj|�}|S�)z�
List the environments for a particular owner.
Some servers may not support this and will error out. The caller
can always check with supports_resource("environments").
z/owners/%s/environments)r*��re���r����)r*���rV��ry���rt��r���r���r����getEnvironmentList���s����
z UEPConnection.getEnvironmentListc�������������C���sT���|r|
�rt�d��td|i�}d|�j|�|f�}|�jj|�}t|�dkrLdS�|d�S�)a��
Fetch an environment for an owner.
If querying by name, owner is required as environment names are only
unique within the context of an owner.
TODO: Add support for querying by ID, this will likely hit an entirely
different URL.
z3Must specify owner key to query environment by namer��z/owners/%s/environments?%sr���N)r���r
���r*��re���r����rd���)r*���rV��r��r4��r3��rt��r���r���r����getEnvironment���s����
z
UEPConnection.getEnvironmentc�������������C���s���d|�j�|��}|�jj|�S�)Nz/entitlements/%s)r*��re���r����)r*���ZentIdry���r���r���r����getEntitlement���s����z
UEPConnection.getEntitlementc�������������C���s���d|�j�|��}|�jj|�S�)Nz
/consumers/%s)r*��re���ru���)r*���r`��ry���r���r���r����regenIdCertificate���s����z UEPConnection.regenIdCertificateTc�������������C���s����d|�j�|��}|r|d7�}d}y|�jj|��d}W�n^�ttjtfk
r��}�z:t|tj�sft|j �dkr|t
j
d��t
j
|��n|�W�Y�dd}~X�nX�|S�)zE
Regenerates all entitlements for the given consumer
z/consumers/%s/certificatesz?lazy_regen=trueFTr����zJUnable to refresh entitlement certificates: Service currently unsupported.N)
r*��re���r��r����r ����
BadStatusLinerv���r����r>���rw���r%���rc���)r*����
consumer_id�
lazy_regenry���r����r'���r���r���r����
regenEntitlementCertificates���s����
z*UEPConnection.regenEntitlementCertificatesc�������������C���s����d|�j�|�|�j�|�f�}|r$|d7�}d}y|�jj|��d}W�n^�ttjtfk
r��}�z:t|tj�spt|j �dkr�t
j
d��t
j
|��n|�W�Y�dd}~X�nX�|S�)zN
Regenerates the specified entitlement for the given consumer
z)/consumers/%s/certificates?entitlement=%sz&lazy_regen=trueFTr����zJUnable to refresh entitlement certificates: Service currently unsupported.N)
r*��re���r��r����r ���r���rv���r����r>���rw���r%���rc���)r*���r���Zentitlement_idr���ry���r����r'���r���r���r����regenEntitlementCertificate���s����
z)UEPConnection.regenEntitlementCertificatec�������������C���s���d}|�j�j|�S�)Nz/status)re���r����)r*���ry���r���r���r���r
�����s����zUEPConnection.getStatusc�������������C���s���d|�j�|��}|�jj|�S�)zC
Get all the overrides for the specified consumer.
z /consumers/%s/content_overrides)r*��re���r����)r*���r`��ry���r���r���r����getContentOverrides���s����z!UEPConnection.getContentOverridesc�������������C���s
���d|�j�|��}|�jj||�S�)z6
Set an override on a content object.
z /consumers/%s/content_overrides)r*��re���r��)r*���r`��Z overridesry���r���r���r����setContentOverrides���s����z!UEPConnection.setContentOverridesc�������������C���s$���d|�j�|��}|sg�}|�jj||�S�)z9
Delete an override on a content object.
z /consumers/%s/content_overrides)r*��re���r��)r*���r`��rz���ry���r���r���r����deleteContentOverrides���s����z$UEPConnection.deleteContentOverridesc�������������C���sb���d|�}|rV|d|�7�}|
�rFt�j��d�dk rFt�j��d�j��jdd�}|rV|d|�7�}|�jj|�S�)zj
Activate a subscription by machine, information is located in the
consumer facts
z /subscriptions?consumer_uuid=%sz &email=%sr���Nr����r����z&email_locale=%s)r����r����r����r#���re���ru���)r*���r`��ZemailZlangry���r���r���r����activateMachine ��s����
z
UEPConnection.activateMachinec�������������C���s
���d|�j�|��}|�jj|�}|S�)z@
List the subscriptions for a particular owner.
z/owners/%s/subscriptions)r*��re���r����)r*���rV��ry���rt��r���r���r����getSubscriptionList��s����
z!UEPConnection.getSubscriptionListc�������������C���sV���d|�j�|��}|dk r*|dt|�j���7�}|dk rF|dt|�j���7�}|�jj|�}|S�)z>
Update subscriptions for a particular owner.
z/owners/%s/subscriptions?Nz&auto_create_owner=%sz&lazy_regen=%s)r*���boolr����re���r��)r*���rV��Zauto_create_ownerr���ry���rt��r���r���r����updateSubscriptionList ��s����
z$UEPConnection.updateSubscriptionListc�������������C���s(���t�ddi�}d||f�}|�jj|�}|S�)z8
Returns the status of a candlepin job.
Z
result_dataTz
/jobs/%s?%s)r
���re���r����)r*����job_idr9��ry���rt��r���r���r����getJob.��s����
zUEPConnection.getJobc�������������C���s���|d�}|�j�j|�}|S�)zU
Given a dict representing a candlepin JobStatus, check it's status.
Z
statusPath)re���r����)r*���Z
job_statusry���rt��r���r���r����updateJobStatus7��s����
z
UEPConnection.updateJobStatusc�������������C���s���d|�}|�j�j|�}|S�)zO
Given a job id representing a candlepin JobStatus, cancel it.
z/jobs/%s)re���r��)r*���r���ry���rt��r���r���r���� cancelJob@��s����
zUEPConnection.cancelJobc�������������C���s"���|rt�t|��}n
tt|��}|S�)N)r���r>���r
���)r*���Z url_paramrQ��Z
sane_stringr���r���r���r*��H��s����
zUEPConnection.sanitize)NN)N)N)
NNNNNNNNNNNN)NN)N)N)N)N)N)N)N)N)N) NFNNNNNr���r���)N)F)NN)T)T)N)NN)NN)F)Kr-���r.���r/���r2���r9���r
��r
��r
��r��r��r��r��r��r6��r;��r<��r?��r=��rH��rI��rJ��rK��rB��rL��rM��rN��rO��rP��rT��rU��rW��rX��rY��rZ��r[��r\��r^��r_��ra��rb��rc��rd��rf��rj��rk��rl��rn��ro��rp��rq��ru��rv��rw��rx��ry��r{��r|��r}��r~��r��r���r���r���r
��r���r���r���r���r���r���r���r���r���r*��r~���r���r���)rs���r���r��
��s����
3
"
���
7
�
'
r��)N)r
���)RZ
__future__r���r���r���r����r0���r���r"���Zdateutil.parserr ���r����Zloggingra���rl���r����r����r����r����Ztypingr���Zpathlibr���Z
email.utilsr���Z
rhsm.httpsr ���r
���Zsix.moves.urllib.requestr
���Zsix.moves.urllib.parser
���r
���r���Z
rhsm.configr���r���r����r���Z
subscription_manager.versionr�����versionZ
rpm_versionr����r����r^���r(��r���r���r(���ZHandlerr)����hZ getLoggerZ
addHandlerr-���r%���r���r1���r3���r4���r@���rA���rD����objectrG���rj���rk���rv���r����r����r����r����r����r����r����r����r����r����r����r����r]���r��r���r���r���r����<module>���s~���
�
���l