def _handle_auth(self, feat):
mechanism = None
# Always favour DIGEST-MD5 if supported by receiving entity
if u'DIGEST-MD5' in feat.mechanisms:
mechanism = u'DIGEST-MD5'
token = None
elif u'PLAIN' in feat.mechanisms:
mechanism = u'PLAIN'
email = '%s@%s' % (self.jid.node, self.jid.domain)
password = self.password_lookup(self.jid)
token = generate_credential(email, self.jid.node, password)
elif u'X-GOOGLE-TOKEN' in feat.mechanisms:
mechanism = u'X-GOOGLE-TOKEN'
password = self.password_lookup(self.jid)
token = perform_authentication(self.jid.node, password)
elif u'ANONYMOUS' in feat.mechanisms:
mechanism = u'ANONYMOUS'
token = None
else:
# We don't support any of the proposed mechanism
# let's abort the SASL exchange
auth = E(u'abort', namespace=XMPP_SASL_NS)
self.propagate(element=auth)
return
auth = E(u'auth', content=token,
attributes={u'mechanism': mechanism},
namespace=XMPP_SASL_NS)
self.propagate(element=auth)
def handle_features(self, e):
"""
XMPP handler for stream features.
It will:
* return immediatly if the element has no children.
* initiates the TLS negociation (from the stream point
of view) if `self.tls` is `True` and the feature has a
`<starttls /> child.
* initiates the authentication based on the supported
mechanisms or abort if none is found.
"""
if not e.xml_children:
return
if self.use_tls and e.has_child('starttls', XMPP_TLS_NS):
return "<starttls xmlns='%s' />" % XMPP_TLS_NS
# We don't actually handle registration here
# but if the register module has been loaded
# we do not want to interfere by trying to authenticate straight away either
if self.register and e.has_child(
'register', "http://jabber.org/features/iq-register"):
return
mech = e.get_child('mechanisms', XMPP_SASL_NS)
mechanisms = []
if mech:
mechanisms = []
for m in mech.xml_children:
if m.is_mixed_content():
mechanisms.append(m.collapse(separator=''))
else:
mechanisms.append(m.xml_text)
mechanism = None
# Always favour DIGEST-MD5 if supported by receiving entity
if u'DIGEST-MD5' in mechanisms:
mechanism = u'DIGEST-MD5'
token = None
elif u'PLAIN' in mechanisms:
mechanism = u'PLAIN'
email = '%s@%s' % (self.jid.node, self.jid.domain)
password = self.password
token = generate_credential(email, self.jid.node, password)
elif u'X-GOOGLE-TOKEN' in mechanisms:
mechanism = u'X-GOOGLE-TOKEN'
password = self.password
token = perform_authentication(self.jid.node, password)
elif u'ANONYMOUS' in mechanisms:
mechanism = u'ANONYMOUS'
token = None
else:
# We don't support any of the proposed mechanism
# let's abort the SASL exchange
return E(u'abort', namespace=XMPP_SASL_NS)
return E(u'auth',
content=token,
attributes={u'mechanism': mechanism},
namespace=XMPP_SASL_NS)
def handle_features(self, e):
"""
XMPP handler for stream features.
It will:
* return immediatly if the element has no children.
* initiates the TLS negociation (from the stream point
of view) if `self.tls` is `True` and the feature has a
`<starttls /> child.
* initiates the authentication based on the supported
mechanisms or abort if none is found.
"""
if not e.xml_children:
return
if self.use_tls and e.has_child('starttls', XMPP_TLS_NS):
return "<starttls xmlns='%s' />" % XMPP_TLS_NS
# We don't actually handle registration here
# but if the register module has been loaded
# we do not want to interfere by trying to authenticate straight away either
if self.register and e.has_child('register', "http://jabber.org/features/iq-register"):
return
mech = e.get_child('mechanisms', XMPP_SASL_NS)
mechanisms = []
if mech:
mechanisms = []
for m in mech.xml_children:
if m.is_mixed_content():
mechanisms.append(m.collapse(separator=''))
else:
mechanisms.append(m.xml_text)
mechanism = None
# Always favour DIGEST-MD5 if supported by receiving entity
if u'DIGEST-MD5' in mechanisms:
mechanism = u'DIGEST-MD5'
token = None
elif u'PLAIN' in mechanisms:
mechanism = u'PLAIN'
email = '%s@%s' % (self.jid.node, self.jid.domain)
password = self.password
token = generate_credential(email, self.jid.node, password)
elif u'X-GOOGLE-TOKEN' in mechanisms:
mechanism = u'X-GOOGLE-TOKEN'
password = self.password
token = perform_authentication(self.jid.node, password)
elif u'ANONYMOUS' in mechanisms:
mechanism = u'ANONYMOUS'
token = None
else:
# We don't support any of the proposed mechanism
# let's abort the SASL exchange
return E(u'abort', namespace=XMPP_SASL_NS)
return E(u'auth', content=token,
attributes={u'mechanism': mechanism},
namespace=XMPP_SASL_NS)
