Beispiel #1
0
def consumer_cert_authentication():
    cert_pem = http.ssl_client_cert()
    if cert_pem is not None:
        consumerid = factory.authentication_manager().check_consumer_cert(cert_pem)
        if consumerid is not None:
            _LOG.debug("Consumer authenticated with ssl cert: %s" % consumerid)
            return consumerid
Beispiel #2
0
    def test_syntactic_sugar_methods(self):
        """
        Tests the syntactic sugar methods for retrieving specific managers.
        """
        # Setup
        factory.initialize()

        # Test
        self.assertTrue(isinstance(factory.authentication_manager(), AuthenticationManager))
        self.assertTrue(isinstance(factory.cert_generation_manager(), CertGenerationManager))
        self.assertTrue(isinstance(factory.certificate_manager(), CertificateManager))
        self.assertTrue(isinstance(factory.password_manager(), PasswordManager))
        self.assertTrue(isinstance(factory.permission_manager(), PermissionManager))
        self.assertTrue(isinstance(factory.permission_query_manager(), PermissionQueryManager))
        self.assertTrue(isinstance(factory.role_manager(), RoleManager))
        self.assertTrue(isinstance(factory.role_query_manager(), RoleQueryManager))
        self.assertTrue(isinstance(factory.user_manager(), UserManager))
        self.assertTrue(isinstance(factory.user_query_manager(), UserQueryManager))
        self.assertTrue(isinstance(factory.repo_manager(), RepoManager))
        self.assertTrue(isinstance(factory.repo_unit_association_manager(),
                                   RepoUnitAssociationManager))
        self.assertTrue(isinstance(factory.repo_publish_manager(), RepoPublishManager))
        self.assertTrue(isinstance(factory.repo_query_manager(), RepoQueryManager))
        self.assertTrue(isinstance(factory.repo_sync_manager(), RepoSyncManager))
        self.assertTrue(isinstance(factory.content_manager(), ContentManager))
        self.assertTrue(isinstance(factory.content_query_manager(), ContentQueryManager))
        self.assertTrue(isinstance(factory.content_upload_manager(), ContentUploadManager))
        self.assertTrue(isinstance(factory.consumer_manager(), ConsumerManager))
        self.assertTrue(isinstance(factory.topic_publish_manager(), TopicPublishManager))
Beispiel #3
0
def user_cert_authentication():
    cert_pem = http.ssl_client_cert()
    if cert_pem is not None:
        userid = factory.authentication_manager().check_user_cert(cert_pem)
        if userid:
            _LOG.debug("User authenticated with ssl cert: %s" % userid)
            return userid
    return None
Beispiel #4
0
def password_authentication():
    username, password = http.username_password()
    if username is not None:
        userid = factory.authentication_manager().check_username_password(username, password)
        if userid is None:
            raise PulpCodedAuthenticationException(error_code=error_codes.PLP0030, user=username)
        else:
            _LOG.debug("User [%s] authenticated with password" % username)
            return userid
Beispiel #5
0
def password_authentication():
    username, password = http.username_password()
    if username is not None:
        userid = factory.authentication_manager().check_username_password(username, password)
        if userid is None:
            raise AuthenticationFailed(auth_utils.CODE_USER_PASS)
        else:
            _LOG.debug("User [%s] authenticated with password" % username)
            return userid
    return None
Beispiel #6
0
def check_preauthenticated():
    # Support web server level authentication of users
    username = http.request_info("REMOTE_USER")
    if username is not None:
        # Omitting the password = assume preauthenticated
        userid = factory.authentication_manager().check_username_password(username)
        if userid is None:
            # User is not in the local database, nor in LDAP
            raise PulpCodedAuthenticationException(error_code=error_codes.PLP0029, user=username)
        else:
            _LOG.debug("User preauthenticated: %s" % username)
            return userid
Beispiel #7
0
def check_preauthenticated():
    # Support web server level authentication of users
    username = http.request_info("REMOTE_USER")
    if username is not None:
        # Omitting the password = assume preauthenticated
        userid = factory.authentication_manager().check_username_password(username)
        if userid is None:
            # User is not in the local database, nor in LDAP
            raise AuthenticationFailed(auth_utils.CODE_PREAUTH)
        else:
            _LOG.debug("User preauthenticated: %s" % username)
            return userid
    return None
Beispiel #8
0
def oauth_authentication():
    if not config.getboolean('oauth', 'enabled'):
        return None, False

    username = http.request_info('HTTP_PULP_USER')
    auth = http.http_authorization()
    cert_pem = http.ssl_client_cert()
    if username is None or auth is None:
        if cert_pem is not None:
            raise PulpCodedAuthenticationException(error_code=error_codes.PLP0027, user=username)
        return None, False
    meth = http.request_info('REQUEST_METHOD')
    url = http.request_url()
    query = http.request_info('QUERY_STRING')
    userid, is_consumer = factory.authentication_manager().check_oauth(username, meth, url, auth, query)
    if userid is None:
        raise PulpCodedAuthenticationException(error_code=error_codes.PLP0028, user=username)
    _LOG.debug("User authenticated with Oauth: %s" % userid)
    return userid, is_consumer
Beispiel #9
0
def oauth_authentication():
    if not config.getboolean('oauth', 'enabled'):
        return None, False

    username = http.request_info('HTTP_PULP_USER')
    auth = http.http_authorization()
    cert_pem = http.ssl_client_cert()
    if username is None or auth is None:
        if cert_pem is not None:
            raise AuthenticationFailed(auth_utils.CODE_INVALID_SSL_CERT)
        return None, False
    meth = http.request_info('REQUEST_METHOD')
    url = http.request_url()
    query = http.request_info('QUERY_STRING')
    userid, is_consumer = factory.authentication_manager().check_oauth(username, meth, url, auth, query)
    if userid is None:
        raise AuthenticationFailed(auth_utils.CODE_OAUTH)
    _LOG.debug("User authenticated with Oauth: %s" % userid)
    return userid, is_consumer
Beispiel #10
0
def oauth_authentication():
    if not config.getboolean('oauth', 'enabled'):
        return None, False

    username = http.request_info('HTTP_PULP_USER')
    auth = http.http_authorization()
    cert_pem = http.ssl_client_cert()
    if username is None or auth is None:
        if cert_pem is not None:
            raise AuthenticationFailed(auth_utils.CODE_INVALID_SSL_CERT)
        return None, False
    meth = http.request_info('REQUEST_METHOD')
    url = http.request_url()
    query = http.request_info('QUERY_STRING')
    userid, is_consumer = factory.authentication_manager().check_oauth(
        username, meth, url, auth, query)
    if userid is None:
        raise AuthenticationFailed(auth_utils.CODE_OAUTH)
    _LOG.debug("User authenticated with Oauth: %s" % userid)
    return userid, is_consumer
Beispiel #11
0
    def test_syntactic_sugar_methods(self):
        """
        Tests the syntactic sugar methods for retrieving specific managers.
        """
        # Setup
        factory.initialize()

        # Test
        self.assertTrue(
            isinstance(factory.authentication_manager(),
                       AuthenticationManager))
        self.assertTrue(
            isinstance(factory.cert_generation_manager(),
                       CertGenerationManager))
        self.assertTrue(
            isinstance(factory.certificate_manager(), CertificateManager))
        self.assertTrue(isinstance(factory.password_manager(),
                                   PasswordManager))
        self.assertTrue(
            isinstance(factory.permission_manager(), PermissionManager))
        self.assertTrue(
            isinstance(factory.permission_query_manager(),
                       PermissionQueryManager))
        self.assertTrue(isinstance(factory.role_manager(), RoleManager))
        self.assertTrue(
            isinstance(factory.role_query_manager(), RoleQueryManager))
        self.assertTrue(isinstance(factory.user_manager(), UserManager))
        self.assertTrue(
            isinstance(factory.user_query_manager(), UserQueryManager))
        self.assertTrue(
            isinstance(factory.repo_unit_association_manager(),
                       RepoUnitAssociationManager))
        self.assertTrue(isinstance(factory.content_manager(), ContentManager))
        self.assertTrue(
            isinstance(factory.content_query_manager(), ContentQueryManager))
        self.assertTrue(
            isinstance(factory.content_upload_manager(), ContentUploadManager))
        self.assertTrue(isinstance(factory.consumer_manager(),
                                   ConsumerManager))
        self.assertTrue(
            isinstance(factory.topic_publish_manager(), TopicPublishManager))
Beispiel #12
0
def oauth_authentication():
    if not config.getboolean('oauth', 'enabled'):
        return None, False

    username = http.request_info('HTTP_PULP_USER')
    auth = http.http_authorization()
    cert_pem = http.ssl_client_cert()
    if username is None or auth is None:
        if cert_pem is not None:
            raise PulpCodedAuthenticationException(
                error_code=error_codes.PLP0027, user=username)
        return None, False
    meth = http.request_info('REQUEST_METHOD')
    url = http.request_url()
    query = http.request_info('QUERY_STRING')
    userid, is_consumer = factory.authentication_manager().check_oauth(
        username, meth, url, auth, query)
    if userid is None:
        raise PulpCodedAuthenticationException(error_code=error_codes.PLP0028,
                                               user=username)
    _logger.debug("User authenticated with Oauth: %s" % userid)
    return userid, is_consumer