Skip to content

U
ulakbus
Commit f0c48984 authored by Ali Riza Keles's avatar Ali Riza Keles
Browse files
Options

nvi service class haline geldi. KisiSorgulaTCKimlikNo,... 

nvi service class haline geldi. KisiSorgulaTCKimlikNo, CuzdanSorgulaTCKimlikNo, YabanciKisiSorgula, AdresSorgula, AileBireySorgula servisleri eklendi.
parent c86a8831
Hide whitespace changes
Inline Side-by-side
Showing with 242 additions and 67 deletions
ulakbus/services/common/nvi.py
View file @ f0c48984
......@@ -9,41 +9,198 @@
__author__ = 'Ali Riza Keles'
from zato.server.service import Service
import urllib2
import json
import uuid
import httplib
#
# suds example of nvi service
# from suds.wsse import *
# from suds.client import Client
# security = Security()
# wsdl = 'https://kpsbasvuru.nvi.gov.tr/Services/WsdlNoPolicy.ashx?Service=KisiSorgulaTCKimlikNoServis'
# client = Client(wsdl)
# token = UsernameToken('****', '****')
# security.tokens.append(token)
# client.set_options(wsse=security)
# result = client.service.ListeleCoklu(12345678900)
#
class NVIService(Service):
def __init__(self):
super(NVIService, self).__init__()
self.service = {}
keys = ['nvi_sso_encrypted_data', 'nvi_sso_key_identifier_path',
'nvi_sso_digest_value', 'nvi_sso_signature',
'nvi_sso_created', 'nvi_sso_expire']
self.sso_data = {}
for k in keys:
self.sso_data.update({k, self.kvdb.conn.get(k)})
if not all(self.sso_data.values()):
self.invoke_sso_service()
def invoke_sso_service(self):
pass
def request_xml(self):
request_xml = """
<?xml version="1.0"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://kps.nvi.gov.tr%s</a:Action>
<a:MessageID>urn:uuid:%s</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">https://kpsv2.nvi.gov.tr/Services/RoutingService.svc</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>%s</u:Created>
<u:Expires>%s</u:Expires>
</u:Timestamp>%s<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
<Reference URI="#_0">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>%s</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>%s</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">%s</o:KeyIdentifier>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>%s</s:Envelope>""" % (self.service['action'], str(uuid.uuid1()), self.sso_data['nvi_sso_created'],
self.sso_data['nvi_sso_expire'],
self.sso_data['nvi_sso_encrypted_data'],
self.sso_data['nvi_sso_digest_value'],
self.sso_data['nvi_sso_signature'],
self.sso_data['nvi_sso_key_identifier_path'],
self.service['body'])
return request_xml
def request(self):
request_xml = self.request_xml().replace(' ', '').replace('\n', '')
conn = httplib.HTTPConnection("services.konya.edu.tr", 3128)
headers = {"Content-Type": "application/soap+xml; charset=utf-8"}
conn.request("POST", "https://kpsv2.nvi.gov.tr/Services/RoutingService.svc",
request_xml, headers)
return conn.getresponse()
class KisiSorgulaTCKimlikNo(NVIService):
"""
NVI Kimlik Bilgileri Servisi
"""
def handle(self):
tckn = self.request.payload['tckn']
self.service = {
"action": "/2011/01/01/KisiSorgulaTCKimlikNoServis/ListeleCoklu",
"body": """
<env:Body xmlns:env="http://www.w3.org/2003/05/soap-envelope" xmlns:ns1="http://kps.nvi.gov.tr/2011/01/01">
<ns1:ListeleCoklu>
<ns1:kriterListesi>
<ns1:KisiSorgulaTCKimlikNoSorguKriteri>
<ns1:TCKimlikNo type="xsd:long">%s</ns1:TCKimlikNo>
</ns1:KisiSorgulaTCKimlikNoSorguKriteri>
</ns1:kriterListesi>
</ns1:ListeleCoklu>
</env:Body>""" % tckn
}
response = self.request()
self.response.payload = {"status": response.status, "result": json.dumps(response.read())}
class CuzdanSorgulaTCKimlikNo(NVIService):
"""
NVI Kimlik Bilgileri Servisi
"""
def handle(self):
tckn = self.request.payload['tckn']
self.service = {
"action": "/2014/09/01/CuzdanSorgulaTCKimlikNoServis/ListeleCoklu",
"body": """
<env:Body xmlns:env="http://www.w3.org/2003/05/soap-envelope" xmlns:ns1="http://kps.nvi.gov.tr/2014/09/01">
<ns1:ListeleCoklu>
<ns1:kriterListesi>
<ns1:CuzdanSorgulaTCKimlikNoSorguKriteri>
<ns1:CuzdanTur>Cuzdan</ns1:CuzdanTur>
<ns1:TCKimlikNo>%s</ns1:TCKimlikNo>
</ns1:CuzdanSorgulaTCKimlikNoSorguKriteri>
</ns1:kriterListesi>
</ns1:ListeleCoklu>
</env:Body>""" % tckn
}
response = self.request()
self.response.payload = {"status": response.status, "result": json.dumps(response.read())}
class YabanciKisiSorgula(NVIService):
"""
NVI Kimlik Bilgileri Servisi
"""
def handle(self):
tckn = self.request.payload['tckn']
self.service = {
"action": "/2013/06/01/YbKisiSorgulaYbKimlikNoServis/ListeleCoklu",
"body": """
<env:Body xmlns:env="http://www.w3.org/2003/05/soap-envelope" xmlns:ns2="http://kps.nvi.gov.tr/2013/06/01" xmlns:ns1="http://kps.nvi.gov.tr/2011/01/01">
<ns2:ListeleCoklu>
<ns2:kriterListesi>
<ns1:YbKisiSorgulaYbKimlikNoSorguKriteri>
<ns1:KimlikNo>%s</ns1:KimlikNo>
</ns1:YbKisiSorgulaYbKimlikNoSorguKriteri>
</ns2:kriterListesi>
</ns2:ListeleCoklu>
</env:Body>""" % tckn
}
response = self.request()
self.response.payload = {"status": response.status, "result": json.dumps(response.read())}
class KimlikBilgileriGetir(Service):
class AdresSorgula(NVIService):
"""
NVI Kimlik Bilgileri Servisi
"""
def handle(self):
tckn = self.request.payload['tckn']
conn = self.outgoing.soap['KisiSorgulaTCKimlikNoServisNoPolicy'].conn
self.service = {
"action": "/2015/07/01/KimlikNoSorgulaAdresServis/Sorgula",
"body": """<env:Body xmlns:env="http://www.w3.org/2003/05/soap-envelope" xmlns:ns2="http://kps.nvi.gov.tr/2015/07/01" xmlns:ns1="http://kps.nvi.gov.tr/2011/01/01">
<ns2:Sorgula>
<ns2:kriterListesi>
<ns1:KimlikNoileAdresSorguKriteri>
<ns1:KimlikNo>%s</ns1:KimlikNo>
</ns1:KimlikNoileAdresSorguKriteri>
</ns2:kriterListesi>
</ns2:Sorgula>
</env:Body>""" % tckn
}
response = self.request()
self.response.payload = {"status": response.status, "result": json.dumps(response.read())}
# connects with soap client to the HITAP
try:
with conn.client() as client:
result = client.service.ListeleCoklu(int(tckn)) # nvi requires tckn as integer
self.logger.info("NVI service fired!..")
class AileBireySorgula(NVIService):
"""
NVI Kimlik Bilgileri Servisi
"""
self.response.payload = {"status": "ok", "result": json.dumps(result)}
def handle(self):
tckn = self.request.payload['tckn']
self.service = {
"action": "/2011/01/01/AileListesiAraTCNoServis/Sorgula",
"body": """<env:Body xmlns:env="http://www.w3.org/2003/05/soap-envelope" xmlns:ns1="http://kps.nvi.gov.tr/2011/01/01">
<ns1:Sorgula>
<ns1:kriterListesi>
<ns1:AileListesiAraTCNoSorguKriteri>
<ns1:KimlikNo>%s</ns1:KimlikNo>
</ns1:AileListesiAraTCNoSorguKriteri>
</ns1:kriterListesi>
</ns1:Sorgula>
</env:Body>""" % tckn
}
response = self.request()
except AttributeError:
pass
except urllib2.URLError:
self.logger.info("No internet connection!")
self.response.payload = {"status": response.status, "result": json.dumps(response.read())}
ulakbus/services/common/nvi_sts.py
View file @ f0c48984
......@@ -17,6 +17,7 @@ import hashlib
import hmac
import datetime
import json
import uuid
DEBUG = False
if DEBUG:
......@@ -38,42 +39,41 @@ class STSGetToken(Service):
created = datetime.datetime.now().isoformat()
expire = (datetime.datetime.now() + datetime.timedelta(minutes=10)).isoformat()
username = os.environ["NVI_USER"]
username = os.environ["NVI_USER:"]
password = os.environ["NVI_PASS"]
sts_request = """
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</a:Action>
<a:MessageID>urn:uuid:68b5bc02-46e6-4771-b2f9-96876e0f2477</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">https://kimlikdogrulama.nvi.gov.tr/services/issuer.svc/IWSTrust13</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>%s</u:Created>
<u:Expires>%s</u:Expires>
</u:Timestamp>
<o:UsernameToken u:Id="uuid-a388cb10-46ab-48e5-9890-5103cc3dd20b-1">
<o:Username>%s</o:Username>
<o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">%s</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<trust:RequestSecurityToken xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<a:EndpointReference>
<a:Address>https://kpsv2.nvi.gov.tr/services/RoutingService.svc</a:Address>
</a:EndpointReference>
</wsp:AppliesTo>
<trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType>
</trust:RequestSecurityToken>
</s:Body>
</s:Envelope>""" % (str(created), str(expire), username, password)
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</a:Action>
<a:MessageID>urn:uuid:%s</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">https://kimlikdogrulama.nvi.gov.tr/services/issuer.svc/IWSTrust13</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>%s</u:Created>
<u:Expires>%s</u:Expires>
</u:Timestamp>
<o:UsernameToken u:Id="uuid-a388cb10-46ab-48e5-9890-5103cc3dd20b-1">
<o:Username>%s</o:Username>
<o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">%s</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<trust:RequestSecurityToken xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<a:EndpointReference>
<a:Address>https://kpsv2.nvi.gov.tr/services/RoutingService.svc</a:Address>
</a:EndpointReference>
</wsp:AppliesTo>
<trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType>
</trust:RequestSecurityToken>
</s:Body>
</s:Envelope>
""" % (str(uuid.uuid1()), str(created), str(expire), username, password)
conn = httplib.HTTPConnection("services.konya.edu.tr", 3128)
headers = {"Content-Type": "application/soap+xml; charset=utf-8"}
......@@ -81,20 +81,38 @@ class STSGetToken(Service):
response = conn.getresponse()
sts_response = response.read()
root = ET.fromstring(sts_response)
created = datetime.datetime.now().isoformat()
expire = (datetime.datetime.now() + datetime.timedelta(minutes=10)).isoformat()
encrypted = root.find(
'{http://www.w3.org/2003/05/soap-envelope}Body/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityTokenResponseCollection/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityTokenResponse/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestedSecurityToken/*')
encrypted_data = ET.tostring(encrypted)
key_identifier_path = root.find(
'{http://www.w3.org/2003/05/soap-envelope}Body/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityTokenResponseCollection/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityTokenResponse/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestedUnattachedReference/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}SecurityTokenReference/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}KeyIdentifier').text
binary_secret = root.find(
'{http://www.w3.org/2003/05/soap-envelope}Body/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityTokenResponseCollection/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityTokenResponse/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestedProofToken/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}BinarySecret')
'{http://www.w3.org/2003/05/soap-envelope}Body/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityTokenResponseCollection/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityTokenResponse/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestedProofToken/{http://docs.oasis-open.org/ws-sx/ws-trust/200512}BinarySecret').text
encrypted_data = ET.tostring(encrypted)
binary_secret = binary_secret.text
digest_value = base64.b64encode(hashlib.sha1(str(created) + str(expire)).digest())
signature = base64.b64encode(hmac.new(binary_secret, digest_value, hashlib.sha1).digest())
digest_value = base64.b64encode(hashlib.sha1(
'<u:Timestamp xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" u:Id="_0"><u:Created>' + created + '</u:Created><u:Expires>' + expire + '</u:Expires></u:Timestamp>').digest())
signature = base64.b64encode(hmac.new(base64.b64decode(binary_secret),
'<SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#"><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"></SignatureMethod><Reference URI="#_0"><Transforms><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>' + digest_value + '</DigestValue></Reference></SignedInfo>',
hashlib.sha1).digest())
result = {"nvi_sso_encrypted_data": encrypted_data,
"nvi_sso_digest_value": digest_value, "nvi_sso_signature": signature,
"nvi_sso_key_identifier_path": key_identifier_path, "nvi_sso_created": created,
"nvi_sso_expire": expire}
# save nvi sso data into redis for `3600` seconds
for k, v in result:
self.kvdb.conn.set(k, v)
self.kvdb.conn.expire(k, 600)
result = {"encrypted_data": encrypted_data, "binary_secret": binary_secret, "digest_value": digest_value,
"signature": signature}
self.logger.info("NVI SSO invoked: %s" % json.dumps(result))
self.response.payload = {"status": "ok", "result": json.dumps(result)}
# self.response.payload = {"status": "ok", "result": json.dumps(result)}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment