Example #1
0
def get_auth_credentials(request: Request) -> Optional[Credentials]:
    """
    Gets username and password as a :class:`Credentials` obejct, from an HTTP
    request. Returns ``None`` if there is a problem.
    """
    authorization = AUTHORIZATION(request.environ)
    try:
        authmeth, auth = authorization.split(' ', 1)
    except ValueError:  # not enough values to unpack
        return None
    if authmeth.lower() == 'basic':  # ensure rquest is using basicauth
        try:
            # auth = auth.strip().decode('base64')
            auth = base64.b64decode(auth.strip())
        except binascii.Error:  # can't decode
            return None
        # Turn it back into a string
        auth = "".join(chr(x) for x in auth)
        try:
            username, password = auth.split(':', 1)
        except ValueError:  # not enough values to unpack
            return None
        return Credentials(username, password)

    return None
Example #2
0
    def identify(self, environ):
        """Lookup the owner """
        # New way using standard Authencation header
        # Authentication: Mex user_id mex_token
        authorization = AUTHORIZATION(environ)
        try:
            auth = authorization.split(' ')
        except ValueError:  # not enough values to unpack
            auth = None

        if auth and auth[0].lower() == 'mex':
            log.debug("MexIdentify %s", auth)
            try:
                user, token = auth[1].split(':')
                return {'bisque.mex_user': user, 'bisque.mex_token': token}
            except ValueError:
                pass

        # OLD Way using custom header  (deprecated)
        mexheader = environ.get('HTTP_MEX', None)
        if mexheader:
            try:
                # OLD code may ship a NEW token with the OLD header.
                user, token = mexheader.split(':')
                return {'bisque.mex_user': user, 'bisque.mex_token': token}
            except ValueError:
                return {'bisque.mex_token': mexheader}
        return None
Example #3
0
 def identify(self, environ):
     authorization = AUTHORIZATION(environ)
     tokens = authorization.split(" ")
     if len(tokens) != 2:
         return None
     if tokens[0] != "Bearer":
         return None
     return {"access_token": tokens[1]}
Example #4
0
 def identify(self, environ):
     authorization = AUTHORIZATION(environ)
     tokens = authorization.split(" ")
     if len(tokens) != 2:
         return None
     if tokens[0] != "Bearer":
         return None
     return {"access_token": tokens[1]}
Example #5
0
 def authenticate(self, environ, identity):
     authorization = AUTHORIZATION(environ)
     try:
         authmeth, auth = authorization.split(' ', 1)
     except ValueError: # not enough values to unpack
         return None
     if authmeth.lower() == 'apikey':
         acc = account.find_one_by('api_key', auth.strip())
         if acc is not None:
             return acc['name']
Example #6
0
 def authenticate(self, environ, identity):
     authorization = AUTHORIZATION(environ)
     try:
         authmeth, auth = authorization.split(' ', 1)
     except ValueError:  # not enough values to unpack
         return None
     if authmeth.lower() == 'apikey':
         acc = Account.by_api_key(auth.strip())
         if acc is not None:
             return acc.name
Example #7
0
def _get_basicauth_credentials(request):
    try:
        authorization = AUTHORIZATION(request.environ)
        authmeth, auth = authorization.split(' ', 1)
        assert authmeth.lower() == 'basic'
        auth = auth.strip().decode('base64')
        username, password = auth.split(':', 1)
        return {'username': username, 'password': password}

    except (AssertionError, ValueError, binascii):
        return None
Example #8
0
def parse_auth_header(request):
    """
    Parse HTTP auth headers
    :param request: <pyramid_request>
    :return: <tuple> auth method and auth credentials
    """
    authorization = AUTHORIZATION(request.environ)
    try:
        authmethod, auth = authorization.split(' ', 1)
        return authmethod.lower(), auth
    except ValueError:  # not enough values to unpack
        raise HTTPBadRequest()
Example #9
0
def parse_auth_header(request):
    """
    Parse HTTP auth headers
    :param request: <pyramid_request>
    :return: <tuple> auth method and auth credentials
    """
    authorization = AUTHORIZATION(request.environ)
    try:
        authmethod, auth = authorization.split(' ', 1)
        return authmethod.lower(), auth
    except ValueError:  # not enough values to unpack
        raise HTTPBadRequest()
Example #10
0
 def authenticate(self, environ):
     authorization = AUTHORIZATION(environ)
     if not authorization:
         return self.build_authentication()
     (authmeth, auth) = authorization.split(' ', 1)
     if 'basic' != authmeth.lower():
         return self.build_authentication()
     auth = auth.strip().decode('base64')
     username, password = auth.split(':', 1)
     if check_credentials(
         username, password, self.htaccess, self.auth_type):
         return username
     return self.build_authentication()
Example #11
0
 def authenticate(self, environ):
     authorization = AUTHORIZATION(environ)
     if not authorization:
         return self.build_authentication()
     (authmeth, auth) = authorization.split(' ', 1)
     if 'basic' != authmeth.lower():
         return self.build_authentication()
     auth = base64.b64decode(auth.strip()).decode('utf-8')
     username, password = auth.split(':', 1)
     if check_credentials(
             username, password, self.htaccess, self.auth_type):
         # paste expects a str() type.
         return str(username)
     return self.build_authentication()
Example #12
0
 def authenticate(self, environ):
     authorization = AUTHORIZATION(environ)
     if not authorization:
         return self.build_authentication()
     (authmeth, auth) = authorization.split(' ', 1)
     if 'basic' != authmeth.lower():
         return self.build_authentication()
     auth = auth.strip().decode('base64')
     _parts = auth.split(':', 1)
     if len(_parts) == 2:
         username, password = _parts
         if self.authfunc(environ, username, password):
             return username
     return self.build_authentication()
Example #13
0
 def authenticate(self, environ):
     authorization = AUTHORIZATION(environ)
     if not authorization:
         return self.build_authentication()
     (authmeth, auth) = authorization.split(' ', 1)
     if 'basic' != authmeth.lower():
         return self.build_authentication()
     auth = auth.strip().decode('base64')
     _parts = auth.split(':', 1)
     if len(_parts) == 2:
         username, password = _parts
         if self.authfunc(environ, username, password):
             return username
     return self.build_authentication()
Example #14
0
    def _parse_params(self, environ):
        # Try to find the parameters in various sources,
        # reflecting preference order:
        # Query string
        params = dict(parse_querystring(environ))
        # POST body
        request = Request(environ)
        if request.content_type == 'application/x-www-form-urlencoded':
            body = request.body
            params.update(parse_formvars(environ, include_get_vars=False))
            request.body = body
        # Authorization header
        auth_header = AUTHORIZATION(environ)
        if auth_header:
            try:
                params.update(oauth2.Request._split_header(auth_header))
            except:
                pass
        # Remove the non-oauth params
        if params:
            for key in params.keys():
                if not (key.startswith('oauth_') or key == 'realm'):
                    del params[key]

        return dict(params)
Example #15
0
def _get_basicauth_credentials(request):
    authorization = AUTHORIZATION(request.environ)
    try:
        authmeth, auth = authorization.split(' ', 1)
    except ValueError: # not enough values to unpack
        return None
    if authmeth.lower() == 'basic':
        try:
            auth = auth.strip().decode('base64')
        except binascii.Error: # can't decode
            return None
        try:
            login, password = auth.split(':', 1)
        except ValueError: # not enough values to unpack
            return None
        return {'login':login, 'password':password}
    return None
Example #16
0
def _get_basicauth_credentials(request):
    authorization = AUTHORIZATION(request.environ)
    try:
        authmeth, auth = authorization.split(' ', 1)
    except ValueError:  # not enough values to unpack
        return None
    if authmeth.lower() == 'basic':
        try:
            auth = auth.strip().decode('base64')
        except binascii.Error:  # can't decode
            return None
        try:
            login, password = auth.split(':', 1)
        except ValueError:  # not enough values to unpack
            return None
        return {'login': login, 'password': password}

    return None
Example #17
0
    def identify(self, environ):
        authorization = AUTHORIZATION(environ)
        try:
            authmeth, auth = authorization.split(' ', 1)
        except ValueError: # not enough values to unpack
            return None
        if authmeth.lower() == 'basic':
            try:
                auth = auth.strip().decode('base64')
            except binascii.Error: # can't decode
                return None
            try:
                login, password = auth.split(':', 1)
            except ValueError: # not enough values to unpack
                return None
            auth = {'login':login, 'password':password}
            return auth

        return None
Example #18
0
File: auth.py Project: T0MASD/keel
def get_basicauth_credentials(request):
    from paste.httpheaders import AUTHORIZATION
    authorization = AUTHORIZATION(request.environ)
    try:
        authmeth, auth = authorization.split(' ', 1)
    except ValueError:  # not enough values to unpack
        return None
    if authmeth.lower() == 'basic':
        try:
            auth = auth.strip().decode('base64')
        except binascii.Error:  # can't decode
            return None
        try:
            username, password = auth.split(':', 1)
        except ValueError:  # not enough values to unpack
            return None
        return {'username': username, 'password': password}

    return None
Example #19
0
    def identify(self, environ):
        authorization = AUTHORIZATION(environ)
        try:
            authmeth, auth = authorization.split(' ', 1)
        except ValueError:  # not enough values to unpack
            return None
        if authmeth.lower() == 'basic':
            try:
                auth = auth.strip().decode('base64')
            except binascii.Error:  # can't decode
                return None
            try:
                login, password = auth.split(':', 1)
            except ValueError:  # not enough values to unpack
                return None
            auth = {'login': login, 'password': password}
            return auth

        return None
Example #20
0
def get_basicauth_credentials(request):
    """ Get the user/password from HTTP basic auth """
    authorization = AUTHORIZATION(request.environ)
    try:
        authmeth, auth = authorization.split(' ', 1)
    except ValueError:  # not enough values to unpack
        return None
    if authmeth.lower() == 'basic':
        try:
            auth = b64decode(auth.strip()).decode('utf8')
        except (TypeError, binascii.Error):  # can't decode
            return None
        try:
            login, password = auth.split(':', 1)
        except ValueError:  # not enough values to unpack
            return None
        return {'login': login, 'password': password}

    return None
Example #21
0
def get_basicauth_credentials(request):
    """ Get the user/password from HTTP basic auth """
    authorization = AUTHORIZATION(request.environ)
    try:
        authmeth, auth = authorization.split(" ", 1)
    except ValueError:  # not enough values to unpack
        return None
    if authmeth.lower() == "basic":
        try:
            auth = b64decode(auth.strip()).decode("utf8")
        except (TypeError, binascii.Error):  # can't decode
            return None
        try:
            login, password = auth.split(":", 1)
        except ValueError:  # not enough values to unpack
            return None
        return {"login": login, "password": password}

    return None
Example #22
0
File: auth.py Project: T0MASD/keel
def get_basicauth_credentials(request):
    from paste.httpheaders import AUTHORIZATION

    authorization = AUTHORIZATION(request.environ)
    try:
        authmeth, auth = authorization.split(" ", 1)
    except ValueError:  # not enough values to unpack
        return None
    if authmeth.lower() == "basic":
        try:
            auth = auth.strip().decode("base64")
        except binascii.Error:  # can't decode
            return None
        try:
            username, password = auth.split(":", 1)
        except ValueError:  # not enough values to unpack
            return None
        return {"username": username, "password": password}

    return None
Example #23
0
    def authenticate(self, environ):
        authorization = AUTHORIZATION(environ)
        if not authorization:
            return self.build_authentication()
        (authmeth, auth) = authorization.split(' ', 1)
        if 'basic' != authmeth.lower():
            return self.build_authentication()
        auth = auth.strip().decode('base64')
        _parts = auth.split(':', 1)
        if len(_parts) == 2:
            username, password = _parts
            if self.authfunc(
                    username, password, environ, VCS_TYPE):
                return username
            if username and password:
                # we mark that we actually executed authentication once, at
                # that point we can use the alternative auth code
                self.initial_call = False

        return self.build_authentication()
Example #24
0
    def identify(self, environ):
        """
        Try to identify user based on api key authorization in header
        """

        # Get the authorization header as passed through paster
        authorization = AUTHORIZATION(environ)
        log.debug(authorization)
        # Split the authorization header value by whitespace
        try:
            method, auth = authorization.split(' ', 1)
        except ValueError:
            # not enough values to unpack
            return None

        # If authentication method is apikey we return the identity
        if method.lower() == 'apikey':
            return {'apikey': auth.strip()}

        # Return None if we get here (identity not found)
        return None
Example #25
0
def check(username, password, path="/"):
    """ perform two-stage authentication to verify login """
    (status,headers,content,errors) = \
        raw_interactive(application,path, accept='text/html')
    assert status.startswith("401")
    challenge = WWW_AUTHENTICATE(headers)
    response = AUTHORIZATION(username=username, password=password,
                             challenge=challenge, path=path)
    assert "Digest" in response and username in response
    (status,headers,content,errors) = \
        raw_interactive(application,path,
                        HTTP_AUTHORIZATION=response)
    if status.startswith("200"):
        return content
    if status.startswith("401"):
        return None
    assert False, "Unexpected Status: %s" % status