Changeset 1647


Ignore:
Timestamp:
30/10/06 08:56:31 (13 years ago)
Author:
pjkersha
Message:

dist/ndg_security-DevPostAlpha?-py2.4.egg: new egg
ez_setup.py: standard easy setup script copied from peak.telecommunity.com
setup.py: modified distutils setup to use eggs. Dependencies are downloaded where possible using the
install_requires keyword to setup and PyPI names for packages; otherwise via dependency_links keyword
and explicit URL to download location.
ndg/security/server/Session.py: moved cookie functionality from UserSession? class into SessionCookie?
dedicated class in it's own module SessionCookie?. This enables use by other session cookie handling
code such as the Login Service.

Location:
TI12-security/trunk/python
Files:
2 added
2 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg/security/server/Session.py

    r1639 r1647  
    232232                                 cookieDomain=cookieDomain, 
    233233                                 **cookieTagsKw)) 
    234  
    235  
    236 #_____________________________________________________________________________ 
    237 class SessionCookieError(Exception): 
    238     "Handle exception from SessionCookie class" 
    239      
    240          
    241 #_____________________________________________________________________________ 
    242 class _MetaSessionCookie(type): 
    243     """Enable SessionCookie to have read only class variables e.g. 
    244      
    245     print sessionCookie.cookieTags is allowed but, 
    246      
    247     sessionCookie.cookieTags = None 
    248      
    249     ... raises - AttributeError: can't set attribute""" 
    250     def __getTags(cls): 
    251         '''ndgID1 is the session ID and ndgID2 is the encrypted session  
    252         manager WSDL address.''' 
    253         return ("ndgID1", "ndgID2") 
    254  
    255     tags = property(fget=__getTags) 
    256  
    257     def __getSessIDlen(cls): 
    258         '''This sets the session ID length (!)''' 
    259         return 64 
    260      
    261     sessIDlen = property(fget=__getSessIDlen) 
    262      
    263      
    264 #_____________________________________________________________________________ 
    265 class SessionCookie(object): 
    266     """Class encapsulates Session Cookie for handling by UserSession and 
    267     LoginService""" 
    268      
    269     __metaclass__ = _MetaSessionCookie 
    270  
    271     # Follow standard format for cookie path and expiry attributes 
    272     __cookiePathTag = "path" 
    273     __cookiePath = "/" 
    274     __cookieDomainTag = 'domain' 
    275     __cookieExpiryTag = "expires" 
    276   
    277     # Quotes are vital (and part of the official cookei format) - otherwise it 
    278     # will not be parsed correctly 
    279     __sessCookieExpiryFmt = "\"%a, %d-%b-%Y %H:%M:%S GMT\"" 
    280  
    281          
    282     #_________________________________________________________________________     
    283     def __init__(self,  
    284                  expiryStr=None, 
    285                  dtExpiry=None, 
    286                  cookieDomain=None, 
    287                  **cookieTagKw): 
    288         """Generic cookie creation independent of individual UserSession  
    289         details.              
    290              
    291         Caller should set the cookie e.g. in a CGI script 
    292         print "Content-type: text/html" 
    293         print str(cookie) + os.linesep 
    294  
    295          
    296         **cookieTagKw:         session ID for cookie (ndgID1) and 
    297                                encrypted Session Manager WSDL address (ndgID2) 
    298                                ** style arg means they can be passed as a 
    299                                dictionary without the caller needing to  
    300                                know the tag names. 
    301                                 
    302                                Use UserSession.encrypt() to encrypt the 
    303                                SessionManager WSDL address.  The site  
    304                                SessionManager holds the encryption key. 
    305         expiryStr|dtExpiry:    expiry date time for the cookie.  Input as a  
    306                                string formatted in the standard way for  
    307                                cookies or input a datetime type for  
    308                                conversion. 
    309         cookieDomain:          The domain for the cookie.  Default is the 
    310                                web server address.  Override to set to a  
    311                                site wide cookie e.g. .rl.ac.uk.  Nb. that this 
    312                                has security implications 
    313         """ 
    314  
    315         # Domain for cookie used by createCookie method - if not set, it will 
    316         # default to web server domain name 
    317         self.__cookieDomain = cookieDomain 
    318          
    319         try: 
    320             sessID = cookieTagKw['NDG-ID1'] 
    321             encrSessMgrWSDLuri = cookieTagKw['NDG-ID2'] 
    322              
    323         except KeyError: 
    324             c = self.tags 
    325             msg = len(c) > 1 and 's %s and %s' % (', '.join(c[:-1]), c[-1]) \ 
    326                 or ' ' + c[-1] 
    327             raise SessionCookieError, "The Cookie tag keyword%s" % c 
    328  
    329              
    330         if len(sessID) < SessionCookie.sessIDlen: 
    331             SessionCookieError, "Session ID has an invalid length" 
    332              
    333         if encrSessMgrWSDLuri[:7] == 'http://' or \ 
    334            encrSessMgrWSDLuri[:8] == 'https://': 
    335             SessionCookieError, "Input Session Manager WSDL URI does not " + \ 
    336                                 "appear to have been encrypted" 
    337                                
    338         if dtExpiry: 
    339             if not isinstance(dtExpiry, datetime): 
    340                 SessionCookieError, \ 
    341                     "Expecting valid datetime object with dtExpiry keyword" 
    342                  
    343             expiryStr = dtExpiry.strftime(self.__sessCookieExpiryFmt) 
    344              
    345         elif not expiryStr or not isinstance(expiryStr, basestring): 
    346             raise SessionCookieError, "No cookie expiry was set" 
    347              
    348              
    349         try:    
    350             self.__cookie = SimpleCookie() 
    351               
    352             tagValues = (sessID, encrSessMgrWSDLuri) 
    353             i=0 
    354             for tag in self.tags: 
    355                  
    356                 self.__cookie[tag] = tagValues[i] 
    357                 i += 1 
    358                  
    359                 # Use standard format for cookie path and expiry 
    360                 self.__cookie[tag][self.__cookiePathTag] = self.__cookiePath                 
    361                 self.__cookie[tag][self.__cookieExpiryTag]= expiryStr 
    362                                              
    363                 # Make cookie as generic as possible for domains - Nb. '.uk' 
    364                 # alone won't work but .rl.ac.uk would 
    365                 if cookieDomain: 
    366                     self.__cookie[tag][self.__cookieDomainTag] = cookieDomain 
    367              
    368         except Exception, e: 
    369             raise SessionCookieError, "Creating Session Cookie: %s" % e 
    370          
    371      
    372     def asSimpleCookie(self): 
    373         return self.__cookie 
    374      
    375     def asString(self): 
    376         return self.__cookie.output() 
    377      
    378     def __call__(self): 
    379         return self.asSimpleCookie() 
    380      
    381     def __str__(self): 
    382         return self.asString() 
    383      
    384     def __repr__(self): 
    385         return self.asString() 
    386  
    387  
    388     #_________________________________________________________________________ 
    389     def __setCookieDomain(self, cookieDomain): 
    390         """Set domain for cookie - set to None to assume domain of web server 
    391         """ 
    392  
    393         if not isinstance(cookieDomain, basestring) and \ 
    394            cookieDomain is not None: 
    395             raise SessionCookieError, \ 
    396                 "Expecting string or None type for \"cookieDomain\"" 
    397                          
    398         self.__cookieDomain = cookieDomain 
    399  
    400     cookieDomain = property(fset=__setCookieDomain, doc="Set cookie domain") 
    401         
    402      
    403     #_________________________________________________________________________ 
    404     @classmethod    
    405     def isValid(cls, cookie, raiseExcep=False): 
    406         """Check cookie has the expected session keys.  Cookie may be a  
    407         string or SimpleCookie type""" 
    408          
    409         if isinstance(cookie, basestring): 
    410             cookie = SimpleCookie(cookie) 
    411              
    412         elif not isinstance(cookie, SimpleCookie): 
    413             if raiseExcep: 
    414                 raise SessionCookieError,"Input cookie must be a string or "+\ 
    415                                         "SimpleCookie type" 
    416             else: 
    417                 return False 
    418          
    419         missingTags = [tag for tag in self.tags if tag not in cookie] 
    420         if missingTags: 
    421             if raiseExcep: 
    422                 raise SessionCookieError, \ 
    423             "Input cookie missing security tag(s): " + ", ".join(missingTags) 
    424             else: 
    425                 return False 
    426  
    427         if len(cookie[self.tags[0]].value) < cls.sessIDlen: 
    428             if raiseExcep: 
    429                 raise SessionCookieError, "Session ID has an invalid length" 
    430             else: 
    431                 return False 
    432          
    433         return True 
    434234     
    435235 
  • TI12-security/trunk/python/setup.py

    r1642 r1647  
    3030 
    3131# Packages needed for NDG Security 
     32# Note commented out ones fail with PyPI - use explicit link instead 
    3233# TODO: subdivide these into server and client specific and comon dependencies 
    3334_pkgDependencies = [ 
    3435    'ElementTree', 
    3536    'cElementTree', 
    36     'M2Crypto', 
     37#    'M2Crypto', build fails - find way to make it link with /usr/local/NDG openssl installation 
    3738    'ZSI', 
    38     'Ft', 
    39     '_xmlplus', 
    40     'twisted', 
    41     'zope', 
    42     'Crypto', 
    43     'sqlobject', 
    44     'MySQLdb', 
    45     'pyXMLSec'] 
     39#    '4Suite', don't need to include it as ZSI egg will get this instead 
     40#    'Twisted', 
     41#    'TwistedWeb', 
     42#    'ZopeInterface',  
     43    'PyCrypto', 
     44    'SQLObject', 
     45#    'MySQL-python', - gcc: unrecognized option `-restrict' 
     46#    'PyXMLSec', 
     47#    'PyXML' 
     48] 
    4649 
    47 entry_points = { 
    48         'console_scripts': [ 
    49             'ndgSessionClient = ndg.client.ndgSessionClient:main'] 
     50# Sledge hammer approach needed with some packages as they won't install from their PyPI name - 
     51# instead give the explicit URL.  This may cause problems later! 
     52_pkgDependencyLinks = [ 
     53    "http://www.zope.org/Products/ZopeInterface/3.0.1final/ZopeInterface-3.0.1.tgz", 
     54    "http://prdownloads.sourceforge.net/pyxml/PyXML-0.8.4.tar.gz?use_mirror=kent", 
     55    "http://tmrc.mit.edu/mirror/twisted/Web/0.5/TwistedWeb-0.5.0.tar.bz2", 
     56    "http://tmrc.mit.edu/mirror/twisted/Twisted/2.2/TwistedSumo-2006-02-12.tar.bz2", 
     57] 
     58 
     59 
     60_entryPoints = \ 
     61{ 
     62    'console_scripts': ['ndgSessionClient = ndg.client.ndgSessionClient:main'] 
     63} 
    5064 
    5165setupKw = \ 
     
    6175    'url':                      'http://proj.badc.rl.ac.uk/ndg', 
    6276    'install_requires':         _pkgDependencies, 
    63     'packages':                 find_packages(), 
    64  
     77    'dependency_links':         _pkgDependencyLinks, 
     78#    'packages':                find_packages(), 
     79    'namespace_packages':       ['server'], 
    6580    # This flag will include all files under SVN control or included in 
    6681    # MANIFEST.in. 
Note: See TracChangeset for help on using the changeset viewer.