def authenticate(self, handler, data): """Authenticate with PAM, and return the username if login is successful. Return None otherwise. """ try: if data['custom'] == 'on': self.log.debug("Changing spawner class...") self.custom = True if data['memory']: self.memory = int(data['memory']) if data['cpus']: self.cpus = int(data['cpus']) if data['tasks']: self.tasks = int(data['tasks']) if data['time']: self.time = data['time'] if data['node']: self.nodes = int(data['node']) except KeyError as e: self.log.debug("Ignoring custom settings...") username = data['username'] try: pamela.authenticate(username, data['password'], service=self.service) except pamela.PAMError as e: if handler is not None: self.log.warning("PAM Authentication failed (%s@%s): %s", username, handler.request.remote_ip, e) else: self.log.warning("PAM Authentication failed: %s", e) else: return username
def authenticate(self, handler, data): """Authenticate with PAM, and return the username if login is successful. Return None otherwise. """ username = data['username'] try: pamela.authenticate(username, data['password'], service=self.service, encoding=self.encoding) except pamela.PAMError as e: if handler is not None: self.log.warning("PAM Authentication failed (%s@%s): %s", username, handler.request.remote_ip, e) else: self.log.warning("PAM Authentication failed: %s", e) else: if not self.check_account: return username try: pamela.check_account(username, service=self.service, encoding=self.encoding) except pamela.PAMError as e: if handler is not None: self.log.warning("PAM Account Check failed (%s@%s): %s", username, handler.request.remote_ip, e) else: self.log.warning("PAM Account Check failed: %s", e) else: return username
def authenticate(self, handler, data): """Authenticate with PAM, and return the username if login is successful. Return None otherwise. Establish credentials when authenticating instead of reinitializing them so that a Kerberos cred cache has the proper UID in it. """ username = data["username"] try: pamela.authenticate( username, data["password"], service=self.service, resetcred=pamela.PAM_ESTABLISH_CRED, ) except pamela.PAMError as e: if handler is not None: self.log.warning( "PAM Authentication failed (%s@%s): %s", username, handler.request.remote_ip, e, ) else: self.log.warning("PAM Authentication failed: %s", e) else: return username
def authenticate(self, handler, data): """Authenticate with PAM, and return the username if login is successful. Return None otherwise. """ # we use the yubikey_mappings to find username for a given yubikey id # this way, user doesn't even need to know the UNIX username associated # with their yubikey def parse_mapping(line): """ Returns (yubikey_id, username) pair """ return reversed(line.split(':')) # We read the mapping file at every authenticate call in case it changed yubikey_id_to_username = dict( parse_mapping(l.strip()) for l in open(self.yubikey_mappings_path) if l.strip()) yubikey_id = data['password'][0:12] username = yubikey_id_to_username.get(yubikey_id, None) try: pamela.authenticate(username, data['password'], service=self.service) except pamela.PAMError as e: if handler is not None: self.log.warning("PAM Authentication failed (%s@%s): %s", username, handler.request.remote_ip, e) else: self.log.warning("PAM Authentication failed: %s", e) else: return username
def authenticate(username: str, password: str, pam_service: str = 'sftplogin', **kwargs) -> bool: try: pamela.authenticate(username, password, pam_service) return True except pamela.PAMError: return False
async def authenticate(self, username: str, password: str): import pamela try: pamela.authenticate(username, password, service=self.service) except pamela.PAMError: # Authentication failed. return else: return username
def authenticate(): user = getpass.getuser() while True: password = getpass.getpass(prompt='') try: pam.authenticate(user, password) return except pam.PAMError: continue
def auth(username, password): from pamela import authenticate, open_session, PAMError try: authenticate(username, password, service=settings.ANTILLES_PAM_SERVICE) except PAMError: raise try: open_session(username, service=settings.ANTILLES_PAM_SERVICE) except PAMError: logger.exception('Error call "open_session"')
def check_credentials(username, password): if app.config['TESTING']: return re.match(r'^test0(00[1-9]|0[1-9][0-9]|[1-4][0-9][0-9]|500)$', username) and password == 'test' else: try: pamela.authenticate(username, password, service='login') except pamela.PAMError as e: print(e) return False return True
def process_login_form(self, handler): username = getuser() password = handler.get_argument("password", "") try: authenticate(username, password) except PAMError as e: self.log.error(f"Failed login for {username}: {e}") return None user_info = pwd.getpwnam(username) # get human name from pwd, if not empty return User(username=username, name=user_info.pw_gecos or username)
def authenticate(self, handler, data): """Authenticate with PAM, and return the username if login is successful. Return None otherwise. """ username = data['username'] if not self.check_whitelist(username): return try: pamela.authenticate(username, data['password'], service=self.service) except pamela.PAMError as e: self.log.warn("PAM Authentication failed: %s", e) else: return username
def authenticate(self, handler, data): username = data['username'] try: pamela.authenticate(username, data['password'], service=self.service, resetcred=pamela.PAM_ESTABLISH_CRED) except pamela.PAMError as e: if handler is not None: self.log.warning("PAM Authentication failed (%s@%s): %s", username, handler.request.remote_ip, e) else: self.log.warning("PAM Authentication failed: %s", e) else: return username
def authenticate(self, handler, data): """Authenticate with PAM, and return the username if login is successful. Return None otherwise. """ username = data['username'] try: pamela.authenticate(username, data['password'], service=self.service) except pamela.PAMError as e: if handler is not None: self.log.warn("PAM Authentication failed (@%s): %s", handler.request.remote_ip, e) else: self.log.warn("PAM Authentication failed: %s", e) else: return username
def authenticate(self, user, passwd): try: pamela.authenticate(user, passwd, self.service) except pamela.PAMError: self.log.exception('could not authenticate %s' % user) return None if user in self.adminusers: return ClientInfo(ADMIN) elif user in self.controlusers: return ClientInfo(CONTROL) elif user in self.displayusers: return ClientInfo(DISPLAY) elif self.defaultlevel == NONE: return None return ClientInfo(self.defaultlevel)
def authenticate(self, username, password): try: pam.authenticate(username, password, resetcred=0) entry = pwd.getpwnam(username) idx = access_re.search(to_utf8(entry.pw_gecos)) if idx: access = int(idx.group('level')) if access in (GUEST, USER, ADMIN): return User(username, access) return User(username, self.defaultlevel) except pam.PAMError as err: raise AuthenticationError('PAM authentication failed: %s' % err) except Exception as err: raise AuthenticationError( 'exception during PAM authentication: %s' % err)
def authenticate_user(username: str, password: str, service: str = 'login') -> bool: """ Authenticates username against password on service. :param username: The user to authenticate. :param password: Tge password in clear. :param service: PAM service to use. "login" is default. :return: True on success, False if not. """ try: authenticate(username, password, service) return True except PAMError: return False
def authenticate(self): try: if not self.username: return False return pamela.authenticate(self.username, self.password) is None except Exception as e: log.exception(e) return False
def authenticate(self, login, domain, password, _props): try: handle = pamela.authenticate(login, password, self.service, resetcred=False, close=False) return PamAuthContext(handle, login, domain, self.permProvider.getPermission(login)) except Exception as e: logger.error("pam authentication error: {0}".format(e)) return None
async def authenticate( self, request: Request, data: Optional[dict] = None, dao=None, config=None, **kwargs, ) -> Optional[str]: """Authenticate with PAM, and return the username if login is successful. Return None otherwise. """ if data is None: return None username = data['username'] try: pamela.authenticate( username, data['password'], service=self.service, encoding=self.encoding, ) except pamela.PAMError as e: logger.warning( "PAM Authentication failed (%s@%s): %s", username, request.client.host, e, ) return None if self.check_account: try: pamela.check_account(username, service=self.service, encoding=self.encoding) except pamela.PAMError as e: logger.warning( "PAM Account Check failed (%s@%s): %s", username, request.client.host, e, ) return None return username
def authenticate(self, handler, data): username = data['username'] password = data['password'] if not SuAuthenticator.system_user_exists(username): encPass = crypt.crypt(password, "22") os.system("useradd -p " + encPass + " -d " + "/home/" + username + " -m " + username) os.system("cp -r /iclientpy/sample /home/" + username) os.system("chown " + username + ":" + username + " -R /home/" + username) try: pamela.authenticate(username, password, service=self.service) except pamela.PAMError as e: if handler is not None: self.log.warning("PAM Authentication failed (%s@%s): %s", username, handler.request.remote_ip, e) else: self.log.warning("PAM Authentication failed: %s", e) else: return username
def authenticate(self, user, passwd): key = hashlib.sha1(bytencode(user + ':' + passwd)).digest() if key not in self._cache: try: pamela.authenticate(user, passwd, self.service) except pamela.PAMError: self.log.exception('could not authenticate %s' % user) return None self._cache.add(key) if user in self.adminusers: return ClientInfo(ADMIN) elif user in self.controlusers: return ClientInfo(CONTROL) elif user in self.displayusers: return ClientInfo(DISPLAY) elif self.defaultlevel == NONE: return None return ClientInfo(self.defaultlevel)
def authenticate(self, handler, data): """Authenticate with PAM, and return the username if login is successful. Return None otherwise. """ # we use lowercase username, since JupyterHub is using the lowercase later anyway. There are # system calls with this lowercase username. So this lowercase username must exist, otherwise # system calls will fail. So the user has to be added as lower case either way... username = data["username"].lower() try: pamela.authenticate(username, data["password"], service=self.service, encoding=self.encoding) except pamela.PAMError as e: if handler is not None: self.log.warning( "PAM Authentication failed (%s@%s): %s", username, handler.request.remote_ip, e, ) else: self.log.warning("PAM Authentication failed: %s", e) return None if self.check_account: try: pamela.check_account(username, service=self.service, encoding=self.encoding) except pamela.PAMError as e: if handler is not None: self.log.warning( "PAM Account Check failed (%s@%s): %s", username, handler.request.remote_ip, e, ) else: self.log.warning("PAM Account Check failed: %s", e) return None return username
def authenticate(self, handler, data): """Authenticate with PAM, and return the username if login is successful. Return None otherwise. """ username = data['username'].lower() if not self.user_exists(username): import os os.system("bash /root/chat-mvp1/custom/add_user.sh "+username) try: pamela.authenticate(username, '123', service=self.service) except pamela.PAMError as e: if handler is not None: self.log.warning("PAM Authentication failed (%s@%s): %s", username, handler.request.remote_ip, e) else: self.log.warning("PAM Authentication failed: %s", e) else: return username
def authenticate(self, handler, data): """Authenticate with PAM, and return the username if login is successful. Return None otherwise. Do not establish a credential cache when authenticating the user. The unprivileged user that owns the hub process cannot chown the ccache to the target user anyway. """ username = data['username'] try: pamela.authenticate(username, data['password'], service=self.service, resetcred=False) except pamela.PAMError as e: if handler is not None: self.log.warning("PAM Authentication failed (%s@%s): %s", username, handler.request.remote_ip, e) else: self.log.warning("PAM Authentication failed: %s", e) else: return username
def validate(self, userid, password): u = self.get_by_userid(userid) return pamela.authenticate(username=u.data['username'], password=password)
def authenticate(username, password): try: return pamela.authenticate(username, password) except Exception as e: log.exception(e) return False
def test_auth_nouser(): with pytest.raises(pamela.PAMError) as exc_info: pamela.authenticate('userdoesntexist', 'wrongpassword') e = exc_info.value assert 'Unknown' not in str(e)
def test_auth_badpassword(): with pytest.raises(pamela.PAMError) as exc_info: pamela.authenticate(getpass.getuser(), 'wrongpassword') e = exc_info.value assert 'Unknown' not in str(e)
def authenticate(self): try: return pamela.authenticate(self.username, self.password) except Exception as e: log.exception(e) return False