[Zope3-checkins] SVN: Zope3/trunk/src/zope/app/authentication/
Reversed:
Jim Fulton
jim at zope.com
Mon Feb 7 11:22:43 EST 2005
Log message for revision 29074:
Reversed:
revision 29031:
Added support for unauthenticated principals.
This was added in preparation for using PAS to get the unauthenticated
principal to be in the unauthenticated group. I ended up handling
that group in a way that akes this change innecessary. While being
able to define an unauthenticated principal in PAS is, theoretically a
useful thing, we have no practical need for it.
Changed:
U Zope3/trunk/src/zope/app/authentication/README.txt
U Zope3/trunk/src/zope/app/authentication/authentication.py
U Zope3/trunk/src/zope/app/authentication/interfaces.py
-=-
Modified: Zope3/trunk/src/zope/app/authentication/README.txt
===================================================================
--- Zope3/trunk/src/zope/app/authentication/README.txt 2005-02-07 15:24:38 UTC (rev 29073)
+++ Zope3/trunk/src/zope/app/authentication/README.txt 2005-02-07 16:22:42 UTC (rev 29074)
@@ -42,32 +42,34 @@
Let's look at an example. We create a simple plugin that provides credential
extraction:
- >>> from zope import interface, component
+ >>> import zope.interface
>>> from zope.app.authentication import interfaces
>>> class MyExtractor:
...
- ... interface.implements(interfaces.IExtractionPlugin)
+ ... zope.interface.implements(interfaces.IExtractionPlugin)
...
... def extractCredentials(self, request):
... return request.get('credentials')
We need to register this as a utility. Normally, we'd do this in ZCML. For the
-example here, we'll use the `provideUtility()`:
+example here, we'll use the `provideUtility()` function from
+`zope.app.tests.ztapi`:
- >>> component.provideUtility(MyExtractor(), name='emy')
+ >>> from zope.app.tests.ztapi import provideUtility
+ >>> provideUtility(interfaces.IExtractionPlugin, MyExtractor(), name='emy')
Now we also create an authenticator plugin that knows about object 42:
>>> class Auth42:
...
- ... interface.implements(interfaces.IAuthenticationPlugin)
+ ... zope.interface.implements(interfaces.IAuthenticationPlugin)
...
... def authenticateCredentials(self, credentials):
... if credentials == 42:
... return '42', {'domain': 42}
- >>> component.provideUtility(Auth42(), name='a42')
+ >>> provideUtility(interfaces.IAuthenticationPlugin, Auth42(), name='a42')
We provide a principal factory plugin:
@@ -79,13 +81,12 @@
... self.id = id
...
... def __repr__(self):
- ... return '%s(%r, %r)' % (self.__class__.__name__,
- ... self.id, self.title)
+ ... return 'Principal(%r, %r)' % (self.id, self.title)
>>> from zope.event import notify
>>> class PrincipalFactory:
...
- ... interface.implements(interfaces.IPrincipalFactoryPlugin)
+ ... zope.interface.implements(interfaces.IPrincipalFactoryPlugin)
...
... def createAuthenticatedPrincipal(self, id, info, request):
... principal = Principal(id)
@@ -98,7 +99,8 @@
... notify(interfaces.FoundPrincipalCreated(principal, info))
... return principal
- >>> component.provideUtility(PrincipalFactory(), name='pf')
+ >>> provideUtility(interfaces.IPrincipalFactoryPlugin, PrincipalFactory(),
+ ... name='pf')
Finally, we create a pluggable-authentication utility instance:
@@ -164,13 +166,13 @@
>>> class AuthInt:
...
- ... interface.implements(interfaces.IAuthenticationPlugin)
+ ... zope.interface.implements(interfaces.IAuthenticationPlugin)
...
... def authenticateCredentials(self, credentials):
... if isinstance(credentials, int):
... return str(credentials), {'int': credentials}
- >>> component.provideUtility(AuthInt(), name='aint')
+ >>> provideUtility(interfaces.IAuthenticationPlugin, AuthInt(), name='aint')
If we put it before the original authenticator:
@@ -197,14 +199,14 @@
>>> class OddExtractor:
...
- ... interface.implements(interfaces.IExtractionPlugin)
+ ... zope.interface.implements(interfaces.IExtractionPlugin)
...
... def extractCredentials(self, request):
... credentials = request.get('credentials')
... if isinstance(credentials, int) and (credentials%2):
... return 1
- >>> component.provideUtility(OddExtractor(), name='eodd')
+ >>> provideUtility(interfaces.IExtractionPlugin, OddExtractor(), name='eodd')
>>> auth.extractors = 'eodd', 'emy'
>>> request = TestRequest(credentials=41)
@@ -224,7 +226,7 @@
>>> class OddFactory:
...
- ... interface.implements(interfaces.IPrincipalFactoryPlugin)
+ ... zope.interface.implements(interfaces.IPrincipalFactoryPlugin)
...
... def createAuthenticatedPrincipal(self, id, info, request):
... i = info.get('int')
@@ -244,7 +246,8 @@
... principal, info))
... return principal
- >>> component.provideUtility(OddFactory(), name='oddf')
+ >>> provideUtility(interfaces.IPrincipalFactoryPlugin, OddFactory(),
+ ... name='oddf')
>>> auth.factories = 'oddf', 'pf'
@@ -274,17 +277,18 @@
>>> class Search42:
...
- ... interface.implements(interfaces.IPrincipalSearchPlugin)
+ ... zope.interface.implements(interfaces.IPrincipalSearchPlugin)
...
... def principalInfo(self, principal_id):
... if principal_id == '42':
... return {'domain': 42}
- >>> component.provideUtility(Search42(), name='s42')
+ >>> provideUtility(interfaces.IPrincipalSearchPlugin, Search42(),
+ ... name='s42')
>>> class IntSearch:
...
- ... interface.implements(interfaces.IPrincipalSearchPlugin)
+ ... zope.interface.implements(interfaces.IPrincipalSearchPlugin)
...
... def principalInfo(self, principal_id):
... try:
@@ -294,7 +298,8 @@
... if (i >= 0 and i < 100):
... return {'int': i}
- >>> component.provideUtility(IntSearch(), name='sint')
+ >>> provideUtility(interfaces.IPrincipalSearchPlugin, IntSearch(),
+ ... name='sint')
>>> auth.searchers = 's42', 'sint'
@@ -323,7 +328,7 @@
>>> class FakeAuthUtility:
...
- ... interface.implements(IAuthentication)
+ ... zope.interface.implements(IAuthentication)
...
... lastGetPrincipalCall = lastUnauthorizedCall = None
...
@@ -363,13 +368,13 @@
>>> class Challenge:
...
- ... interface.implements(interfaces.IChallengePlugin)
+ ... zope.interface.implements(interfaces.IChallengePlugin)
...
... def challenge(self, requests, response):
... response.setHeader('X-Unauthorized', 'True')
... return True
- >>> component.provideUtility(Challenge(), name='c')
+ >>> provideUtility(interfaces.IChallengePlugin, Challenge(), name='c')
>>> auth.challengers = ('c', )
Now if we call unauthorized:
@@ -417,7 +422,7 @@
add challenges to a X-Challenges headers:
>>> class ColorChallenge:
- ... interface.implements(interfaces.IChallengePlugin)
+ ... zope.interface.implements(interfaces.IChallengePlugin)
...
... protocol = 'bridge'
...
@@ -427,11 +432,11 @@
... challenge + 'favorite color? ')
... return True
- >>> component.provideUtility(ColorChallenge(), name='cc')
+ >>> provideUtility(interfaces.IChallengePlugin, ColorChallenge(), name='cc')
>>> auth.challengers = 'cc, ', 'c'
>>> class BirdChallenge:
- ... interface.implements(interfaces.IChallengePlugin)
+ ... zope.interface.implements(interfaces.IChallengePlugin)
...
... protocol = 'bridge'
...
@@ -441,7 +446,7 @@
... challenge + 'swallow air speed? ')
... return True
- >>> component.provideUtility(BirdChallenge(), name='bc')
+ >>> provideUtility(interfaces.IChallengePlugin, BirdChallenge(), name='bc')
>>> auth.challengers = 'cc', 'c', 'bc'
Now if we call unauthorized:
@@ -545,43 +550,6 @@
... for (id, queriable) in auth.getQueriables()]
['Search42', 'IntSearch']
-Unauthenticated principals
-==========================
-
-Normally, the pluggable-authentication utility returns None when asked
-for an unauthenticated principal:
-
- >>> auth.unauthenticatedPrincipal()
-
-However, if an IUnauthenticatedPrincipalFactoryPlugin utility is
-defined. then it will be used to create an IUnauthenticatedPrincipal:
-
- >>> import zope.app.security.interfaces
- >>> class UnauthenticatedPrincipal(Principal):
- ... interface.implements(
- ... zope.app.security.interfaces.IUnauthenticatedPrincipal)
-
- >>> class UnauthenticatedPrincipalFactoryPlugin:
- ... interface.implements(
- ... interfaces.IUnauthenticatedPrincipalFactoryPlugin)
- ...
- ... def createUnauthenticatedPrincipal(self):
- ... principal = UnauthenticatedPrincipal('u')
- ... notify(interfaces.UnauthenticatedPrincipalCreated(principal))
- ... return principal
-
- >>> component.provideUtility(UnauthenticatedPrincipalFactoryPlugin())
-
- >>> clearEvents()
- >>> prin = auth.unauthenticatedPrincipal()
- >>> prin
- UnauthenticatedPrincipal('u', '{}')
-
- >>> [event] = getEvents(interfaces.IUnauthenticatedPrincipalCreated)
- >>> event.principal is prin
- True
-
-
Design Notes
============
Modified: Zope3/trunk/src/zope/app/authentication/authentication.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/authentication.py 2005-02-07 15:24:38 UTC (rev 29073)
+++ Zope3/trunk/src/zope/app/authentication/authentication.py 2005-02-07 16:22:42 UTC (rev 29074)
@@ -23,7 +23,7 @@
from zope.schema.interfaces import ISourceQueriables
-from zope import component
+from zope.app import zapi
from zope.app.security.interfaces import IAuthentication
from zope.app.utility.utility import queryNextUtility
@@ -35,8 +35,6 @@
from zope.app.authentication.interfaces import IAuthenticationPlugin
from zope.app.authentication.interfaces import IChallengePlugin
from zope.app.authentication.interfaces import IPrincipalFactoryPlugin
-from zope.app.authentication.interfaces \
- import IUnauthenticatedPrincipalFactoryPlugin
from zope.app.authentication.interfaces import IPrincipalSearchPlugin
from zope.app.authentication.interfaces import IPluggableAuthentication
@@ -51,10 +49,10 @@
self.prefix = prefix
def authenticate(self, request):
- authenticators = [component.queryUtility(IAuthenticationPlugin, name)
+ authenticators = [zapi.queryUtility(IAuthenticationPlugin, name)
for name in self.authenticators]
for extractor in self.extractors:
- extractor = component.queryUtility(IExtractionPlugin, extractor)
+ extractor = zapi.queryUtility(IExtractionPlugin, extractor)
if extractor is None:
continue
credentials = extractor.extractCredentials(request)
@@ -74,8 +72,8 @@
def _create(self, meth, *args):
# We got some data, lets create a user
for factory in self.factories:
- factory = component.queryUtility(IPrincipalFactoryPlugin,
- factory)
+ factory = zapi.queryUtility(IPrincipalFactoryPlugin,
+ factory)
if factory is None:
continue
@@ -91,7 +89,7 @@
id = id[len(self.prefix):]
for searcher in self.searchers:
- searcher = component.queryUtility(IPrincipalSearchPlugin, searcher)
+ searcher = zapi.queryUtility(IPrincipalSearchPlugin, searcher)
if searcher is None:
continue
@@ -105,23 +103,18 @@
def getQueriables(self):
for searcher_id in self.searchers:
- searcher = component.queryUtility(IPrincipalSearchPlugin,
- searcher_id)
+ searcher = zapi.queryUtility(IPrincipalSearchPlugin, searcher_id)
yield searcher_id, searcher
def unauthenticatedPrincipal(self):
- factory = component.queryUtility(
- IUnauthenticatedPrincipalFactoryPlugin)
- if factory is not None:
- return factory.createUnauthenticatedPrincipal()
return None
def unauthorized(self, id, request):
protocol = None
for challenger in self.challengers:
- challenger = component.queryUtility(IChallengePlugin, challenger)
+ challenger = zapi.queryUtility(IChallengePlugin, challenger)
if challenger is None:
continue # skip non-existant challengers
Modified: Zope3/trunk/src/zope/app/authentication/interfaces.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/interfaces.py 2005-02-07 15:24:38 UTC (rev 29073)
+++ Zope3/trunk/src/zope/app/authentication/interfaces.py 2005-02-07 16:22:42 UTC (rev 29074)
@@ -92,21 +92,6 @@
self.info = info
self.request = request
-class IUnauthenticatedPrincipalCreated(IPrincipalCreated):
- """An authenticated principal object has been created
-
- This event is generated when a principal has been created by
- authenticating a request.
- """
-
-class UnauthenticatedPrincipalCreated:
-
- zope.interface.implements(IUnauthenticatedPrincipalCreated)
-
- def __init__(self, principal):
- self.principal = principal
- self.info = {}
-
class IFoundPrincipalCreated(IPrincipalCreated):
"""Event indicating that a principal was created based on a search
"""
@@ -208,14 +193,6 @@
principal is created, return None.
"""
-class IUnauthenticatedPrincipalFactoryPlugin(IPlugin):
- """Create an unauthenticated principal
- """
-
- def createUnauthenticatedPrincipal():
- """Create an unauthenticated principal
- """
-
class IPrincipalSearchPlugin(IPrincipalIdAwarePlugin):
"""Find principals.
More information about the Zope3-Checkins
mailing list