source: TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/openid/provider/authninterface/basic.py @ 4559

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/openid/provider/authninterface/basic.py@4559
Revision 4559, 4.5 KB checked in by pjkersha, 12 years ago (diff)

Moved BasicAuthNInterface from OpenID Provider __init.py module to it's own module in the authninterface package.

Line 
1"""NDG Security Basic OpenID Authentication Interface.
2
3A demonstration implementation of an authentication interface for
4OpenIDProviderMiddleware WSGI.  Username/password and OpenId user identifier
5details are read from a config file and passed as keywords.  This class is not
6intended for production use.
7
8NERC Data Grid Project
9
10This software may be distributed under the terms of the Q Public License,
11version 1.0 or later.
12"""
13__author__ = "P J Kershaw"
14__date__ = "01/08/08"
15__copyright__ = "(C) 2008 STFC & NERC"
16__contact__ = "Philip.Kershaw@stfc.ac.uk"
17__revision__ = "$Id$"
18import logging
19log = logging.getLogger(__name__)
20   
21   
22class BasicAuthNInterface(AbstractAuthNInterface):
23    '''Basic Authentication interface class for OpenIDProviderMiddleware
24   
25    it uses username/password details retrieved from config file / keyword
26    entry.  This class is for testing only.  NOT for production use'''
27   
28    def __init__(self, **prop):
29        """Make any initial settings
30       
31        Settings are held in a dictionary which can be set from **prop,
32        a call to setProperties() or by passing settings in an XML file
33        given by propFilePath
34       
35        @type **prop: dict
36        @param **prop: set properties via keywords
37        @raise AuthNInterfaceConfigError: error with configuration
38        """
39        # Test/Admin username/password set from ini/kw args
40        userCreds = prop.get('userCreds')
41        if userCreds:
42            self._userCreds = dict([i.strip().split(':')
43                                    for i in userCreds.split(',')])
44        else:
45            raise AuthNInterfaceConfigError('No "userCreds" config option '
46                                            "found")
47           
48        user2Identifier = prop.get('username2UserIdentifiers')
49        if user2Identifier:
50            self._username2Identifier = {}
51            for i in user2Identifier.split():
52                username, identifierStr = i.strip().split(':')
53                identifiers = tuple(identifierStr.split(','))
54                self._username2Identifier[username] = identifiers
55        else:
56            raise AuthNInterfaceConfigError('No "user2Identifier" config '
57                                            'option found')
58       
59        userCredNames = self._userCreds.keys()
60        userCredNames.sort()
61        username2IdentifierNames = self._username2Identifier.keys()
62        username2IdentifierNames.sort()
63        if userCredNames != username2IdentifierNames:
64            raise AuthNInterfaceConfigError('Mismatch between usernames in '
65                                            '"userCreds" and '
66                                            '"username2UserIdentifiers" options')   
67   
68    def logon(self, environ, userIdentifier, username, password):
69        """Interface login method
70       
71        @type environ: dict
72        @param environ: standard WSGI environ parameter
73
74        @type username: basestring
75        @param username: user identifier
76       
77        @type password: basestring
78        @param password: corresponding password for username givens
79       
80        @raise AuthNInterfaceInvalidCredentials: invalid username/password
81        """
82        if self._userCreds.get(username) != password:
83            raise AuthNInterfaceInvalidCredentials()
84       
85        if userIdentifier is not None and \
86           userIdentifier not in self._username2Identifier.get(username):
87            raise AuthNInterfaceUsername2IdentifierMismatch()
88   
89    def username2UserIdentifiers(self, environ, username):
90        """Map the login username to an identifier which will become the
91        unique path suffix to the user's OpenID identifier.  The
92        OpenIDProviderMiddleware takes self.urls['id_url'] and adds it to this
93        identifier:
94       
95            identifier = self._authN.username2UserIdentifiers(environ,username)
96            identityURL = self.urls['url_id'] + '/' + identifier
97       
98        @type environ: dict
99        @param environ: standard WSGI environ parameter
100
101        @type username: basestring
102        @param username: user identifier
103       
104        @rtype: tuple
105        @return: identifiers to be used to make OpenID user identity URLs.
106       
107        @raise AuthNInterfaceRetrieveError: error with retrieval of information
108        to identifier e.g. error with database look-up.
109        """
110        try:
111            return self._username2Identifier[username]
112        except KeyError:
113            raise AuthNInterfaceRetrieveError('No entries for "%s" user' % 
114                                              username)
Note: See TracBrowser for help on using the repository browser.