def _verifyUserElsewhere(self, login):
"""Like PAS's _verifyUser, turn a login into an info dict. However, look only in other enumerator plugins, skipping ours so we don't infinitely recurse."""
# Ripped off from PAS 1.6.1.
pas = self._getPAS()
criteria = {'exact_match': True, 'login': login}
view_name = createViewName('_verifyUser', login)
keywords = createKeywords(**criteria)
cached_info = pas.ZCacheable_get(view_name=view_name,
keywords=keywords,
default=None) # somewhat evil, sharing a private(?) cache with PAS. But this runs all the time, and that code hasn't changed forever.
if cached_info is not None:
return cached_info
def test_createKeywords_unicode_umlaut(self):
self.assertEqual(
createKeywords(foo='bar', baz=u'M\344dchen'),
{'keywords': '62e00b7ef8978f85194632b90e829006b0410472'})
def test_createKeywords_latin1_umlaut(self):
self.assertEqual(
createKeywords(foo='bar', baz='M\344dchen'),
{'keywords': '1a952e3797b287f60e034c19dacd0eca49c4f437'})
def test_createKeywords_multiple(self):
self.assertEqual(
createKeywords(foo='bar', baz='peng'),
{'keywords': '0237196c9a6c711223d087676671351510c265be'})
def test_createKeywords_multiple(self):
self.assertEqual(createKeywords(foo='bar', baz='peng'),
{'keywords': '0237196c9a6c711223d087676671351510c265be'})
def test_createKeywords_utf16_umlaut(self):
_ITEMS = (('foo', 'bar'), ('baz', u'M\344dchen'.encode('utf-16')))
hashed = _createHashedValue(_ITEMS)
self.assertEqual(createKeywords(foo='bar',
baz=u'M\344dchen'.encode('utf-16')),
{'keywords': hashed})
def test_createKeywords_multiple(self):
_ITEMS = (('foo', 'bar'), ('baz', 'peng'))
hashed = _createHashedValue(_ITEMS)
self.assertEqual(createKeywords(foo='bar', baz='peng'),
{'keywords': hashed})
def _callFUT(self, *args, **kw):
from Products.PluggableAuthService.utils import createKeywords
return createKeywords(*args, **kw)
def _callFUT(self, *args, **kw):
from Products.PluggableAuthService.utils import createKeywords
return createKeywords(*args, **kw)
def test_createKeywords_unicode_chinese(self):
self.assertEqual(createKeywords(foo='bar', baz=u'\u03a4\u03b6'),
{'keywords': '03b19dff4adbd3b8a2f158456f0f26efe35e1f2c'})
def test_createKeywords_utf16_umlaut(self):
self.assertEqual(createKeywords(foo='bar', baz=u'M\344dchen'.encode('utf-16')),
{'keywords': 'a884c1b0242a14f253e0e361ff1cee808eb18aff'})
def test_createKeywords_unicode_umlaut(self):
self.assertEqual(createKeywords(foo='bar', baz=u'M\344dchen'),
{'keywords': '62e00b7ef8978f85194632b90e829006b0410472'})
def test_createKeywords_latin1_umlaut(self):
self.assertEqual(createKeywords(foo='bar', baz='M\344dchen'),
{'keywords': '1a952e3797b287f60e034c19dacd0eca49c4f437'})
def test_createKeywords_utf16_umlaut(self):
self.assertEqual(
createKeywords(foo='bar', baz=u'M\344dchen'.encode('utf-16')),
{'keywords': 'a884c1b0242a14f253e0e361ff1cee808eb18aff'})
def _extractUserIds( self, request, plugins ):
""" request -> [ validated_user_id ]
o For each set of extracted credentials, try to authenticate
a user; accumulate a list of the IDs of such users over all
our authentication and extraction plugins.
"""
try:
extractors = plugins.listPlugins( IExtractionPlugin )
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
logger.debug('Extractor plugin listing error', exc_info=True)
extractors = ()
if not extractors:
extractors = ( ( 'default', DumbHTTPExtractor() ), )
try:
authenticators = plugins.listPlugins( IAuthenticationPlugin )
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
logger.debug('Authenticator plugin listing error', exc_info=True)
authenticators = ()
result = []
for extractor_id, extractor in extractors:
try:
credentials = extractor.extractCredentials( request )
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
PluggableAuthService.reraise(extractor)
logger.debug( 'ExtractionPlugin %s error' % extractor_id
, exc_info=True
)
continue
if credentials:
try:
credentials[ 'extractor' ] = extractor_id # XXX: in key?
# Test if ObjectCacheEntries.aggregateIndex would work
items = credentials.items()
items.sort()
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
# XXX: would reraise be good here, and which plugin to ask
# whether not to swallow the exception - the extractor?
logger.debug( 'Credentials error: %s' % credentials
, exc_info=True
)
continue
# First try to authenticate against the emergency
# user and return immediately if authenticated
user_id, name = self._tryEmergencyUserAuthentication(
credentials )
if user_id is not None:
return [ ( user_id, name ) ]
# Now see if the user ids can be retrieved from the cache
credentials['login'] = self.applyTransform( credentials.get('login') )
view_name = createViewName('_extractUserIds',
credentials.get('login'))
keywords = createKeywords(**credentials)
user_ids = self.ZCacheable_get( view_name=view_name
, keywords=keywords
, default=None
)
if user_ids is None:
user_ids = []
for authenticator_id, auth in authenticators:
try:
uid_and_info = auth.authenticateCredentials(
credentials )
# logger.info('plugin: %s' % str(auth.id))
# logger.info('uid_and_info: %s' % str(uid_and_info))
# Modificamos este codigo para que si la respuesta del oauthTokenRetriever mrs5.max.auth.py es BadUsernameOrPasswordError
# no continue mirando los siguientes plugins de Authentication Plugins
if auth.id == 'paspreauth' and uid_and_info == 'BadUsernameOrPasswordError' :
break
if uid_and_info is None:
continue
user_id, info = uid_and_info
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
PluggableAuthService.reraise(auth)
msg = 'AuthenticationPlugin %s error' % (
authenticator_id, )
logger.debug(msg, exc_info=True)
continue
if user_id is not None:
user_ids.append( (user_id, info) )
if user_ids:
self.ZCacheable_set( user_ids
, view_name=view_name
, keywords=keywords
)
result.extend( user_ids )
# Emergency user via HTTP basic auth always wins
user_id, name = self._tryEmergencyUserAuthentication(
DumbHTTPExtractor().extractCredentials( request ) )
if user_id is not None:
return [ ( user_id, name ) ]
return result
def test_createKeywords_unicode_chinese(self):
self.assertEqual(
createKeywords(foo='bar', baz=u'\u03a4\u03b6'),
{'keywords': '03b19dff4adbd3b8a2f158456f0f26efe35e1f2c'})
def _extractUserIds(self, request, plugins):
""" request -> [ validated_user_id ]
o For each set of extracted credentials, try to authenticate
a user; accumulate a list of the IDs of such users over all
our authentication and extraction plugins.
"""
try:
extractors = plugins.listPlugins(IExtractionPlugin)
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
log.info('Extractor plugin listing error', exc_info=True)
extractors = ()
if not extractors:
extractors = (('default', DumbHTTPExtractor()), )
try:
authenticators = plugins.listPlugins(IAuthenticationPlugin)
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
log.info('Authenticator plugin listing error', exc_info=True)
authenticators = ()
result = []
for extractor_id, extractor in extractors:
try:
credentials = extractor.extractCredentials(request)
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
log.info('ExtractionPlugin %s error' % extractor_id, exc_info=True)
continue
if credentials:
try:
credentials['extractor'] = extractor_id # XXX: in key?
# Test if ObjectCacheEntries.aggregateIndex would work
items = credentials.items()
items.sort()
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
log.info('Credentials error: %s' % credentials, exc_info=True)
continue
# First try to authenticate against the emergency
# user and return immediately if authenticated
user_id, name = self._tryEmergencyUserAuthentication(credentials)
if user_id is not None:
return [(user_id, name)]
# Now see if the user ids can be retrieved from the cache
view_name = createViewName('_extractUserIds',
credentials.get('login'))
keywords = createKeywords(**credentials)
user_ids = None
account_locker = getattr(self, 'account_locker_plugin', None)
if not account_locker:
user_ids = self.ZCacheable_get(view_name=view_name,
keywords=keywords,
default=None)
else:
if account_locker.isLocked(credentials.get('login')):
user_ids = self.ZCacheable_get(view_name=view_name,
keywords=keywords,
default=None)
if user_ids is None:
user_ids = []
for authenticator_id, auth in authenticators:
try:
uid_and_info = auth.authenticateCredentials(
credentials)
if uid_and_info is None:
continue
user_id, info = uid_and_info
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
msg = 'AuthenticationPlugin %s error' % (
authenticator_id, )
log.info(msg, exc_info=True)
continue
except Locked:
break
if user_id is not None:
user_ids.append((user_id, info))
if user_ids:
self.ZCacheable_set(user_ids,
view_name=view_name,
keywords=keywords)
result.extend(user_ids)
# Emergency user via HTTP basic auth always wins
user_id, name = self._tryEmergencyUserAuthentication(
DumbHTTPExtractor().extractCredentials(request))
if user_id is not None:
return [(user_id, name)]
return result
def test_createKeywords(self):
_ITEMS = (('foo', 'bar'),)
hashed = _createHashedValue(_ITEMS)
self.assertEqual(createKeywords(foo='bar'),
{'keywords': hashed})
def _reportek_extractUserIds( self, request, plugins ):
""" request -> [ validated_user_id ]
o For each set of extracted credentials, try to authenticate
a user; accumulate a list of the IDs of such users over all
our authentication and extraction plugins.
"""
try:
extractors = plugins.listPlugins( IExtractionPlugin )
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
logger.debug('Extractor plugin listing error', exc_info=True)
extractors = ()
if not extractors:
extractors = ( ( 'default', DumbHTTPExtractor() ), )
try:
authenticators = plugins.listPlugins( IAuthenticationPlugin )
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
logger.debug('Authenticator plugin listing error', exc_info=True)
authenticators = ()
result = []
for extractor_id, extractor in extractors:
try:
credentials = extractor.extractCredentials( request )
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
reraise(extractor)
logger.debug( 'ExtractionPlugin %s error' % extractor_id
, exc_info=True
)
continue
if credentials:
try:
credentials[ 'extractor' ] = extractor_id # XXX: in key?
# Test if ObjectCacheEntries.aggregateIndex would work
items = credentials.items()
items.sort()
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
# XXX: would reraise be good here, and which plugin to ask
# whether not to swallow the exception - the extractor?
logger.debug( 'Credentials error: %s' % credentials
, exc_info=True
)
continue
# First try to authenticate against the emergency
# user and return immediately if authenticated
user_id, name = self._tryEmergencyUserAuthentication(
credentials )
if user_id is not None:
return [ ( user_id, name ) ]
# Now see if the user ids can be retrieved from the cache
credentials['login'] = self.applyTransform( credentials.get('login') )
view_name = createViewName('_extractUserIds',
credentials.get('login'))
keywords = createKeywords(**credentials)
user_ids = self.ZCacheable_get( view_name=view_name
, keywords=keywords
, default=None
)
if user_ids is None:
user_ids = []
for authenticator_id, auth in authenticators:
try:
uid_and_info = auth.authenticateCredentials(
credentials )
if uid_and_info is None:
continue
user_id, info = uid_and_info
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
reraise(auth)
msg = 'AuthenticationPlugin %s error' % (
authenticator_id, )
logger.debug(msg, exc_info=True)
continue
if user_id is not None:
user_ids.append( (user_id, info) )
if user_ids:
self.ZCacheable_set( user_ids
, view_name=view_name
, keywords=keywords
)
result.extend( user_ids )
# Emergency user via HTTP basic auth always wins
user_id, name = self._tryEmergencyUserAuthentication(
DumbHTTPExtractor().extractCredentials( request ) )
if user_id is not None:
return [ ( user_id, name ) ]
return result
def test_createKeywords_utf8_umlaut(self):
_ITEMS = (('foo', 'bar'), ('baz', 'M\303\244dchen'))
hashed = _createHashedValue(_ITEMS)
self.assertEqual(createKeywords(foo='bar', baz='M\303\244dchen'),
{'keywords': hashed})
def test_createKeywords(self):
self.assertEqual(
createKeywords(foo='bar'),
{'keywords': '8843d7f92416211de9ebb963ff4ce28125932878'})
def test_createKeywords_unicode_chinese(self):
_ITEMS = (('foo', 'bar'), ('baz', u'\u03a4\u03b6'))
hashed = _createHashedValue(_ITEMS)
self.assertEqual(createKeywords(foo='bar', baz=u'\u03a4\u03b6'),
{'keywords': hashed})
def test_createKeywords(self):
self.assertEqual(createKeywords(foo='bar'),
{'keywords': '8843d7f92416211de9ebb963ff4ce28125932878'})
