Merge pull request #120 from Bairdo/filteri2

add interface for filterid

chewie/chewie.py

@@ -110,14 +110,14 @@ def start_threads_and_wait(self):
 
         self.pool.waitall()
 
-    def auth_success(self, src_mac, port_id, period, vlan_name):
+    def auth_success(self, src_mac, port_id, period, vlan_name, filter_id):
         """authentication shim between faucet and chewie
         Args:
             src_mac (MacAddress): the mac of the successful supplicant
             port_id (MacAddress): the 'mac' identifier of what switch port the success is on
             period (int): time (seconds) until the session times out."""
         if self.auth_handler:
-            self.auth_handler(src_mac, port_id, vlan_name)
+            self.auth_handler(src_mac, port_id, vlan_name, filter_id)
 
         self.port_to_identity_job[port_id] = self.timer_scheduler.call_later(
             period,

chewie/eap_state_machine.py

@@ -8,7 +8,7 @@
     EventPortStatusChange, EventSessionTimeout
 from chewie.message_parser import SuccessMessage, FailureMessage, EapolStartMessage, \
     IdentityMessage, EapolLogoffMessage, EapMessage
-from chewie.radius_attributes import SessionTimeout, TunnelPrivateGroupID
+from chewie.radius_attributes import FilterId, SessionTimeout, TunnelPrivateGroupID
 from chewie.utils import get_logger, log_method, RadiusQueueMessage, EapQueueMessage
 
 
@@ -116,6 +116,7 @@ class FullEAPStateMachine:
 
     session_timeout = DEFAULT_SESSION_TIMEOUT
     radius_tunnel_private_group_id = None
+    filter_id = None
 
     machine = None
 
@@ -787,7 +788,7 @@ def handle_success(self):
         self.logger.info('Yay authentication successful %s %s',
                          self.src_mac, self.aaa_identity.identity)
         self.auth_handler(self.src_mac, str(self.port_id_mac),
-                          self.session_timeout, self.radius_tunnel_private_group_id)
+                          self.session_timeout, self.radius_tunnel_private_group_id, self.filter_id)
         self.aaa_eap_resp_data = None
 
         # new authentication so cancel the old session timeout event
@@ -885,12 +886,15 @@ def set_vars_from_radius(self, attributes):
         """
         self.session_timeout = self.DEFAULT_SESSION_TIMEOUT
         self.radius_tunnel_private_group_id = None
+        self.filter_id = None
 
         if attributes:
             self.session_timeout = attributes.get(SessionTimeout.DESCRIPTION,
                                                   self.DEFAULT_SESSION_TIMEOUT)
             self.radius_tunnel_private_group_id = attributes.get(TunnelPrivateGroupID.DESCRIPTION,
                                                                  None)
+            self.filter_id = attributes.get(FilterId.DESCRIPTION,
+                                                                 None)
             if self.radius_tunnel_private_group_id:
                 self.radius_tunnel_private_group_id = self.radius_tunnel_private_group_id.decode('utf-8')
         # TODO could also set filter-id/vlans/acls here.

test/test_full_state_machine.py

@@ -82,7 +82,7 @@ def tearDown(self):
             self.assertNotIn('aaaEapResp is true. but data is false. This should never happen',
                              log.read())
 
-    def auth_handler(self, client_mac, port_id_mac, timer, vlan_name):  # pylint: disable=unused-argument
+    def auth_handler(self, client_mac, port_id_mac, timer, vlan_name, filter_id):  # pylint: disable=unused-argument
         self.auth_counter += 1
         print('Successful auth from MAC %s' % str(client_mac))