Lynn Rees avatar Lynn Rees committed 9301f87

[svn]

Comments (0)

Files changed (2)

trunk/wsgiauth/basic.py

-#! /usr/bin/env python
 # (c) 2005 Clark C. Evans
-#
-# This module is part of the Python Paste Project and is released under
-# the MIT License: http://www.opensource.org/licenses/mit-license.php
-# This code was written with funding by http://prometheusresearch.com
-#
 # Copyright (c) 2006 L. C. Rees.  All rights reserved.
 #
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are met:
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
 #
-# 1.  Redistributions of source code must retain the above copyright notice,
-# this list of conditions and the following disclaimer.
-# 2.  Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-# 3.  Neither the name of the Portable Site Information Project nor the names
-# of its contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
 #
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
-# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
 
 '''HTTP Basic Authentication
 
 http://www.w3.org/Protocols/HTTP/1.0/draft-ietf-http-spec.html#BasicAA
 
 Do not use basic authentication unless you are using SSL or need to work
-with very out-dated clients, use HTTP digest authentication instead.
-
-Basically, you just put this module before your WSGI application, and it
-takes care of requesting and handling authentication requests.
-
-This code has not been audited by a security expert, please use with
-caution (or better yet, report security holes).'''
+with very out-dated clients, use HTTP digest authentication instead.'''
 
 from base import Scheme, HTTPAuth
 
 
     def __call__(self, environ):
         '''This function takes a WSGI environment and authenticates
-        the request returning authenticated user or error.
+        the request, returning an authenticated user or error.
         '''
         authorization = environ.get('HTTP_AUTHORIZATION')
         if authorization is None: return self.response   

trunk/wsgiauth/cas.py

-# (c) 2005 Clark C. Evans
-# This module is part of the Python Paste Project and is released under
-# the MIT License: http://www.opensource.org/licenses/mit-license.php
-# This code was written with funding by http://prometheusresearch.com
-
-'''CAS 1.0 Authentication'''
-
-import urllib
-from util import Redirect, Forbidden, geturl
-
-__all__ = ['CAS', 'cas']
-
-def cas(authority, **kw):
-    '''Decorator for CAS authentication.'''
-    def decorator(application):
-        return CAS(application, authority, **kw)
-    return decorator
-
-
-class CAS(object):
-
-    '''Middleware for CAS 1.0 authentication.'''
-
-    def __init__(self, application, authority, **kw):
-        assert authority.endswith('/') and authority.startswith('http')
-        # Fully-qualified URL to a CAS 1.0 service
-        self.authority = authority
-        self.application = application
-        self.redirect = kw.get('redirect', Redirect)
-        self.forbidden = kw.get('forbidden', Forbidden)
-    
-    def __call__(self, environ, start_response):        
-        if environ.get('REMOTE_USER') is None:            
-            qs = environ.get('QUERY_STRING', '').split('&')
-            if qs and qs[-1].startswith('ticket='):
-                # assume a response from the authority
-                ticket = qs.pop().split('=', 1)[1]
-                environ['QUERY_STRING'] = '&'.join(qs)
-                service = geturl(environ)
-                args = urllib.urlencode({'service':service, 'ticket':ticket})
-                requrl = ''.join([self.authority, 'validate?', args])
-                result = urllib.urlopen(requrl).read().split('\n')
-                if 'yes' == result[0]:
-                    environ['REMOTE_USER'] = result[1]
-                    environ['AUTH_TYPE'] = 'cas'
-                    return self.application(environ, start_response)
-                exce = self.forbidden
-            else:
-                service = geturl(environ)
-                args = urllib.urlencode({'service':service})
-                location = ''.join([self.authority, 'login?', args])
-                exce = self.redirect(location)
-            return exce(environ, start_response)
-        return self.application(environ, start_response)
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.