def __init__(self, memcached_client, interaction_pool):
self._log = logging.getLogger("InteractionPoolAuthenticator")
self._interaction_pool = interaction_pool
self._collection_lookup = CollectionLookup(memcached_client,
interaction_pool)
self._customer_lookup = CustomerIdLookup(memcached_client,
interaction_pool)
self._customer_key_lookup = CustomerKeyLookup(memcached_client,
interaction_pool)
class InteractionPoolAuthenticator(object):
def __init__(self, memcached_client, interaction_pool):
self._log = logging.getLogger("InteractionPoolAuthenticator")
self._interaction_pool = interaction_pool
self._collection_lookup = CollectionLookup(memcached_client, interaction_pool)
self._customer_lookup = CustomerIdLookup(memcached_client, interaction_pool)
self._customer_key_lookup = CustomerKeyLookup(memcached_client, interaction_pool)
def authenticate(self, collection_name, access_type, req):
"""
establish that this is a valid user and a valid collection
return collection_entry if valid
raise AccessUnauthorized(error_message) if invalid
"""
collection_row = self._collection_lookup.get(collection_name.lower())
if collection_row is None:
error_message = "unknown collection {0}".format(collection_name)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
if access_type is not None:
access_result = check_access_control(access_type, req, collection_row["access_control"])
if access_result == access_allowed:
return collection_row
if access_result == access_forbidden:
raise AccessForbidden()
assert access_result == access_requires_password_authentication
customer_row = self._customer_lookup.get(collection_row["customer_id"])
if customer_row is None:
error_message = "unknown customer {0}".format(collection_name)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
try:
auth_type, auth_string = req.authorization
except Exception, instance:
error_message = "invalid req.authorization {0} {1}".format(instance, req.authorization)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
if auth_type != "NIMBUS.IO":
error_message = "unknown auth_type %r" % (auth_type,)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
try:
key_id, signature = auth_string.split(":", 1)
except Exception, instance:
error_message = "invalid auth_string {0} {1}".format(instance, auth_string)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
def __init__(self, memcached_client, interaction_pool):
self._log = logging.getLogger("InteractionPoolAuthenticator")
self._interaction_pool = interaction_pool
self._collection_lookup = CollectionLookup(memcached_client, interaction_pool)
self._customer_lookup = CustomerIdLookup(memcached_client, interaction_pool)
self._customer_key_lookup = CustomerKeyLookup(memcached_client, interaction_pool)
class InteractionPoolAuthenticator(object):
def __init__(self, memcached_client, interaction_pool):
self._log = logging.getLogger("InteractionPoolAuthenticator")
self._interaction_pool = interaction_pool
self._collection_lookup = CollectionLookup(memcached_client,
interaction_pool)
self._customer_lookup = CustomerIdLookup(memcached_client,
interaction_pool)
self._customer_key_lookup = CustomerKeyLookup(memcached_client,
interaction_pool)
def authenticate(self, collection_name, access_type, req):
"""
establish that this is a valid user and a valid collection
return collection_entry if valid
raise AccessUnauthorized(error_message) if invalid
"""
collection_row = self._collection_lookup.get(collection_name.lower())
if collection_row is None:
error_message = "unknown collection {0}".format(collection_name)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
if access_type is not None:
access_result = \
check_access_control(access_type,
req,
collection_row["access_control"])
if access_result == access_allowed:
return collection_row
if access_result == access_forbidden:
raise AccessForbidden()
assert access_result == access_requires_password_authentication
customer_row = self._customer_lookup.get(collection_row["customer_id"])
if customer_row is None:
error_message = "unknown customer {0}".format(collection_name)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
try:
auth_type, auth_string = req.authorization
except Exception, instance:
error_message = "invalid req.authorization {0} {1}".format(
instance,
req.authorization)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
if auth_type != 'NIMBUS.IO':
error_message = "unknown auth_type %r" % (auth_type, )
self._log.error(error_message)
raise AccessUnauthorized(error_message)
try:
key_id, signature = auth_string.split(':', 1)
except Exception, instance:
error_message = "invalid auth_string {0} {1}".format(
instance, auth_string)
self._log.error(error_message)
raise AccessUnauthorized(error_message)
