add python2/3 compatibility (SOFTWARE-4875)

src/x509_scitokens_issuer/x509_scitokens_issuer.py

@@ -1,18 +1,22 @@
 from __future__ import print_function
+from __future__ import absolute_import
 import os
 import re
 import glob
 import json
 import time
-import urllib
-import urlparse
+try:
+    from urllib.parse import unquote_plus, SplitResult, urlunsplit
+except ImportError:
+    from urllib import unquote_plus
+    from urlparse import SplitResult, urlunsplit
 import threading
 import traceback
 import platform
 import requests
 
 import scitokens
-import utils as x509_utils
+from . import utils as x509_utils
 
 import cryptography.hazmat.primitives.asymmetric.ec as ec
 
@@ -97,7 +101,7 @@ def matches(self, grst_fqan):
         if not grst_fqan.startswith("fqan:"):
             return False
 
-        grst_fqan = urllib.unquote_plus(grst_fqan[5:])
+        grst_fqan = unquote_plus(grst_fqan[5:])
         grst_group, grst_role = self.parse_fqan(grst_fqan)
 
         if not grst_group.startswith(self.group):
@@ -119,7 +123,7 @@ def matches(self, grst_dn):
         if not grst_dn.startswith("dn:"):
             return False
 
-        grst_dn = urllib.unquote_plus(grst_dn[3:])
+        grst_dn = unquote_plus(grst_dn[3:])
         return grst_dn == self.dn
 
 
@@ -139,9 +143,9 @@ def regenerate_mappings():
         if scope:
             scopes.append(scope)
         if match.startswith("dn:"):
-            rule_list.append((DNMatcher(urllib.unquote_plus(match[3:])), scopes))
+            rule_list.append((DNMatcher(unquote_plus(match[3:])), scopes))
         elif match.startswith("fqan:"):
-            rule_list.append((FQANMatcher(urllib.unquote_plus(match[5:])), scopes))
+            rule_list.append((FQANMatcher(unquote_plus(match[5:])), scopes))
 
     users_fname = app.config.get("DN_MAPPING")
     if users_fname:
@@ -194,11 +198,11 @@ def updater_target(repeat=True):
 def generate_formats(cred):
     info = {}
     if cred.startswith('username:'):
-        info['username'] = urllib.unquote_plus(cred[9:])
+        info['username'] = unquote_plus(cred[9:])
         return info
     if cred.startswith("dn:"):
-        dn = urllib.unquote_plus(cred[3:])
-        username = app.users_mapping.get(urllib.unquote_plus(cred[3:]))
+        dn = unquote_plus(cred[3:])
+        username = app.users_mapping.get(unquote_plus(cred[3:]))
         if username:
             info["username"] = username
     return info
@@ -297,8 +301,7 @@ def token_issuer():
                 entry_num += 1
             else:
                 entry_num = int(key[15:]) # 15 = len("GRST_CRED_AURI_")
-    keys = creds.keys()
-    keys.sort()
+    keys = sorted(creds.keys())
     entries = []
     for key in keys:
         if not dn_cred and creds[key].startswith("dn:"):
@@ -307,7 +310,7 @@ def token_issuer():
 
     if not dn_cred:
         return return_oauth_error_response("No client certificate or proxy used for TLS authentication.")
-    dn_cred = urllib.unquote_plus(dn_cred)
+    dn_cred = unquote_plus(dn_cred)
 
     scopes, user = generate_scopes_and_user(entries)
     if app.config.get('VERBOSE', False):
@@ -350,8 +353,8 @@ def token_issuer():
     if 'ISSUER' in app.config:
         issuer = app.config['ISSUER']
     else:
-        split = urlparse.SplitResult(scheme="https", netloc=request.environ['HTTP_HOST'], path=request.environ['REQUEST_URI'], query="", fragment="")
-        issuer = urlparse.urlunsplit(split)
+        split = SplitResult(scheme="https", netloc=request.environ['HTTP_HOST'], path=request.environ['REQUEST_URI'], query="", fragment="")
+        issuer = urlunsplit(split)
 
     try:
         serialized_token = token.serialize(issuer = issuer, lifetime = app.config['LIFETIME'])

tools/cms-scitoken-init

@@ -7,7 +7,10 @@ Given an X509 proxy, act as an OAuth client and generate a corresponding SciToke
 import os
 import sys
 import json
-import urlparse
+try:
+    from urllib.parse import urljoin
+except ImportError:
+    from urllib import urljoin
 
 import requests
 
@@ -46,14 +49,14 @@ def get_token_endpoint(issuer):
     """
     if not issuer.endswith("/"):
         issuer += "/"
-    config_url = urlparse.urljoin(issuer, ".well-known/openid-configuration")
+    config_url = urljoin(issuer, ".well-known/openid-configuration")
     response = requests.get(config_url)
     endpoint_info = json.loads(response.text)
     if response.status_code != requests.codes.ok:
-        print >> sys.stderr, "Failed to access the auto-discovery URL (%s) for issuer %s (status=%d): %s" % (config_url, issuer, response.status_code, response.text[:2048])
+        print("Failed to access the auto-discovery URL (%s) for issuer %s (status=%d): %s" % (config_url, issuer, response.status_code, response.text[:2048]), file=sys.stderr)
         sys.exit(1)
     elif 'token_endpoint' not in endpoint_info:
-        print >> sys.stderr, "Token endpoint not available for issuer %s" % issuer
+        print("Token endpoint not available for issuer %s" % issuer, file=sys.stderr)
         sys.exit(1)
     return endpoint_info['token_endpoint']
 
@@ -63,23 +66,23 @@ def generate_token(endpoint):
     Call out to the OAuth2 token issuer, using the client credentials
     grant type, and receive a SciToken.
     """
-    print "Querying %s for new token." % endpoint
+    print("Querying %s for new token." % endpoint)
     with configure_authenticated_session() as session:
         response = session.post(endpoint, headers={"Accept": "application/json"},
                                 data={"grant_type": "client_credentials"})
 
     if response.status_code == requests.codes.ok:
-        print "Successfully generated a new token:"
+        print("Successfully generated a new token:")
         return response.text
     else:
-        print >> sys.stderr, "Issuer failed request (status %d): %s" % (response.status_code, response.text[:2048])
+        print("Issuer failed request (status %d): %s" % (response.status_code, response.text[:2048]), file=sys.stderr)
         sys.exit(1)
 
 
 def main():
     endpoint = get_token_endpoint(DEFAULT_ISSUER)
     token = generate_token(endpoint)
-    print token
+    print(token)
 
 
 if __name__ == '__main__':

tools/cms-update-mapping

@@ -6,7 +6,6 @@ import json
 import pprint
 import requests
 import tempfile
-import ConfigParser
 
 
 def configure_session():
@@ -52,21 +51,21 @@ def load_sitedb():
     with configure_session() as session:
         response = session.get("https://cmsweb.cern.ch/sitedb/data/prod/people", headers={"Accept": "application/json"})
     if response.status_code == requests.codes.ok:
-        print "Successfully queried SiteDB; response length %d" % len(response.text)
+        print("Successfully queried SiteDB; response length %d" % len(response.text))
     else:
-        print >> sys.stderr, "SiteDB request failed: %s" % response.text[:2048]
+        print("SiteDB request failed: %s" % response.text[:2048], file=sys.stderr)
         sys.exit(1)
     response_json = json.loads(response.text)
     if ('desc' not in response_json) or ('result' not in response_json) or ('columns' not in response_json['desc']):
-        print >> sys.stderr, "SiteDB returned an invalid response."
+        print("SiteDB returned an invalid response.", file=sys.stderr)
         sys.exit(1)
     columns = response_json['desc']['columns']
     result = response_json['result']
     try:
        username_idx = columns.index("username")
        dn_idx = columns.index("dn")
     except ValueError:
-       print >> sys.stderr, "Columns missing mapping data."
+       print("Columns missing mapping data.", file=sys.stderr)
        sys.exit(1)
     return dict([(entry[dn_idx], entry[username_idx]) for entry in result])
 
@@ -80,7 +79,7 @@ def main():
         dpath, fname = os.path.split(output_fname)
         with tempfile.NamedTemporaryFile(prefix=fname, dir=dpath, delete=False) as tfile:
             json.dump(dn_to_username, tfile)
-        os.chmod(tfile.name, 0644)
+        os.chmod(tfile.name, 0o644)
         os.rename(tfile.name, output_fname)
     else:
         pprint.pprint(dn_to_username)

tools/macaroon-init

@@ -9,7 +9,6 @@ from __future__ import print_function
 import os
 import sys
 import json
-import urlparse
 import argparse
 
 import requests

tools/x509-scitoken-init

@@ -7,7 +7,10 @@ Given an X509 proxy, act as an OAuth client and generate a corresponding SciToke
 import os
 import sys
 import json
-import urlparse
+try:
+    from urllib.parse import urljoin
+except ImportError:
+    from urlparse import urljoin
 import optparse
 import logging
 
@@ -46,7 +49,7 @@ def get_token_endpoint(issuer):
     """
     if not issuer.endswith("/"):
         issuer += "/"
-    config_url = urlparse.urljoin(issuer, ".well-known/openid-configuration")
+    config_url = urljoin(issuer, ".well-known/openid-configuration")
     response = requests.get(config_url)
     if response.status_code != requests.codes.ok:
         logging.error("Failed to access the auto-discovery URL (%s) for issuer %s (status=%d): %s" % (config_url, issuer, response.status_code, response.text[:512]))
@@ -57,7 +60,7 @@ def get_token_endpoint(issuer):
         logging.exception("Failure when loading JSON response from issuer auto-discovery: %s" % response.text[:2048])
         sys.exit(1)
     if 'token_endpoint' not in endpoint_info:
-        print >> sys.stderr, "Token endpoint not available for issuer %s" % issuer
+        print("Token endpoint not available for issuer %s" % issuer, file=sys.stderr)
         sys.exit(1)
     return endpoint_info['token_endpoint']
 
@@ -88,13 +91,13 @@ def main():
         logging.basicConfig(level=logging.DEBUG)
 
     if len(args) != 1:
-        print "Must provide a token issuer to query (example: https://scitokens.org/dteam/)"
+        print("Must provide a token issuer to query (example: https://scitokens.org/dteam/)")
         sys.exit(1)
 
     issuer = args[0]
     endpoint = get_token_endpoint(issuer)
     token = generate_token(endpoint)
-    print token
+    print(token)
 
 
 if __name__ == '__main__':