def _handle_auth(self, feat): mechanism = None # Always favour DIGEST-MD5 if supported by receiving entity if u'DIGEST-MD5' in feat.mechanisms: mechanism = u'DIGEST-MD5' token = None elif u'PLAIN' in feat.mechanisms: mechanism = u'PLAIN' email = '%s@%s' % (self.jid.node, self.jid.domain) password = self.password_lookup(self.jid) token = generate_credential(email, self.jid.node, password) elif u'X-GOOGLE-TOKEN' in feat.mechanisms: mechanism = u'X-GOOGLE-TOKEN' password = self.password_lookup(self.jid) token = perform_authentication(self.jid.node, password) elif u'ANONYMOUS' in feat.mechanisms: mechanism = u'ANONYMOUS' token = None else: # We don't support any of the proposed mechanism # let's abort the SASL exchange auth = E(u'abort', namespace=XMPP_SASL_NS) self.propagate(element=auth) return auth = E(u'auth', content=token, attributes={u'mechanism': mechanism}, namespace=XMPP_SASL_NS) self.propagate(element=auth)
def handle_features(self, e): """ XMPP handler for stream features. It will: * return immediatly if the element has no children. * initiates the TLS negociation (from the stream point of view) if `self.tls` is `True` and the feature has a `<starttls /> child. * initiates the authentication based on the supported mechanisms or abort if none is found. """ if not e.xml_children: return if self.use_tls and e.has_child('starttls', XMPP_TLS_NS): return "<starttls xmlns='%s' />" % XMPP_TLS_NS # We don't actually handle registration here # but if the register module has been loaded # we do not want to interfere by trying to authenticate straight away either if self.register and e.has_child( 'register', "http://jabber.org/features/iq-register"): return mech = e.get_child('mechanisms', XMPP_SASL_NS) mechanisms = [] if mech: mechanisms = [] for m in mech.xml_children: if m.is_mixed_content(): mechanisms.append(m.collapse(separator='')) else: mechanisms.append(m.xml_text) mechanism = None # Always favour DIGEST-MD5 if supported by receiving entity if u'DIGEST-MD5' in mechanisms: mechanism = u'DIGEST-MD5' token = None elif u'PLAIN' in mechanisms: mechanism = u'PLAIN' email = '%s@%s' % (self.jid.node, self.jid.domain) password = self.password token = generate_credential(email, self.jid.node, password) elif u'X-GOOGLE-TOKEN' in mechanisms: mechanism = u'X-GOOGLE-TOKEN' password = self.password token = perform_authentication(self.jid.node, password) elif u'ANONYMOUS' in mechanisms: mechanism = u'ANONYMOUS' token = None else: # We don't support any of the proposed mechanism # let's abort the SASL exchange return E(u'abort', namespace=XMPP_SASL_NS) return E(u'auth', content=token, attributes={u'mechanism': mechanism}, namespace=XMPP_SASL_NS)
def handle_features(self, e): """ XMPP handler for stream features. It will: * return immediatly if the element has no children. * initiates the TLS negociation (from the stream point of view) if `self.tls` is `True` and the feature has a `<starttls /> child. * initiates the authentication based on the supported mechanisms or abort if none is found. """ if not e.xml_children: return if self.use_tls and e.has_child('starttls', XMPP_TLS_NS): return "<starttls xmlns='%s' />" % XMPP_TLS_NS # We don't actually handle registration here # but if the register module has been loaded # we do not want to interfere by trying to authenticate straight away either if self.register and e.has_child('register', "http://jabber.org/features/iq-register"): return mech = e.get_child('mechanisms', XMPP_SASL_NS) mechanisms = [] if mech: mechanisms = [] for m in mech.xml_children: if m.is_mixed_content(): mechanisms.append(m.collapse(separator='')) else: mechanisms.append(m.xml_text) mechanism = None # Always favour DIGEST-MD5 if supported by receiving entity if u'DIGEST-MD5' in mechanisms: mechanism = u'DIGEST-MD5' token = None elif u'PLAIN' in mechanisms: mechanism = u'PLAIN' email = '%s@%s' % (self.jid.node, self.jid.domain) password = self.password token = generate_credential(email, self.jid.node, password) elif u'X-GOOGLE-TOKEN' in mechanisms: mechanism = u'X-GOOGLE-TOKEN' password = self.password token = perform_authentication(self.jid.node, password) elif u'ANONYMOUS' in mechanisms: mechanism = u'ANONYMOUS' token = None else: # We don't support any of the proposed mechanism # let's abort the SASL exchange return E(u'abort', namespace=XMPP_SASL_NS) return E(u'auth', content=token, attributes={u'mechanism': mechanism}, namespace=XMPP_SASL_NS)