def __init__(self, idphandler, passwd, password=True, yubikey=False): IdPAuthentication.__init__(self, idphandler) self.passwd = passwd self._user_info = None yubikey_db = None yubikey_server = None yubikey_otp_parameter = None mako_file = "idplogin_password.mako" password_parameter = None if password: password_parameter = "password" if yubikey: yubikey_db = idphandler.yubikey_db yubikey_server = idphandler.yubikey_server yubikey_otp_parameter = "otp" #mako_file = "yubikeylogin.mako" mako_file = "idplogin_yubikey.mako" if yubikey and password: mako_file = "idplogin_password_yubikey.mako" self.auth_helper = DirgUsernamePasswordYubikeyMako( "login", mako_file, self.idphandler.template_lookup, passwd, password_parameter, yubikey_db, yubikey_server, yubikey_otp_parameter)
def __init__(self, idphandler, passwd, password=True, yubikey=False): IdPAuthentication.__init__(self, idphandler) self.passwd = passwd self._user_info = None yubikey_db = None yubikey_server = None yubikey_otp_parameter = None mako_file = "idplogin_password.mako" password_parameter = None if password: password_parameter = "password" if yubikey: yubikey_db = idphandler.yubikey_db yubikey_server = idphandler.yubikey_server yubikey_otp_parameter = "otp" #mako_file = "yubikeylogin.mako" mako_file = "idplogin_yubikey.mako" if yubikey and password: mako_file = "idplogin_password_yubikey.mako" self.auth_helper = DirgUsernamePasswordYubikeyMako("login", mako_file, self.idphandler.template_lookup, passwd, password_parameter, yubikey_db, yubikey_server, yubikey_otp_parameter)
class PasswordYubikeyAuth(IdPAuthentication): def __init__(self, idphandler, passwd, user_info, extra_info, password=True, yubikey=False): IdPAuthentication.__init__(self, idphandler) self.passwd = passwd self.user_info = user_info self.extra_info = extra_info yubikey_db = None yubikey_server = None yubikey_otp_parameter = None mako_file = "idplogin_password.mako" password_parameter = None if password: password_parameter = "password" if yubikey: yubikey_db = idphandler.yubikey_db yubikey_server = idphandler.yubikey_server yubikey_otp_parameter = "otp" #mako_file = "yubikeylogin.mako" mako_file = "idplogin_yubikey.mako" if yubikey and password: mako_file = "idplogin_password_yubikey.mako" self.auth_helper = DirgUsernamePasswordYubikeyMako("login", mako_file, self.idphandler.template_lookup, passwd, password_parameter, yubikey_db, yubikey_server, yubikey_otp_parameter) def information(self, environ, start_response, uid): return self.user_info[uid].copy() def extra(self, environ, start_response, uid): return self.extra_info[uid].copy() def authenticate(self, environ, start_response, reference, key, redirect_uri, **kwargs): logger.info("The login page") query = { "key": key, self.AUTHN_REFERENCE_PARAM: reference, "redirect_uri": redirect_uri } argv = { "action": "/" + self.idphandler.IDP_VERIFY_URL, "login": "", "password": "", "otp": "", self.QUERY_PARAM: self.encrypt_dict(query) } logger.info("do_authentication argv: %s" % argv) resp = self.auth_helper.create_response(argv) return resp(environ, start_response) def verify_bool(self, environ, start_response): query = HttpHandler.query_dictionary(environ) valid = False try: valid, uid, parameters = self.auth_helper.verify(query) except (AssertionError, KeyError): return valid return valid def verify(self, environ, start_response): request = HttpHandler.query_dictionary(environ) user = None valid = False query = {} try: valid, user, parameters = self.auth_helper.verify(request) query = self.decrypt_dict(parameters[self.QUERY_PARAM]) except KeyError: pass if not valid: resp = Unauthorized("Unknown user or wrong password") else: if len(query) != 3 and self.AUTHN_REFERENCE_PARAM not in query or "redirect_uri" not in query or \ "key" not in query: resp = Unauthorized("Unknown user or wrong password") else: resp = self.setup_idp(user, query[self.AUTHN_REFERENCE_PARAM], query["redirect_uri"], query["key"]) return resp(environ, start_response)
class PasswordYubikeyAuth(IdPAuthentication): def __init__(self, idphandler, passwd, password=True, yubikey=False): IdPAuthentication.__init__(self, idphandler) self.passwd = passwd self._user_info = None yubikey_db = None yubikey_server = None yubikey_otp_parameter = None mako_file = "idplogin_password.mako" password_parameter = None if password: password_parameter = "password" if yubikey: yubikey_db = idphandler.yubikey_db yubikey_server = idphandler.yubikey_server yubikey_otp_parameter = "otp" #mako_file = "yubikeylogin.mako" mako_file = "idplogin_yubikey.mako" if yubikey and password: mako_file = "idplogin_password_yubikey.mako" self.auth_helper = DirgUsernamePasswordYubikeyMako( "login", mako_file, self.idphandler.template_lookup, passwd, password_parameter, yubikey_db, yubikey_server, yubikey_otp_parameter) def user_info(self, user_info): self._user_info = user_info def information(self, environ, start_response, uid): if self._user_info is None: return None return self._user_info.information(environ, start_response, uid) def extra(self, environ, start_response, uid): if self._user_info is None: return None return self._user_info.extra(environ, start_response, uid) def authenticate(self, environ, start_response, reference, key, redirect_uri, **kwargs): logger.info("The login page") query = { "key": key, self.AUTHN_REFERENCE_PARAM: reference, "redirect_uri": redirect_uri } argv = { "action": "/" + self.idphandler.IDP_VERIFY_URL, "login": "", "password": "", "otp": "", self.QUERY_PARAM: self.encrypt_dict(query) } logger.info("do_authentication argv: %s" % argv) resp = self.auth_helper.create_response(argv) return resp(environ, start_response) def verify_bool(self, environ, start_response): query = HttpHandler.query_dictionary(environ) valid = False try: valid, uid, parameters = self.auth_helper.verify(query) except (AssertionError, KeyError): return valid return valid def verify(self, environ, start_response): request = HttpHandler.query_dictionary(environ) user = None valid = False query = {} try: valid, user, parameters = self.auth_helper.verify(request) query = self.decrypt_dict(parameters[self.QUERY_PARAM]) except KeyError: pass if not valid: resp = Unauthorized("Unknown user or wrong password") else: if len(query) != 3 and self.AUTHN_REFERENCE_PARAM not in query or "redirect_uri" not in query or \ "key" not in query: resp = Unauthorized("Unknown user or wrong password") else: resp = self.setup_idp(user, query[self.AUTHN_REFERENCE_PARAM], query["redirect_uri"], query["key"]) return resp(environ, start_response)