[Zope3-checkins] SVN: Zope3/trunk/src/zope/app/authentication/
Wrote FTP credentials extraction plugin. Also fixed bug in
the session
Michael Kerrin
michael.kerrin at openapp.biz
Tue Apr 19 14:52:52 EDT 2005
Log message for revision 30047:
Wrote FTP credentials extraction plugin. Also fixed bug in the session
credentials extraction and HTTP basic-auth credentials extraction plugins
which blindly assumed that all requests are HTTP based.
Changed:
U Zope3/trunk/src/zope/app/authentication/configure.zcml
A Zope3/trunk/src/zope/app/authentication/ftpplugins.py
A Zope3/trunk/src/zope/app/authentication/ftpplugins.zcml
U Zope3/trunk/src/zope/app/authentication/httpplugins.py
U Zope3/trunk/src/zope/app/authentication/principalfolder.py
U Zope3/trunk/src/zope/app/authentication/session.py
U Zope3/trunk/src/zope/app/authentication/tests.py
-=-
Modified: Zope3/trunk/src/zope/app/authentication/configure.zcml
===================================================================
--- Zope3/trunk/src/zope/app/authentication/configure.zcml 2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/configure.zcml 2005-04-19 18:52:51 UTC (rev 30047)
@@ -44,6 +44,7 @@
<include file="httpplugins.zcml" />
<include file="principalfolder.zcml" />
<include file="groupfolder.zcml" />
+ <include file="ftpplugins.zcml" />
<include package=".browser" />
Added: Zope3/trunk/src/zope/app/authentication/ftpplugins.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/ftpplugins.py 2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/ftpplugins.py 2005-04-19 18:52:51 UTC (rev 30047)
@@ -0,0 +1,64 @@
+##############################################################################
+#
+# Copyright (c) 2004 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""PAS plugins related to FTP
+"""
+
+from zope.interface import implements
+from zope.publisher.interfaces.ftp import IFTPRequest
+
+from zope.app.authentication import interfaces
+
+class FTPCredentialsPlugin(object):
+
+ implements(interfaces.ICredentialsPlugin)
+
+ def extractCredentials(self, request):
+ """Extracts the FTP credentials from a request.
+
+ First we need to create a FTP request that contains some credentials.
+ Note the path is a required in the envirnoment.
+
+ >>> from zope.publisher.ftp import FTPRequest
+ >>> from StringIO import StringIO
+ >>> request = FTPRequest(StringIO(''), StringIO(),
+ ... {'credentials': ('bob', '123'),
+ ... 'path': '/a/b/c'})
+
+ Now we create the plugin and get the credentials.
+
+ >>> plugin = FTPCredentialsPlugin()
+ >>> plugin.extractCredentials(request)
+ {'login': u'bob', 'password': u'123'}
+
+ This only works for FTPRequests.
+
+ >>> from zope.publisher.base import TestRequest
+ >>> print plugin.extractCredentials(TestRequest('/'))
+ None
+
+ """
+ if not IFTPRequest.providedBy(request):
+ return None
+
+ if request._auth:
+ login, password = request._auth
+ return {'login': login.decode('utf-8'),
+ 'password': password.decode('utf-8')}
+ return None
+
+ def challenge(self, request):
+ return False
+
+ def logout(self, request):
+ return False
Property changes on: Zope3/trunk/src/zope/app/authentication/ftpplugins.py
___________________________________________________________________
Name: svn:eol-style
+ native
Added: Zope3/trunk/src/zope/app/authentication/ftpplugins.zcml
===================================================================
--- Zope3/trunk/src/zope/app/authentication/ftpplugins.zcml 2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/ftpplugins.zcml 2005-04-19 18:52:51 UTC (rev 30047)
@@ -0,0 +1,11 @@
+<configure
+ xmlns="http://namespaces.zope.org/zope"
+ i18n_domain="zope">
+
+ <utility
+ name="FTP Credentials"
+ provides=".interfaces.ICredentialsPlugin"
+ factory=".ftpplugins.FTPCredentialsPlugin"
+ />
+
+</configure>
Property changes on: Zope3/trunk/src/zope/app/authentication/ftpplugins.zcml
___________________________________________________________________
Name: svn:eol-style
+ native
Modified: Zope3/trunk/src/zope/app/authentication/httpplugins.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/httpplugins.py 2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/httpplugins.py 2005-04-19 18:52:51 UTC (rev 30047)
@@ -73,7 +73,16 @@
>>> print plugin.extractCredentials(TestRequest())
None
+ This plugin only works with HTTP requests.
+
+ >>> from zope.publisher.base import TestRequest
+ >>> print plugin.extractCredentials(TestRequest('/'))
+ None
+
"""
+ if not IHTTPRequest.providedBy(request):
+ return None
+
if request._auth:
if request._auth.lower().startswith(u'basic '):
credentials = request._auth.split()[-1]
@@ -108,11 +117,11 @@
>>> request = TestRequest('/')
>>> response = request.response
>>> print plugin.challenge(request)
- None
+ False
"""
if not IHTTPRequest.providedBy(request):
- return None
+ return False
request.response.setHeader("WWW-Authenticate",
"basic realm=%s" % self.realm, literal=True)
request.response.setStatus(401)
@@ -137,4 +146,4 @@
pass
class HTTPBasicAuthChallenger(Persistent, Contained):
- pass
\ No newline at end of file
+ pass
Modified: Zope3/trunk/src/zope/app/authentication/principalfolder.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/principalfolder.py 2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/principalfolder.py 2005-04-19 18:52:51 UTC (rev 30047)
@@ -22,7 +22,7 @@
from zope import component
from zope.event import notify
from zope.schema import Text, TextLine, Password
-from zope.publisher.interfaces.browser import IBrowserRequest
+from zope.publisher.interfaces import IRequest
from zope.security.interfaces import IGroupAwarePrincipal
from zope.app.container.contained import Contained
@@ -288,8 +288,8 @@
the principal to create and a request:
>>> info = PrincipalInfo('users.mary', 'mary', 'Mary', 'The site admin.')
- >>> from zope.publisher.browser import TestRequest
- >>> request = TestRequest()
+ >>> from zope.publisher.base import TestRequest
+ >>> request = TestRequest('/')
>>> factory = AuthenticatedPrincipalFactory(info, request)
>>> principal = factory()
@@ -320,7 +320,7 @@
For information on how factories are used in the authentication process,
see README.txt.
"""
- component.adapts(interfaces.IPrincipalInfo, IBrowserRequest)
+ component.adapts(interfaces.IPrincipalInfo, IRequest)
interface.implements(interfaces.IAuthenticatedPrincipalFactory)
Modified: Zope3/trunk/src/zope/app/authentication/session.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/session.py 2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/session.py 2005-04-19 18:52:51 UTC (rev 30047)
@@ -22,6 +22,7 @@
from zope.interface import implements, Interface
from zope.schema import TextLine
+from zope.publisher.interfaces.http import IHTTPRequest
from zope.app import zapi
from zope.app.component import hooks
@@ -157,6 +158,8 @@
def extractCredentials(self, request):
"""Extracts credentials from a session if they exist."""
+ if not IHTTPRequest.providedBy(request):
+ return None
sessionData = ISession(request)[
'zope.app.authentication.browserplugins']
@@ -227,6 +230,9 @@
This can be used by the login form to redirect the user back to the
originating URL upon successful authentication.
"""
+ if not IHTTPRequest.providedBy(request):
+ return False
+
site = hooks.getSite()
camefrom = request.getURL()
url = '%s/@@%s?%s' % (absoluteURL(site, request),
@@ -237,6 +243,9 @@
def logout(self, request):
"""Performs logout by clearing session data credentials."""
+ if not IHTTPRequest.providedBy(request):
+ return False
+
sessionData = ISession(request)[
'zope.app.authentication.browserplugins']
sessionData['credentials'] = None
Modified: Zope3/trunk/src/zope/app/authentication/tests.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/tests.py 2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/tests.py 2005-04-19 18:52:51 UTC (rev 30047)
@@ -37,6 +37,8 @@
PersistentSessionDataContainer, RAMSessionDataContainer
from zope.app.session.http import CookieClientIdManager
+from zope.publisher import base
+from zope.app.authentication.session import SessionCredentialsPlugin
class TestClientId(object):
implements(IClientId)
@@ -57,10 +59,45 @@
sdc = session_data_container_class()
ztapi.provideUtility(ISessionDataContainer, sdc, '')
+def nonHTTPSessionTestCaseSetUp(sdc_class=PersistentSessionDataContainer):
+ # I am getting an error with ClientId and not TestClientId
+ placelesssetup.setUp()
+ ztapi.provideAdapter(IRequest, IClientId, ClientId)
+ ztapi.provideAdapter(IRequest, ISession, Session)
+ ztapi.provideUtility(IClientIdManager, CookieClientIdManager())
+ sdc = sdc_class()
+ ztapi.provideUtility(ISessionDataContainer, sdc, '')
+
+
+class NonHTTPSessionTestCase(unittest.TestCase):
+ # Small test suite to catch an error with non HTTP protocols, like FTP
+ # and SessionCredentialsPlugin.
+ def setUp(self):
+ nonHTTPSessionTestCaseSetUp()
+
+ def tearDown(self):
+ placefulTearDown()
+
+ def test_exeractCredentials(self):
+ plugin = SessionCredentialsPlugin()
+
+ self.assertEqual(plugin.extractCredentials(base.TestRequest('/')), None)
+
+ def test_challenge(self):
+ plugin = SessionCredentialsPlugin()
+
+ self.assertEqual(plugin.challenge(base.TestRequest('/')), False)
+
+ def test_logout(self):
+ plugin = SessionCredentialsPlugin()
+
+ self.assertEqual(plugin.logout(base.TestRequest('/')), False)
+
def test_suite():
return unittest.TestSuite((
doctest.DocTestSuite('zope.app.authentication.generic'),
doctest.DocTestSuite('zope.app.authentication.httpplugins'),
+ doctest.DocTestSuite('zope.app.authentication.ftpplugins'),
doctest.DocFileSuite('principalfolder.txt'),
doctest.DocTestSuite('zope.app.authentication.principalfolder',
setUp=placelesssetup.setUp,
@@ -82,6 +119,7 @@
setUp=placelesssetup.setUp,
tearDown=placelesssetup.tearDown,
),
+ unittest.makeSuite(NonHTTPSessionTestCase),
))
if __name__ == '__main__':
More information about the Zope3-Checkins
mailing list