コード例 #1
0
ファイル: auth.py プロジェクト: TurboGears/tg2
    def _add_middleware(self, conf, app):
        """
        Configure authentication and authorization.
        """
        # Start with the current configured authentication options.
        # Depending on the auth backend a new auth_args dictionary
        # can replace this one later on.
        auth_backend = conf['auth_backend']
        if auth_backend not in self.SUPPORTED_AUTH_BACKENDS:
            return app

        auth_args = get_partial_dict('sa_auth', conf)

        # Removing keywords not used by repoze.who:
        auth_args.pop('password_encryption_method', None)

        # Removing authmetadata as is not used by repoze.who:
        tgauthmetadata = auth_args.pop('authmetadata', None)

        try:
            pos = auth_args['authenticators'].index(('default', None))
        except KeyError:
            # Didn't specify authenticators, setup default one
            pos = None
        except ValueError:
            # Specified authenticators and default is not in there
            # so we want to skip default TG auth configuration.
            pos = -1

        if pos is None or pos >= 0:
            if getattr(tgauthmetadata, 'authenticate', None) is not None:
                from tg.configuration.auth import create_default_authenticator
                auth_args, tgauth = create_default_authenticator(tgauthmetadata, **auth_args)
                authenticator = ('tgappauth', tgauth)
            elif auth_backend == "sqlalchemy":  # pragma: no cover
                warnings.warn('sqlauth is deprecated, you should add authenticate method '
                              'to your authmetadata instance in app_cfg', DeprecationWarning, 2)
                from tg.configuration.sqla.auth import create_default_authenticator
                auth_args, sqlauth = create_default_authenticator(**auth_args)
                authenticator = ('sqlauth', sqlauth)
            elif auth_backend == "ming":  # pragma: no cover
                warnings.warn('mingauth is deprecated, you should add authenticate method '
                              'to your authmetadata instance in app_cfg', DeprecationWarning, 2)
                from tg.configuration.mongo.auth import create_default_authenticator
                auth_args, mingauth = create_default_authenticator(**auth_args)
                authenticator = ('mingauth', mingauth)
            else:
                authenticator = None

            if authenticator is not None:
                if pos is None:
                    auth_args['authenticators'] = [authenticator]
                else:
                    # We make a copy so that we don't modify the original one.
                    auth_args['authenticators'] = auth_args['authenticators']
                    auth_args['authenticators'][pos] = authenticator

        from tg.configuration.auth import setup_auth
        app = setup_auth(app, skip_authentication=conf['skip_authentication'], **auth_args)
        return app
コード例 #2
0
ファイル: test_authz.py プロジェクト: vzhz/function_generator
def make_app(controller_klass,
             environ=None,
             with_errors=False,
             config_options=None):
    """Creates a ``TestApp`` instance."""
    authmetadata = TestAuthMetadata()

    config_options = config_options or {}
    config_options.setdefault('sa_auth', {})

    sa_auth = config_options['sa_auth']
    sa_auth.update({'authmetadata': authmetadata})

    app = base_make_app(controller_klass, environ or {}, config_options,
                        with_errors).app

    # Setting repoze.who up:
    from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin
    cookie = AuthTktCookiePlugin('secret', 'authtkt')
    identifiers = [('cookie', cookie)]

    app = setup_auth(app,
                     identifiers=identifiers,
                     skip_authentication=True,
                     authenticators=[],
                     challengers=[])

    # As setup_auth with skip_authentication sets empty authenticators always
    # we must manually append it after creating the middleware.
    app.api_factory.authenticators.append(('cookie', cookie))

    return TestApp(app)
コード例 #3
0
def make_app(controller_klass, environ={}, with_errors=False):
    """Creates a ``TestApp`` instance."""
    # The basic middleware:
    app = TGApp(config=default_config)
    app.controller_classes['root'] = ControllerWrap(controller_klass)

    app = FakeRoutes(app)
    
    if with_errors:
        app = ErrorHandler(app, {}, debug=False)
        app = StatusCodeRedirect(app, [403, 404, 500])
    app = RegistryManager(app)
    app = SessionMiddleware(app, {}, data_dir=session_dir)
    app = CacheMiddleware(app, {}, data_dir=os.path.join(data_dir, 'cache'))

    # Setting repoze.who up:
    from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin
    cookie = AuthTktCookiePlugin('secret', 'authtkt')
    identifiers = [('cookie', cookie)]

    app = setup_auth(app, TestAuthMetadata(),
                     identifiers=identifiers, skip_authentication=True,
                     authenticators=[], challengers=[])

    # As setup_auth with skip_authentication sets empty authenticators always
    # we must manually append it after creating the middleware.
    app.api_factory.authenticators.append(('cookie', cookie))

    return TestApp(app)
コード例 #4
0
ファイル: test_authz.py プロジェクト: wukele/tg2
def make_app(controller_klass, environ={}, with_errors=False):
    """Creates a ``TestApp`` instance."""
    # The basic middleware:
    app = TGApp(config=default_config)
    app.controller_classes['root'] = ControllerWrap(controller_klass)

    app = FakeRoutes(app)
    
    if with_errors:
        app = ErrorHandler(app, {}, debug=False)
        app = StatusCodeRedirect(app, [403, 404, 500])
    app = RegistryManager(app)
    app = SessionMiddleware(app, {}, data_dir=session_dir)
    app = CacheMiddleware(app, {}, data_dir=os.path.join(data_dir, 'cache'))

    # Setting repoze.who up:
    from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin
    cookie = AuthTktCookiePlugin('secret', 'authtkt')
    identifiers = [('cookie', cookie)]

    app = setup_auth(app, TGAuthMetadata(),
                     identifiers=identifiers, skip_authentication=True,
                     authenticators=[], challengers=[])

    return TestApp(app)
コード例 #5
0
ファイル: test_authz.py プロジェクト: lucius-feng/tg2
def make_app(controller_klass, environ={}, with_errors=False, config_options=None):
    """Creates a ``TestApp`` instance."""
    authmetadata = TestAuthMetadata()

    config_options = config_options or {}
    config_options.setdefault('sa_auth', {})

    sa_auth = config_options['sa_auth']
    sa_auth.update({
        'authmetadata': authmetadata
    })

    app = base_make_app(controller_klass, environ, config_options, with_errors).app

    # Setting repoze.who up:
    from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin
    cookie = AuthTktCookiePlugin('secret', 'authtkt')
    identifiers = [('cookie', cookie)]

    app = setup_auth(app, identifiers=identifiers, skip_authentication=True,
                     authenticators=[], challengers=[])

    # As setup_auth with skip_authentication sets empty authenticators always
    # we must manually append it after creating the middleware.
    app.api_factory.authenticators.append(('cookie', cookie))

    return TestApp(app)
コード例 #6
0
def make_app(controller_klass, environ={}, with_errors=False):
    """Creates a ``TestApp`` instance."""
    # The basic middleware:
    app = ControllerWrap(controller_klass)
    app = SetupCacheGlobal(app, environ, setup_cache=True, setup_session=True)
    if with_errors:
        app = ErrorHandler(app, {}, debug=False)
        app = StatusCodeRedirect(app, [403, 404, 500])
    app = RegistryManager(app)
    app = SessionMiddleware(app, {}, data_dir=session_dir)
    app = CacheMiddleware(app, {}, data_dir=os.path.join(data_dir, 'cache'))

    # Setting repoze.who up:
    cookie = AuthTktCookiePlugin('secret', 'authtkt')
    identifiers = [('cookie', cookie)]

    app = setup_auth(app, TGAuthMetadata(),
                     identifiers=identifiers, skip_authentication=True,
                     authenticators=[], challengers=[])

    app = httpexceptions.make_middleware(app)
    return TestApp(app)
コード例 #7
0
ファイル: app_config.py プロジェクト: chiehwen/tg2
    def add_auth_middleware(self, app, skip_authentication):
        """
        Configure authentication and authorization.

        :param app: The TG2 application.
        :param skip_authentication: Should authentication be skipped if
            explicitly requested? (used by repoze.who-testutil)
        :type skip_authentication: bool

        """
        # Configuring auth logging:
        if 'log_stream' not in self.sa_auth:
            self.sa_auth['log_stream'] = logging.getLogger('auth')

        # Removing keywords not used by repoze.who:
        auth_args = copy(self.sa_auth)
        if 'sa_auth' in config:
            auth_args.update(config.sa_auth)
        if 'password_encryption_method' in auth_args:
            del auth_args['password_encryption_method']
        if not skip_authentication:
            if not 'cookie_secret' in auth_args.keys():
                msg = "base_config.sa_auth.cookie_secret is required "\
                "you must define it in app_cfg.py or set "\
                "sa_auth.cookie_secret in development.ini"
                raise TGConfigError(msg)

        if 'authmetadata' not in auth_args:
            #authmetadata not provided, fallback to old authentication setup
            if self.auth_backend == "sqlalchemy":
                from repoze.what.plugins.quickstart import setup_sql_auth
                app = setup_sql_auth(app, skip_authentication=skip_authentication, **auth_args)
            elif self.auth_backend == "ming":
                from tgming import setup_ming_auth
                app = setup_ming_auth(app, skip_authentication=skip_authentication, **auth_args)
        else:
            try:
                pos = auth_args['authenticators'].index(('default', None))
            except KeyError:
                pos = None
            except ValueError:
                pos = -1
            if pos is None or pos >= 0:
                if self.auth_backend == "sqlalchemy":
                    from tg.configuration.sqla.auth import create_default_authenticator
                    auth_args, sqlauth = create_default_authenticator(**auth_args)
                    authenticator = ('sqlauth', sqlauth)
                elif self.auth_backend == "ming":
                    from tg.configuration.mongo.auth import create_default_authenticator
                    auth_args, mingauth = create_default_authenticator(**auth_args)
                    authenticator = ('mingauth', mingauth)
                else:
                    authenticator = None
                if authenticator:
                    if pos is None:
                        auth_args['authenticators'] = [authenticator]
                    else:
                        auth_args['authenticators'][pos] = authenticator
            from tg.configuration.auth import setup_auth
            app = setup_auth(app, skip_authentication=skip_authentication, **auth_args)

        return app
コード例 #8
0
    def _add_middleware(self, conf, app):
        """
        Configure authentication and authorization.
        """
        # Start with the current configured authentication options.
        # Depending on the auth backend a new auth_args dictionary
        # can replace this one later on.
        auth_backend = conf['auth_backend']
        if auth_backend not in self.SUPPORTED_AUTH_BACKENDS:
            return app

        auth_args = get_partial_dict('sa_auth', conf)

        # Removing keywords not used by repoze.who:
        auth_args.pop('password_encryption_method', None)

        # Removing authmetadata as is not used by repoze.who:
        tgauthmetadata = auth_args.pop('authmetadata', None)

        try:
            pos = auth_args['authenticators'].index(('default', None))
        except KeyError:
            # Didn't specify authenticators, setup default one
            pos = None
        except ValueError:
            # Specified authenticators and default is not in there
            # so we want to skip default TG auth configuration.
            pos = -1

        if pos is None or pos >= 0:
            if getattr(tgauthmetadata, 'authenticate', None) is not None:
                from tg.configuration.auth import create_default_authenticator
                auth_args, tgauth = create_default_authenticator(
                    tgauthmetadata, **auth_args)
                authenticator = ('tgappauth', tgauth)
            elif auth_backend == "sqlalchemy":
                warnings.warn(
                    'sqlauth is deprecated, you should add authenticate method '
                    'to your authmetadata instance in app_cfg',
                    DeprecationWarning, 2)
                from tg.configuration.sqla.auth import create_default_authenticator
                auth_args, sqlauth = create_default_authenticator(**auth_args)
                authenticator = ('sqlauth', sqlauth)
            elif auth_backend == "ming":
                warnings.warn(
                    'mingauth is deprecated, you should add authenticate method '
                    'to your authmetadata instance in app_cfg',
                    DeprecationWarning, 2)
                from tg.configuration.mongo.auth import create_default_authenticator
                auth_args, mingauth = create_default_authenticator(**auth_args)
                authenticator = ('mingauth', mingauth)
            else:
                authenticator = None

            if authenticator is not None:
                if pos is None:
                    auth_args['authenticators'] = [authenticator]
                else:
                    # We make a copy so that we don't modify the original one.
                    auth_args['authenticators'] = auth_args['authenticators']
                    auth_args['authenticators'][pos] = authenticator

        from tg.configuration.auth import setup_auth
        app = setup_auth(app,
                         skip_authentication=conf['skip_authentication'],
                         **auth_args)
        return app
コード例 #9
0
ファイル: app_config.py プロジェクト: clsdaniel/tg2
    def add_auth_middleware(self, app, skip_authentication):
        """
        Configure authentication and authorization.

        :param app: The TG2 application.
        :param skip_authentication: Should authentication be skipped if
            explicitly requested? (used by repoze.who-testutil)
        :type skip_authentication: bool

        """
        # Configuring auth logging:
        if 'log_stream' not in self.sa_auth:
            self.sa_auth['log_stream'] = logging.getLogger('auth')

        # Removing keywords not used by repoze.who:
        auth_args = copy(self.sa_auth)
        if 'sa_auth' in config:
            auth_args.update(config.sa_auth)
        if 'password_encryption_method' in auth_args:
            del auth_args['password_encryption_method']
        if not skip_authentication:
            if not 'cookie_secret' in auth_args.keys():
                msg = "base_config.sa_auth.cookie_secret is required "\
                "you must define it in app_cfg.py or set "\
                "sa_auth.cookie_secret in development.ini"
                raise TGConfigError(msg)

        if 'authmetadata' not in auth_args:
            #authmetadata not provided, fallback to old authentication setup
            if self.auth_backend == "sqlalchemy":
                from repoze.what.plugins.quickstart import setup_sql_auth
                app = setup_sql_auth(app, skip_authentication=skip_authentication, **auth_args)
            elif self.auth_backend == "ming":
                from tgming import setup_ming_auth
                app = setup_ming_auth(app, skip_authentication=skip_authentication, **auth_args)
        else:
            try:
                pos = auth_args['authenticators'].index(('default', None))
            except KeyError:
                pos = None
            except ValueError:
                pos = -1
            if pos is None or pos >= 0:
                if self.auth_backend == "sqlalchemy":
                    from tg.configuration.sqla.auth import create_default_authenticator
                    auth_args, sqlauth = create_default_authenticator(**auth_args)
                    authenticator = ('sqlauth', sqlauth)
                elif self.auth_backend == "ming":
                    from tg.configuration.mongo.auth import create_default_authenticator
                    auth_args, mingauth = create_default_authenticator(**auth_args)
                    authenticator = ('mingauth', mingauth)
                else:
                    authenticator = None
                if authenticator:
                    if pos is None:
                        auth_args['authenticators'] = [authenticator]
                    else:
                        auth_args['authenticators'][pos] = authenticator
            from tg.configuration.auth import setup_auth
            app = setup_auth(app, skip_authentication=skip_authentication, **auth_args)

        return app