Exemplo n.º 1
0
    def checkPassword(self, username, password):
        try:
            connection = self.getLDAPClient()

            username = self.escapeLDAP(username)
            dn = self.findLDAPUser(username)
            if dn is None:
                return False
            connection.bind_s(dn, password)
            connection.unbind_s()

            user = FilebasedUserManager.findUser(self, username)
            if not user:
                self._logger.debug("Add new user")
                self.addUser(username, str(uuid.uuid4()), True)
            return True

        except ldap.INVALID_CREDENTIALS:
            self._logger.error("LDAP : Your username or password is incorrect.")
            return FilebasedUserManager.checkPassword(self, username, password)
        except ldap.LDAPError, e:
            if type(e.message) == dict:
                for (k, v) in e.message.iteritems():
                    self._logger.error("%s: %sn" % (k, v))
            else:
                self._logger.error(e.message)
                return False
Exemplo n.º 2
0
    def findUser(self, userid=None, apikey=None, session=None):
        """
        Find user using FilebasedUserManager, else set temporary user.
        This is because of implementation of server/api.
        """
        user = FilebasedUserManager.findUser(self, userid, apikey, session)
        if user is not None:
            return user

        # making temporary user because of implementation of api
        # and we need to pass our code from OAuth to login_user
        # api login could be found in server/api/__init__.py
        user = User(userid, "", 1, ["user"])
        return user
Exemplo n.º 3
0
    def findUser(self, userid=None, apikey=None, session=None):
        local_user = FilebasedUserManager.findUser(self, userid, apikey, session)
        #If user not exists in local database, search it on LDAP
        if userid and not local_user:
            if(self.findLDAPUser(userid)):
                #Return a fake user instance
                return User(userid, str(uuid.uuid4()), True, ["user"])

            else:
                return None

        else :
            self._logger.debug("Local user found")
            return local_user
Exemplo n.º 4
0
    def findUser(self, userid=None, apikey=None, session=None):
        local_user = FilebasedUserManager.findUser(self, userid, apikey,
                                                   session)
        #If user not exists in local database, search it on LDAP
        if userid and not local_user:
            if (self.findLDAPUser(userid)):
                # Return a fake user instance
                return User(
                    userid, str(uuid.uuid4()),
                    settings().getBoolean(
                        ["plugins", "authldap", "auto_activate"]),
                    self.getRoles())

            else:
                return None

        else:
            self._logger.debug("Local user found")
            return local_user
Exemplo n.º 5
0
    def login_user(self, user):
        """
        This method logs in the user into OctoPrint using authorization OAuth2.
        Users user.get_id() should be dict containing redirect_uri and code.
        It is obtained by view model in static/js folder.
        Method gets specified data from config yaml - client_id and client_secret, then
        start OAuth2Session from requests_oauthlib library. Using the library method
        fetch the access token using method get_token.
        After that, user is added into users.yaml config file.
        """
        self._cleanup_sessions()

        if user is None:
            return

        if isinstance(user, LocalProxy):
            user = user._get_current_object()
            return user

        if not isinstance(user, User):
            return None

        if not isinstance(user, SessionUser):

            # from get_id we get for each user his redirect uri and code
            try:
                redirect_uri = user.get_id()['redirect_uri']
                code = user.get_id()['code']
            except KeyError:
                OAuthbasedUserManager.logger.error(
                    "Code or redirect_uri not found")
                return None

            client_id = self.oauth2[redirect_uri]["client_id"]
            client_secret = self.oauth2[redirect_uri]["client_secret"]
            oauth2_session = OAuth2Session(client_id,
                                           redirect_uri=redirect_uri)
            access_token = self.get_token(oauth2_session, code, client_id,
                                          client_secret)

            if access_token is None:
                return None

            username = self.get_username(oauth2_session)
            if username is None:
                OAuthbasedUserManager.logger.error("Username none")
                return None
            user = FilebasedUserManager.findUser(self, username)

            if user is None:
                self.addUser(username, "", True, ["user"])
                user = self.findUser(username)

        if not isinstance(user, SessionUser):
            user = SessionUser(user)

        self._session_users_by_session[user.session] = user

        user_id = user.get_id()
        if user_id not in self._sessionids_by_userid:
            self._sessionids_by_userid[user_id] = set()

        self._sessionids_by_userid[user_id].add(user.session)
        return user
Exemplo n.º 6
0
 def changeUserPassword(self, username, password):
     #Changing password of LDAP users is not allowed
     if FilebasedUserManager.findUser(self, username) is not None:
         return FilebasedUserManager.changeUserPassword(self, username, password)