def make_test_middleware(app, global_conf):
""" Functionally equivalent to
[plugin:redirector]
use = repoze.who.plugins.redirector.RedirectorPlugin
login_url = /login.html
[plugin:auth_tkt]
use = repoze.who.plugins.auth_tkt:AuthTktCookiePlugin
secret = SEEKRIT
cookie_name = oatmeal
[plugin:basicauth]
use = repoze.who.plugins.basicauth.BasicAuthPlugin
realm = repoze.who
[plugin:htpasswd]
use = repoze.who.plugins.htpasswd.HTPasswdPlugin
filename = <...>
check_fn = repoze.who.plugins.htpasswd:crypt_check
[general]
request_classifier = repoze.who.classifiers:default_request_classifier
challenge_decider = repoze.who.classifiers:default_challenge_decider
[identifiers]
plugins = authtkt basicauth
[authenticators]
plugins = authtkt htpasswd
[challengers]
plugins = redirector:browser basicauth
"""
# be able to test without a config file
from repoze.who.plugins.basicauth import BasicAuthPlugin
from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin
from repoze.who.plugins.redirector import RedirectorPlugin
from repoze.who.plugins.htpasswd import HTPasswdPlugin
io = StringIO()
for name, password in [('admin', 'admin'), ('chris', 'chris')]:
io.write('%s:%s\n' % (name, password))
io.seek(0)
def cleartext_check(password, hashed):
return password == hashed #pragma NO COVERAGE
htpasswd = HTPasswdPlugin(io, cleartext_check)
basicauth = BasicAuthPlugin('repoze.who')
auth_tkt = AuthTktCookiePlugin('secret', 'auth_tkt')
redirector = RedirectorPlugin('/login.html')
redirector.classifications = {IChallenger: ['browser']} # only for browser
identifiers = [
('auth_tkt', auth_tkt),
('basicauth', basicauth),
]
authenticators = [('htpasswd', htpasswd)]
challengers = [('redirector', redirector), ('basicauth', basicauth)]
mdproviders = []
from repoze.who.classifiers import default_request_classifier
from repoze.who.classifiers import default_challenge_decider
log_stream = None
import os
if os.environ.get('WHO_LOG'):
log_stream = sys.stdout
middleware = PluggableAuthenticationMiddleware(app,
identifiers,
authenticators,
challengers,
mdproviders,
default_request_classifier,
default_challenge_decider,
log_stream=log_stream,
log_level=logging.DEBUG)
return middleware
## fake .htpasswd authentication source
io = StringIO()
for name, password in [('admin', 'admin'), ('user', 'user')]:
io.write('%s:%s\n' % (name, password))
io.seek(0)
def cleartext_check(password, hashed):
return password == hashed
htpasswd = HTPasswdPlugin(io, cleartext_check)
## other plugins
basicauth = BasicAuthPlugin('repoze.who')
auth_tkt = AuthTktCookiePlugin('secret', 'auth_tkt')
redirector = RedirectorPlugin(login_url='/login.html')
redirector.classifications = {IChallenger: ['browser']} # only for browser
## group / order plugins by function
identifiers = [('auth_tkt', auth_tkt), ('basicauth', basicauth)]
authenticators = [('auth_tkt', auth_tkt), ('htpasswd', htpasswd)]
challengers = [('redirector', redirector), ('basicauth', basicauth)]
mdproviders = []
## set up who logging, if desired
log_stream = None
if os.environ.get('WHO_LOG'):
log_stream = sys.stdout
# Wrap the middleware around the application.
middleware = PAM(app,
