Merge pull request #197 from MichaelWasher/merge_refactor_1

Refactor Chewie for Better SoC

Author: gizmoguy

.pylintrc

@@ -1,5 +1,9 @@
 [MASTER]
 jobs=4
 
+[MESSAGES CONTROL]
+disable=no-absolute-import
+
+
 [TYPECHECK]
 generated-members=socket.*

chewie/chewie.py

@@ -0,0 +1,133 @@
+"""This module is used to represent a single 802.1x Port"""
+from chewie.utils import get_logger, EapQueueMessage, get_random_id
+from chewie.mac_address import MacAddress
+from chewie.event import EventPortStatusChange
+from chewie.message_parser import IdentityMessage
+from chewie.eap import Eap
+
+
+class ManagedPort:
+    """This class is used to represent a single 802.1x Port"""
+    DEFAULT_PORT_UP_IDENTITY_REQUEST_WAIT_PERIOD = 20
+    DEFAULT_PREEMPTIVE_IDENTITY_REQUEST_INTERVAL = 60
+    PAE_GROUP_ADDRESS = MacAddress.from_string("01:80:C2:00:00:03")
+
+    def __init__(self, port_id, log_prefix, timer_scheduler, eap_output_messages,
+                 radius_output_messages):
+        self.port_id = port_id
+        self.logger = get_logger(log_prefix)
+        self.supplicant_output_messages = eap_output_messages
+        self.radius_output_messages = radius_output_messages
+
+        self.state_machines = {}  # mac : state_machine
+        self.current_preemtive_eapol_id = None
+        self.port_status = False  # port_id: status (true=up, false=down)
+        self.identity_job = None  # timerJob
+        self.session_job = None   # timerJob
+        self.timer_scheduler = timer_scheduler
+
+    @property
+    def status(self):
+        """
+        Returns the current status of the port.
+            True is up
+            False is down
+        """
+        return self.port_status
+
+    @status.setter
+    def status(self, value):
+        """
+        Send status of a port at port_id
+        Args:
+            port_id ():
+            status ():
+        """
+        self.port_status = value
+
+        # Trigger Subscribers
+        for _, state_machine in self.state_machines.items():
+            event = EventPortStatusChange(value)
+            state_machine.event(event)
+
+        if not value:
+            self.state_machines.clear()
+
+    @property
+    def clients(self):
+        """Returns a list of all managed clients that are attached to this port"""
+        return [(self.port_id, mac) for mac in self.state_machines.items()]
+
+    def stop_identity_requests(self):
+        """Stop sending Preemptive Identitity Requests"""
+        if self.identity_job:
+            self.identity_job.cancel()
+
+        self.current_preemtive_eapol_id = None
+
+    def start_identity_requests(self):
+        """Start Sending Preemptive Identity Requests"""
+        self.identity_job = self.timer_scheduler.call_later(
+            self.DEFAULT_PORT_UP_IDENTITY_REQUEST_WAIT_PERIOD,
+            self.send_preemptive_identity_request)
+
+    def send_preemptive_identity_request(self):
+        """
+        If there is no active (in progress, or in state success(2)) supplicant send out the
+        preemptive identity request message.
+        """
+        if not self.port_status:
+            self.logger.debug(
+                'cant send output on port %s is down', self.port_id)
+            return
+
+        self.logger.debug("Sending Identity Request on port %s", self.port_id)
+        # schedule next request.
+        self.identity_job = self.timer_scheduler.call_later(
+            self.DEFAULT_PREEMPTIVE_IDENTITY_REQUEST_INTERVAL,
+            self.send_preemptive_identity_request)
+
+        self._send_identity_request()
+
+    def _send_identity_request(self):
+        """
+        Message (EAP Identity Request) that notifies supplicant that port is using 802.1X
+        Args:
+            port_id (str):
+
+        """
+        _id = get_random_id()
+        self.current_preemtive_eapol_id = _id
+        data = IdentityMessage(self.PAE_GROUP_ADDRESS, _id, Eap.REQUEST, "")
+        self.supplicant_output_messages.put_nowait(
+            EapQueueMessage(data, self.PAE_GROUP_ADDRESS, MacAddress.from_string(self.port_id)))
+        return _id
+
+    def start_port_session(self, period, src_mac):
+        """Start a port session"""
+        self.session_job = self.timer_scheduler.call_later(
+            period,
+            self._reauth_port, src_mac)
+
+    def _reauth_port(self, src_mac):
+        """
+        Send an Identity Request to src_mac, on port_id.
+        prompting the supplicant to re authenticate.
+        Args:
+            src_mac (MacAddress):
+            port_id (str):
+        """
+        state_machine = self.state_machines.get(str(src_mac), None)
+
+        if state_machine and state_machine.is_success():
+            self.logger.info(
+                'reauthenticating src_mac: %s on port: %s', src_mac, self.port_id)
+            self.start_identity_requests()
+
+        elif state_machine is None:
+            self.logger.debug('not reauthing. state machine on port: %s, mac: %s is none',
+                              self.port_id,
+                              src_mac)
+        else:
+            self.logger.debug("not reauthing, authentication is not in success(2) (state: %s)'",
+                              state_machine.state)

chewie/managed_port.py

@@ -33,7 +33,7 @@ def __init__(self, radius_secret, server_id, logger):
         self.packet_id_to_request_authenticator = {}
 
     def process_outbound(self, radius_output_bits):
-        """Placeholder method extracted from Chewie.send_radius_messages()"""
+        """Placeholder method extracted from Chewie._send_radius_messages()"""
         radius_payload = radius_output_bits.message
         src_mac = radius_output_bits.src_mac
         username = radius_output_bits.identity
@@ -71,7 +71,7 @@ def build_event_radius_message_received(self, radius):
         return EventRadiusMessageReceived(radius, state, radius.attributes.to_dict())
 
     def process_outbound_mab_request(self, radius_output_bits):
-        """Placeholder method extracted from Chewie.send_radius_messages()"""
+        """Placeholder method extracted from Chewie._send_radius_messages()"""
         src_mac = radius_output_bits.src_mac
         port_id = radius_output_bits.port_mac
         self.logger.info("Sending MAB to RADIUS: %s", src_mac)

chewie/radius_lifecycle.py

@@ -1,6 +1,7 @@
 """Utility Functions"""
 import logging
 from collections import namedtuple  # pytype: disable=pyi-error
+import random
 
 
 def get_logger(logname):
@@ -20,6 +21,10 @@ def wrapped(self, *args, **kwargs):
     return wrapped
 
 
+def get_random_id():  # pylint: disable=missing-docstring
+    return random.randint(0, 200)
+
+
 class MessageParseError(Exception):
     """Error for when parsing cannot be successfully completed."""
     pass

chewie/utils.py

@@ -14,6 +14,7 @@
 from chewie.state_machines.mab_state_machine import MacAuthenticationBypassStateMachine
 from eventlet.queue import Queue
 
+from chewie.managed_port import ManagedPort
 from helpers import FakeTimerScheduler
 
 FROM_SUPPLICANT = Queue()
@@ -30,7 +31,7 @@
 def patch_things(func):
     """decorator to mock patch socket operations and random number generators"""
 
-    @patch('chewie.chewie.get_random_id', get_random_id_helper)
+    @patch('chewie.managed_port.get_random_id', get_random_id_helper)
     @patch('chewie.chewie.EapSocket', FakeEapSocket)
     @patch('chewie.chewie.RadiusSocket', FakeRadiusSocket)
     @patch('chewie.chewie.MabSocket', FakeMabSocket)
@@ -296,7 +297,6 @@ def test_get_state_machine(self):
         state_machine = self.chewie.get_state_machine('12:34:56:78:9a:bc',
                                                       # pylint: disable=invalid-name
                                                       '00:00:00:00:00:01')
-
         self.assertEqual(len(self.chewie.state_machines), 1)
 
         self.assertIs(state_machine, self.chewie.get_state_machine('12:34:56:78:9a:bc',
@@ -314,6 +314,7 @@ def test_get_state_machine(self):
         # port 2 has 1 mac
         self.assertEqual(len(self.chewie.state_machines['00:00:00:00:00:02']), 1)
 
+    # TODO Stop Test from touching internal get_state_machine_from_radius_packet
     def test_get_state_machine_by_packet_id(self):
         """Tests Chewie.get_state_machine_by_packet_id()"""
         self.chewie.radius_lifecycle.packet_id_to_mac[56] = {'src_mac': '12:34:56:78:9a:bc',
@@ -322,10 +323,10 @@ def test_get_state_machine_by_packet_id(self):
                                                       # pylint: disable=invalid-name
                                                       '00:00:00:00:00:01')
 
-        self.assertIs(self.chewie.get_state_machine_from_radius_packet_id(56),
+        self.assertIs(self.chewie._get_state_machine_from_radius_packet_id(56),
                       state_machine)
         with self.assertRaises(KeyError):
-            self.chewie.get_state_machine_from_radius_packet_id(20)
+            self.chewie._get_state_machine_from_radius_packet_id(20)
 
     @patch_things
     @setup_generators(sup_replies_success, radius_replies_success)
@@ -343,9 +344,6 @@ def test_success_dot1x(self):
                                           '00:00:00:00:00:01').state,
             FullEAPStateMachine.SUCCESS2)
 
-
-
-
     @patch_things
     @setup_generators(sup_replies_success, radius_replies_success)
     def test_chewie_identity_response_dot1x(self):
@@ -403,7 +401,7 @@ def test_port_status_changes(self):
         # This will keep adding jobs forever.
         self.assertEqual(len(self.fake_scheduler.jobs), 1)
         self.assertEqual(self.fake_scheduler.jobs[0].function.__name__,
-                         Chewie.send_preemptive_identity_request_if_no_active_on_port.__name__)
+                         ManagedPort.send_preemptive_identity_request.__name__)
 
 
     @patch_things
@@ -545,3 +543,16 @@ def test_mab_failure_auth(self):
             self.chewie.get_state_machine('02:42:ac:17:00:6f',
                                           '00:00:00:00:00:01').state,
             MacAuthenticationBypassStateMachine.AAA_FAILURE)
+
+    @patch_things
+    @setup_generators(sup_replies_success, radius_replies_success)
+    def test_smoke_test_clients(self):
+        """Test success api"""
+        FROM_SUPPLICANT.put_nowait(bytes.fromhex("0000000000010242ac17006f888e01010000"))
+
+        pool = eventlet.GreenPool()
+        pool.spawn(self.chewie.run)
+
+        eventlet.sleep(1)
+        self.assertIsNotNone(self.chewie.clients)
+        self.assertEqual(len(self.chewie.clients), 1)

test/unit/test_chewie.py

@@ -8,6 +8,7 @@
 from chewie.event import EventMessageReceived
 from chewie.utils import EapQueueMessage
 
+# pylint: disable=protected-access
 
 def return_if(expected, return_value):
     """allows us to do expect-this-return-that style mocking"""
@@ -21,8 +22,10 @@ def inner_function(*args):
     return inner_function
 
 
-FakeLogger = namedtuple('FakeLogger', ('name',))  # pylint: disable=invalid-name
-FakeEapMessage = namedtuple('FakeEapMessage', ('src_mac',))  # pylint: disable=invalid-name
+FakeLogger = namedtuple('FakeLogger', ('name',)
+                        )  # pylint: disable=invalid-name
+FakeEapMessage = namedtuple(
+    'FakeEapMessage', ('src_mac',))  # pylint: disable=invalid-name
 
 
 class ChewieWithMocksTestCase(unittest.TestCase):
@@ -41,14 +44,16 @@ def setUp(self):
     def test_eap_packet_in_goes_to_new_state_machine(self, state_machine,
                                                      ethernet_parse):  # pylint: disable=invalid-name
         """test EAP packet creates a new state machine and is sent on"""
-        self.chewie.eap_socket = Mock(**{'receive.return_value': 'message from socket'})
+        self.chewie._eap_socket = Mock(
+            **{'receive.return_value': 'message from socket'})
         ethernet_parse.side_effect = return_if(
             ('message from socket',),
             (FakeEapMessage('fake src mac'), 'fake dst mac')
         )
-        self.chewie.receive_eap_messages()
+        self.chewie._receive_eap_messages()
         state_machine().event.assert_called_with(
-            EventMessageReceived(FakeEapMessage('fake src mac'), 'fake dst mac')
+            EventMessageReceived(FakeEapMessage(
+                'fake src mac'), 'fake dst mac')
         )
 
     @patch("chewie.chewie.Chewie.running", Mock(side_effect=[True, False]))
@@ -57,34 +62,35 @@ def test_eap_packet_in_goes_to_new_state_machine(self, state_machine,
     def test_eap_output_packet_gets_packed_and_sent(self,
                                                     ethernet_pack):  # pylint: disable=invalid-name
         """test EAP packet creates a new state machine and is sent on"""
-        self.chewie.eap_socket = Mock()
+        self.chewie._eap_socket = Mock()
         ethernet_pack.return_value = "packed ethernet"
         self.chewie.eap_output_messages.put_nowait(
             EapQueueMessage("output eap message", "src mac", "port mac"))
-        self.chewie.send_eap_messages()
-        self.chewie.eap_socket.send.assert_called_with("packed ethernet")
+        self.chewie._send_eap_messages()
+        self.chewie._eap_socket.send.assert_called_with("packed ethernet")
 
     @patch("chewie.chewie.Chewie.running", Mock(side_effect=[True, False]))
     @patch("chewie.chewie.MessageParser.radius_parse")
-    @patch("chewie.chewie.Chewie.get_state_machine_from_radius_packet_id")
+    @patch("chewie.chewie.Chewie._get_state_machine_from_radius_packet_id")
     @patch("chewie.chewie.sleep", Mock())
     def test_radius_packet_in_goes_to_state_machine(self, state_machine,
                                                     radius_parse):  # pylint: disable=invalid-name
         """test radius packet goes to a state machine"""
         # note that the state machine has to exist already - if not then we blow up
         fake_radius = namedtuple('Radius', ('packet_id',))('fake packet id')
-        self.chewie.radius_socket = Mock(**{'receive.return_value': 'message from socket'})
+        self.chewie._radius_socket = Mock(
+            **{'receive.return_value': 'message from socket'})
         self.chewie.radius_lifecycle = Mock(**{'build_event_radius_message_received.side_effect':
-            return_if(
-                (fake_radius,),
-                'fake event'
-            )})
+                                               return_if(
+                                                   (fake_radius,),
+                                                   'fake event'
+                                               )})
         radius_parse.side_effect = return_if(
             ('message from socket', 'SECRET', self.chewie.radius_lifecycle),
             fake_radius
         )
         # not checking args as we can't mock the callback
-        self.chewie.receive_radius_messages()
+        self.chewie._receive_radius_messages()
         state_machine().event.assert_called_with(
             'fake event'
         )
@@ -93,13 +99,14 @@ def test_radius_packet_in_goes_to_state_machine(self, state_machine,
     @patch("chewie.chewie.sleep", Mock())
     def test_radius_output_packet_gets_packed_and_sent(self):  # pylint: disable=invalid-name
         """test EAP packet creates a new state machine and is sent on"""
-        self.chewie.radius_socket = Mock()
+        self.chewie._radius_socket = Mock()
 
-        self.chewie.radius_output_messages.put_nowait('fake radius output bits')
+        self.chewie.radius_output_messages.put_nowait(
+            'fake radius output bits')
         self.chewie.radius_lifecycle = Mock(**{'process_outbound.side_effect':
-            return_if(
-                ('fake radius output bits',),
-                'packed radius'
-            )})
-        self.chewie.send_radius_messages()
-        self.chewie.radius_socket.send.assert_called_with("packed radius")
+                                               return_if(
+                                                   ('fake radius output bits',),
+                                                   'packed radius'
+                                               )})
+        self.chewie._send_radius_messages()
+        self.chewie._radius_socket.send.assert_called_with("packed radius")