Пример #1
0
def create_app():
    app = Flask(__name__, instance_relative_config=True)
    app.config.from_object(__name__)
    CORS(app)

    @app.route('/')
    @requires_authentication
    def hello(user):
        return render_template('index.html', user=user)

    init_kerberos(app)
    return app
 def test_unauthorized(self):
     '''
     Ensure that when the client does not send an authorization token, they
     receive a 401 Unauthorized response which includes a www-authenticate
     header field which indicates the server supports Negotiate
     authentication.
     '''
     flask_kerberos.init_kerberos(self.app, 'HTTP', 'example.org')
     c = self.app.test_client()
     r = c.get('/')
     self.assertEqual(r.status_code, 401)
     self.assertEqual(r.headers.get('www-authenticate'), 'Negotiate')
Пример #3
0
 def test_unauthorized(self):
     '''
     Ensure that when the client does not send an authorization token, they
     receive a 401 Unauthorized response which includes a www-authenticate
     header field which indicates the server supports Negotiate
     authentication.
     '''
     flask_kerberos.init_kerberos(self.app, 'HTTP', 'example.org')
     c = self.app.test_client()
     r = c.get('/')
     self.assertEqual(r.status_code, 401)
     self.assertEqual(r.headers.get('www-authenticate'), 'Negotiate')
 def test_forbidden(self, clean, name, response, step, init):
     '''
     Ensure that when the client sends an incorrect authorization token,
     they receive a 403 Forbidden response.
     '''
     state = object()
     init.return_value = (kerberos.AUTH_GSS_COMPLETE, state)
     step.side_effect = kerberos.GSSError("FAILURE")
     flask_kerberos.init_kerberos(self.app, 'HTTP', 'example.org')
     c = self.app.test_client()
     r = c.get('/', headers={'Authorization': 'Negotiate CTOKEN'})
     self.assertEqual(r.status_code, 403)
     self.assertEqual(init.mock_calls, [mock.call('*****@*****.**')])
     self.assertEqual(step.mock_calls, [mock.call(state, 'CTOKEN')])
     self.assertEqual(name.mock_calls, [])
     self.assertEqual(response.mock_calls, [])
     self.assertEqual(clean.mock_calls, [mock.call(state)])
Пример #5
0
 def test_forbidden(self, clean, name, response, step, init):
     '''
     Ensure that when the client sends an incorrect authorization token,
     they receive a 403 Forbidden response.
     '''
     state = object()
     init.return_value = (kerberos.AUTH_GSS_COMPLETE, state)
     step.side_effect = kerberos.GSSError("FAILURE")
     flask_kerberos.init_kerberos(self.app, 'HTTP', 'example.org')
     c = self.app.test_client()
     r = c.get('/', headers={'Authorization': 'Negotiate CTOKEN'})
     self.assertEqual(r.status_code, 403)
     self.assertEqual(init.mock_calls, [mock.call('*****@*****.**')])
     self.assertEqual(step.mock_calls, [mock.call(state, 'CTOKEN')])
     self.assertEqual(name.mock_calls, [])
     self.assertEqual(response.mock_calls, [])
     self.assertEqual(clean.mock_calls, [mock.call(state)])
 def test_authorized_no_mutual_auth(self, clean, name, response, step, init):
     '''
     Ensure that when a client does not request mutual authentication, we
     don't provide a token & that we don't throw an exception.
     '''
     state = object()
     init.return_value = (kerberos.AUTH_GSS_COMPLETE, state)
     step.return_value = kerberos.AUTH_GSS_COMPLETE
     name.return_value = "*****@*****.**"
     response.return_value = None
     flask_kerberos.init_kerberos(self.app, 'HTTP', 'example.org')
     c = self.app.test_client()
     r = c.get('/', headers={'Authorization': 'Negotiate CTOKEN'})
     self.assertEqual(r.status_code, 200)
     self.assertEqual(r.data, '*****@*****.**')
     self.assertEqual(r.headers.get('WWW-Authenticate'), None)
     self.assertEqual(init.mock_calls, [mock.call('*****@*****.**')])
     self.assertEqual(step.mock_calls, [mock.call(state, 'CTOKEN')])
     self.assertEqual(name.mock_calls, [mock.call(state)])
     self.assertEqual(response.mock_calls, [mock.call(state)])
     self.assertEqual(clean.mock_calls, [mock.call(state)])
 def test_authorized(self, clean, name, response, step, init):
     '''
     Ensure that when the client sends an correct authorization token,
     they receive a 200 OK response and the user principal is extracted and
     passed on to the routed method.
     '''
     state = object()
     init.return_value = (kerberos.AUTH_GSS_COMPLETE, state)
     step.return_value = kerberos.AUTH_GSS_COMPLETE
     name.return_value = "*****@*****.**"
     response.return_value = "STOKEN"
     flask_kerberos.init_kerberos(self.app, 'HTTP', 'example.org')
     c = self.app.test_client()
     r = c.get('/', headers={'Authorization': 'Negotiate CTOKEN'})
     self.assertEqual(r.status_code, 200)
     self.assertEqual(r.data, '*****@*****.**')
     self.assertEqual(r.headers.get('WWW-Authenticate'), 'negotiate STOKEN')
     self.assertEqual(init.mock_calls, [mock.call('*****@*****.**')])
     self.assertEqual(step.mock_calls, [mock.call(state, 'CTOKEN')])
     self.assertEqual(name.mock_calls, [mock.call(state)])
     self.assertEqual(response.mock_calls, [mock.call(state)])
     self.assertEqual(clean.mock_calls, [mock.call(state)])
Пример #8
0
 def test_authorized_no_mutual_auth(self, clean, name, response, step,
                                    init):
     '''
     Ensure that when a client does not request mutual authentication, we
     don't provide a token & that we don't throw an exception.
     '''
     state = object()
     init.return_value = (kerberos.AUTH_GSS_COMPLETE, state)
     step.return_value = kerberos.AUTH_GSS_COMPLETE
     name.return_value = "*****@*****.**"
     response.return_value = None
     flask_kerberos.init_kerberos(self.app, 'HTTP', 'example.org')
     c = self.app.test_client()
     r = c.get('/', headers={'Authorization': 'Negotiate CTOKEN'})
     self.assertEqual(r.status_code, 200)
     self.assertEqual(r.data, '*****@*****.**')
     self.assertEqual(r.headers.get('WWW-Authenticate'), None)
     self.assertEqual(init.mock_calls, [mock.call('*****@*****.**')])
     self.assertEqual(step.mock_calls, [mock.call(state, 'CTOKEN')])
     self.assertEqual(name.mock_calls, [mock.call(state)])
     self.assertEqual(response.mock_calls, [mock.call(state)])
     self.assertEqual(clean.mock_calls, [mock.call(state)])
Пример #9
0
 def test_authorized(self, clean, name, response, step, init):
     '''
     Ensure that when the client sends an correct authorization token,
     they receive a 200 OK response and the user principal is extracted and
     passed on to the routed method.
     '''
     state = object()
     init.return_value = (kerberos.AUTH_GSS_COMPLETE, state)
     step.return_value = kerberos.AUTH_GSS_COMPLETE
     name.return_value = "*****@*****.**"
     response.return_value = "STOKEN"
     flask_kerberos.init_kerberos(self.app, 'HTTP', 'example.org')
     c = self.app.test_client()
     r = c.get('/', headers={'Authorization': 'Negotiate CTOKEN'})
     self.assertEqual(r.status_code, 200)
     self.assertEqual(r.data, '*****@*****.**')
     self.assertEqual(r.headers.get('WWW-Authenticate'), 'negotiate STOKEN')
     self.assertEqual(init.mock_calls, [mock.call('*****@*****.**')])
     self.assertEqual(step.mock_calls, [mock.call(state, 'CTOKEN')])
     self.assertEqual(name.mock_calls, [mock.call(state)])
     self.assertEqual(response.mock_calls, [mock.call(state)])
     self.assertEqual(clean.mock_calls, [mock.call(state)])
Пример #10
0
from flask import Flask
from flask_kerberos import init_kerberos, requires_authentication

app = Flask(__name__)
init_kerberos(app, hostname='webserver.example.com')


@app.route('/')
def hello_world():
    return 'Hello, World!'


@app.route("/protected")
@requires_authentication
def protected_view(user):
    return user
Пример #11
0
#!/usr/bin/env python

from flask import Flask
from flask import render_template
from flask_kerberos import init_kerberos
from flask_kerberos import requires_authentication

DEBUG = True

app = Flask(__name__)
app.config.from_object(__name__)


@app.route("/")
@requires_authentication
def index(user):
    return render_template('index.html', user=user)


if __name__ == '__main__':
    init_kerberos(app)
    app.run(host='0.0.0.0')
Пример #12
0
#!/usr/bin/env python

from flask import Flask
from flask import render_template
from flask_kerberos import init_kerberos
from flask_kerberos import requires_authentication

DEBUG=True

app = Flask(__name__)
app.config.from_object(__name__)


@app.route("/")
@requires_authentication
def index(user):
    return render_template('index.html', user=user)


if __name__ == '__main__':
    init_kerberos(app)
    app.run(host='0.0.0.0')