Changeset 155
- Timestamp:
- 06/14/08 14:45:05
- Files:
-
- AuthKit/trunk/AuthKit.egg-info/PKG-INFO (modified) (2 diffs)
- AuthKit/trunk/AuthKit.egg-info/SOURCES.txt (modified) (2 diffs)
- AuthKit/trunk/CHANGELOG.txt (modified) (1 diff)
- AuthKit/trunk/authkit/authenticate/__init__.py (modified) (1 diff)
- AuthKit/trunk/authkit/authenticate/multi.py (modified) (1 diff)
- AuthKit/trunk/authkit/authorize/pylons_adaptors.py (modified) (1 diff)
- AuthKit/trunk/authkit/authorize/wsgi_adaptors.py (modified) (3 diffs)
- AuthKit/trunk/examples/authorize.py (modified) (5 diffs)
- AuthKit/trunk/examples/authorize2.py (added)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
AuthKit/trunk/AuthKit.egg-info/PKG-INFO
r151 r155 1 1 Metadata-Version: 1.0 2 2 Name: AuthKit 3 Version: 0.4.1dev-r15 03 Version: 0.4.1dev-r154 4 4 Summary: An authentication and authorization toolkit for WSGI applications and frameworks 5 5 Home-page: http://authkit.org/ … … 53 53 0.4.1 (**svn**) 54 54 55 ******************************************************************************** 56 * The ``authkit.setup.enable = false`` option now also disables authorisation * 57 * checks (reported by Rick Flosi) * 58 ******************************************************************************** 59 * Applied patch from Pawel Niewiadomski to fix #53 60 * Changed the import of the openid.sreg module to openid.extensions.sreg 61 * Fixed the encoding of the form.py file 62 * Updated the examples to use the latest syntax 63 * Updated the tests for the new SQLAlchemy drivers 64 * Added Daniel Pronych's SQLAlchemy drivers but with significant changes 65 * Fixed a bug due to a change in the latest version of Python OpenID 66 so that AuthKit OpenID works with Yahoo sign-ins. Phil Kershaw #50 55 67 * Updated the user/database example, it now works #43 56 68 * Updated user tokens code to fix #17 AuthKit/trunk/AuthKit.egg-info/SOURCES.txt
r151 r155 39 39 authkit/users/postgresql_driver.py 40 40 authkit/users/sqlalchemy_04_driver.py 41 authkit/users/sqlalchemy_driver.py 41 authkit/users/sqlalchemy_driver/__init__.py 42 authkit/users/sqlalchemy_driver/sqlalchemy_03.py 43 authkit/users/sqlalchemy_driver/sqlalchemy_04.py 44 authkit/users/sqlalchemy_driver/sqlalchemy_044.py 42 45 docs/community.txt 43 46 docs/download.txt … … 87 90 examples/user/database/README.txt 88 91 examples/user/database/app.py 92 examples/user/database-model/README.txt 93 examples/user/database-model/app.py 94 examples/user/database-model/create.py 95 examples/user/database-model/meta.py 96 examples/user/database-model/model.py 89 97 ez_setup/README.txt 90 98 ez_setup/__init__.py AuthKit/trunk/CHANGELOG.txt
r153 r155 4 4 0.4.1 (**svn**) 5 5 6 * Added ``setup.fakeuser`` option which automatically sets the REMOTE_USER 7 so that it appears someone has signed in. Useful with setup.enable = False 8 ******************************************************************************** 9 * The ``setup.enable = false`` option now also disables authorisation * 10 * checks (reported by Rick Flosi) * 11 ******************************************************************************** 6 12 * Applied patch from Pawel Niewiadomski to fix #53 7 13 * Changed the import of the openid.sreg module to openid.extensions.sreg AuthKit/trunk/authkit/authenticate/__init__.py
r150 r155 434 434 if not middleware and not all_conf.has_key('setup.method'): 435 435 raise AuthKitConfigError('No authkit.setup.method was specified') 436 436 437 # Add the configuration to the environment 438 enable_ = asbool(all_conf.get('setup.enable', True)) 439 all_conf['setup.enable'] = enable_ 440 app = AddToEnviron(app, 'authkit.config', all_conf) 441 if all_conf.has_key('setup.fakeuser'): 442 app = AddToEnviron(app, 'REMOTE_USER', all_conf['setup.fakeuser']) 443 437 444 # Check to see if middleware is disabled 438 if asbool(all_conf.get('setup.enable', True))== False:445 if enable_ == False: 439 446 warnings.warn("AuthKit middleware has been turned off by the config " 440 447 "option authkit.setup.enable") AuthKit/trunk/authkit/authenticate/multi.py
r148 r155 84 84 85 85 app_iter = app(environ, start_response) 86 if not result_: 87 raise Exception('Invalid WSGI response, did the application return an iterable?') 86 88 if result_[0] is None: 87 89 # The check failed and the initial app should be used. AuthKit/trunk/authkit/authorize/pylons_adaptors.py
r124 r155 28 28 """ 29 29 def validate(func, self, *args, **kwargs): 30 def app(environ, start_response): 30 all_conf = request.environ.get('authkit.config') 31 if all_conf is None: 32 raise Exception('Authentication middleware not present') 33 if all_conf.get('setup.enable', True) is True: 34 def app(environ, start_response): 35 return func(self, *args, **kwargs) 36 return permission.check(app, request.environ, self.start_response) 37 else: 31 38 return func(self, *args, **kwargs) 32 return permission.check(app, request.environ, self.start_response)33 39 return decorator(validate) 34 40 AuthKit/trunk/authkit/authorize/wsgi_adaptors.py
r124 r155 93 93 94 94 def __call__(self, environ, start_response): 95 if not environ.has_key('authkit.authenticate'): 96 raise Exception( 97 "Authenticate middleware not present" 98 ) 99 # Could also check that status and response haven't changed here? 100 try: 101 return self.permission.check(self.app, environ, start_response) 102 except NotAuthenticatedError: 103 if environ.has_key('REMOTE_USER'): 104 raise NonConformingPermissionError( 105 'Faulty permission: NotAuthenticatedError raised ' 106 'but REMOTE_USER key is present.' 107 ) 108 else: 109 raise 95 all_conf = environ.get('authkit.config') 96 if all_conf is None: 97 raise Exception('Authentication middleware not present') 98 if all_conf.get('setup.enable', True) is True: 99 # Could also check that status and response haven't changed here? 100 try: 101 return self.permission.check(self.app, environ, start_response) 102 except NotAuthenticatedError: 103 if environ.has_key('REMOTE_USER'): 104 raise NonConformingPermissionError( 105 'Faulty permission: NotAuthenticatedError raised ' 106 'but REMOTE_USER key is present.' 107 ) 108 else: 109 raise 110 else: 111 return self.app(environ, start_response) 110 112 111 113 class _PermissionStartResponse(object): … … 143 145 def decorate(func): 144 146 def input(self, environ, start_response): 145 def app(environ, start_response): 147 all_conf = environ.get('authkit.config') 148 if all_conf is None: 149 raise Exception('Authentication middleware not present') 150 if all_conf.get('setup.enable', True) is True: 151 def app(environ, start_response): 152 return func(self, environ, start_response) 153 return permission.check(app, environ, start_response) 154 else: 146 155 return func(self, environ, start_response) 147 return permission.check(app, environ, start_response)148 156 return input 149 157 return decorate … … 164 172 advanced permission checks. 165 173 """ 166 error = PermissionSetupError( 167 'The permissions being authorized require access to a response ' 168 'and so cannot be used to authorize based on a request alone. ' 169 'Try using the authkit.authorize.middleware or the authorize decorator.' 170 ) 171 try: 172 def dummy_app(environ, start_response): 173 if not start_response == _PermissionStartResponse: 174 raise _FiddledWith('Fiddled with start_response %r'%start_response) 175 start_response( 176 '1000 Test Response For Permissions Check', 177 [('Content-type','text/plain')] 178 ) 179 return _PermissionList('''Dummy response from permission check.''') 180 181 if not isinstance( 182 permission.check( 183 dummy_app, 184 environ, 185 _PermissionStartResponse 186 ), 187 _PermissionList 188 ): 189 raise _FiddledWith('Fiddled with response') 190 except _FiddledWith: 191 raise error 174 all_conf = environ.get('authkit.config') 175 if all_conf is None: 176 raise Exception('Authentication middleware not present') 177 if all_conf.get('setup.enable', True) is True: 178 error = PermissionSetupError( 179 'The permissions being authorized require access to a response ' 180 'and so cannot be used to authorize based on a request alone. ' 181 'Try using the authkit.authorize.middleware or the authorize decorator.' 182 ) 183 try: 184 def dummy_app(environ, start_response): 185 if not start_response == _PermissionStartResponse: 186 raise _FiddledWith('Fiddled with start_response %r'%start_response) 187 start_response( 188 '1000 Test Response For Permissions Check', 189 [('Content-type','text/plain')] 190 ) 191 return _PermissionList('''Dummy response from permission check.''') 192 193 if not isinstance( 194 permission.check( 195 dummy_app, 196 environ, 197 _PermissionStartResponse 198 ), 199 _PermissionList 200 ): 201 raise _FiddledWith('Fiddled with response') 202 except _FiddledWith: 203 raise error 204 else: 205 return 192 206 193 207 def authorized(environ, permission): AuthKit/trunk/examples/authorize.py
r59 r155 25 25 26 26 from authkit.permissions import UserIn 27 from authkit.authorize import authorize , PermissionError27 from authkit.authorize import authorized, authorize, PermissionError 28 28 from authkit.authorize import middleware as authorize_middleware 29 29 from paste import httpexceptions … … 48 48 return app(environ, start_response) 49 49 50 def _authorize(self, permission, environ):51 """Example implementation of an authorize object that can handle52 mid-method checks. Framework implementors should create their53 own way of doing this."""54 if permission.require_response:55 raise Exception(56 'Cannot _authorize mid-method based on permission'57 'object since it requires access to the HTTP response'58 )59 def start_response(status, headers, exc_info):60 pass61 def app(environ, start_response):62 return []63 permission.check(app, environ, start_response)64 65 50 def index(self, environ, start_response): 66 51 start_response('200 OK', [('Content-type','text/html')]) … … 78 63 <li><a href="/mid_method_test">Mid Method</a></li> 79 64 <li><a href="/decorator_test">Decorator</a></li> 80 <li><a href="/attribute_test">Attribute </a></li>65 <li><a href="/attribute_test">Attribute (middleware)</a></li> 81 66 </ul> 82 67 <p>Once you have signed in you will need to close your … … 88 73 def mid_method_test(self, environ, start_response): 89 74 """Authorize using a mid-method permissions check""" 90 try: 91 self._authorize(UserIn(users=['james']), environ) 92 # This line catches both NotAuthenticatedErrors and NotAuthorizedErrors 93 # because PermissionError is their base class. 94 except PermissionError: 95 raise 96 start_response('200 OK', [('Content-type','text/html')]) 97 return ['Access granted to /mid_method_test'] 75 if authorized(environ, UserIn(users=['james'])): 76 start_response('200 OK', [('Content-type','text/html')]) 77 return ['Access granted to /mid_method_test'] 78 else: 79 start_response('200 OK', [('Content-type','text/html')]) 80 return ['User is not authorized'] 98 81 99 82 @authorize(UserIn(users=['james'])) … … 123 106 app = middleware( 124 107 app, 125 method='basic',126 realm='Test Realm',127 users_valid=valid108 setup_method='basic', 109 basic_realm='Test Realm', 110 basic_authenticate_function=valid 128 111 ) 112 print """ 113 Clear the HTTP authentication first by closing your browser if you have been 114 testing other basic authentication examples on the same port. 115 116 You will be able to sign in as any user as long as the password is the same as 117 the username, but all users apart from `james' will be denied access to the 118 resources. 119 """ 120 121 129 122 serve(app, host='0.0.0.0', port=8080)
