source: TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/default_deployment/sessionmanager/userx509certauthn.py @ 7077

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/default_deployment/sessionmanager/userx509certauthn.py@7077
Revision 7077, 2.0 KB checked in by pjkersha, 9 years ago (diff)
  • Property svn:keywords set to Id
Line 
1"""
2Session Manager Authentication interface returning a user cert/private key -
3for use with Session Manager unittests
4
5NERC Data Grid Project
6"""
7__author__ = "P J Kershaw"
8__date__ = "29/10/08"
9__copyright__ = "(C) 2009 Science and Technology Facilities Council"
10__license__ = "BSD - see LICENSE file in top-level directory"
11__contact__ = "Philip.Kershaw@stfc.ac.uk"
12__revision__ = '$Id$'
13import logging
14log = logging.getLogger(__name__)
15
16from M2Crypto import RSA
17
18from ndg.security.server.sessionmanager import SessionManager, \
19    AbstractAuthNService, AuthNServiceInvalidCredentials, AuthNServiceError
20from ndg.security.common.myproxy import MyProxyClient
21
22class UserX509CertAuthN(AbstractAuthNService):
23    '''Test Authentication interface to the Session Manager
24    returning a certificate and private key
25   
26    For use with SessionManager unittests only'''
27   
28    def __init__(self, **prop):
29        '''Instantiate client object from X.509 cert and private key file path
30        inputs.  Private key must be none password protected.'''
31        self.userX509Cert = open(prop['userX509CertFilePath']).read()
32        self.userPriKey = open(prop['userPriKeyFilePath']).read()
33       
34    def logon(self, username, passphrase):
35        '''Implementation of AbstractAuthNService logon for Session Manager
36        unittests.  TEST ONLY - no check is carried out on username/passphrase
37        credentials
38       
39        @type username: basestring
40        @param username: username for account login
41        @type passphrase: basestring
42        @param passphrase: passphrase (or password) for user account
43        @rtype: tuple
44        @return: user PKI credentials.
45        '''
46       
47        # Check password by executing a trial load of the private key
48        try:
49            RSA.load_key_string(self.userPriKey, 
50                                callback=lambda *ar, **kw: passphrase)
51        except RSA.RSAError, e:
52            raise AuthNServiceInvalidCredentials(e)
53       
54        return self.userX509Cert, self.userPriKey
Note: See TracBrowser for help on using the repository browser.