def finish(self, data):
"""Process success indicator from the server.
Process any addiitional data passed with the success.
Fail if the server was not authenticated.
:Parameters:
- `data`: an optional additional data with success.
:Types:
- `data`: `str`
:return: success or failure indicator.
:returntype: `sasl.Success` or `sasl.Failure`"""
if not self.response_auth:
self.__logger.debug("Got success too early")
return Failure("bad-success")
if self.rspauth_checked:
return Success(self.username, self.realm, self.authzid)
else:
r = self._final_challenge(data)
if isinstance(r, Failure):
return r
if self.rspauth_checked:
return Success(self.username, self.realm, self.authzid)
else:
self.__logger.debug(
"Something went wrong when processing additional data with success?"
)
return Failure("bad-success")
def response(self,response):
"""Process a client reponse.
:Parameters:
- `response`: the response from the client.
:Types:
- `response`: `str`
:return: a challenge, a success indicator or a failure indicator.
:returntype: `sasl.Challenge`, `sasl.Success` or `sasl.Failure`"""
s=response.split("\000")
if len(s)!=3:
self.__logger.debug("Bad response: %r" % (response,))
return Failure("not-authorized")
authzid,username,password=s
authzid=from_utf8(authzid)
username=from_utf8(username)
password=from_utf8(password)
if not self.password_manager.check_password(username,password):
self.__logger.debug("Bad password. Response was: %r" % (response,))
return Failure("not-authorized")
info={"mechanism":"PLAIN","username":username}
if self.password_manager.check_authzid(authzid,info):
return Success(username,None,authzid)
else:
self.__logger.debug("Authzid verification failed.")
return Failure("invalid-authzid")
def finish(self, data):
"""Handle authentication success information from the server.
:Parameters:
- `data`: the optional additional data returned with the success.
:Types:
- `data`: `str`
:return: a success indicator.
:returntype: `Success`"""
_unused = data
return Success(self.username, None, self.authzid)
def response(self, response):
"""Process a client reponse.
:Parameters:
- `response`: the response from the client.
:Types:
- `response`: `str`
:return: a challenge, a success indicator or a failure indicator.
:returntype: `sasl.Challenge`, `sasl.Success` or `sasl.Failure`"""
if self.done:
return Success(self.username, self.realm, self.authzid)
if not response:
return Failure("not-authorized")
return self._parse_response(response)
def finish(self, data):
return Success(None)
def finish(self, data):
self.username = kerberos.authGSSClientUserName(self._gss)
self.__logger.debug("Authenticated as %s" %
kerberos.authGSSClientUserName(self._gss))
return Success(self.username, None, self.authzid)
def finish(self, data):
_unused = data
return Success(self.username, None, self.authzid)