示例#1
0
 def locateChild(self, request, segments):
     fnp = self.child(segments[0])
     if not fnp.exists():
         raise http.HTTPError(responsecode.NOT_FOUND)
     elif fnp.isdir():
         return CGIDirectory(fnp.path), segments[1:]
     else:
         return CGIScript(fnp.path), segments[1:]
     return None, ()
示例#2
0
 def render(self, req):
     if req.avatar.username == 'anonymous':
         if not self.sendOwnHeaders:
             raise http.HTTPError(responsecode.UNAUTHORIZED)
         else:
             return http.Response(
                 responsecode.UNAUTHORIZED,
                 {'www-authenticate': [('basic', {
                     'realm': 'foo'
                 })]})
     else:
         return super(NonAnonymousResource, self).render(req)
示例#3
0
    def locateChild(self, req, segments):
        scheme = req.headers.getRawHeaders('x-app-scheme')

        if self.sendsRealHost:
            host = req.headers.getRawHeaders('host')
        else:
            host = req.headers.getRawHeaders('x-forwarded-host')

        app_location = req.headers.getRawHeaders('x-app-location')
        remote_ip = req.headers.getRawHeaders('x-forwarded-for')

        if not (host and remote_ip):
            if not host:
                warnings.warn(
                    ("No host was obtained either from Host or "
                     "X-Forwarded-Host headers.  If your proxy does not "
                     "send either of these headers use VHostURIRewrite. "
                     "If your proxy sends the real host as the Host header "
                     "use "
                     "AutoVHostURIRewrite(resrc, sendsRealHost=True)"))

            # some header unspecified => Error
            raise http.HTTPError(responsecode.BAD_REQUEST)
        host = host[0]
        remote_ip = remote_ip[0]
        if app_location:
            app_location = app_location[0]
        else:
            app_location = '/'
        if scheme:
            scheme = scheme[0]
        else:
            scheme='http'
        
        req.host, req.port = http.splitHostPort(scheme, host)
        req.scheme = scheme
        
        req.remoteAddr = address.IPv4Address('TCP', remote_ip, 0)
            
        req.prepath = app_location[1:].split('/')[:-1]
        req.path = '/'+('/'.join([urllib.quote(s, '') for s in (req.prepath + segments)]))
        
        return self.resource, segments
示例#4
0
    def _loginFailed(self, result, request):
        """
        Errback for failed login.

        @param result: L{Failure} returned by portal.login

        @param request: L{IRequest} that encapsulates this auth
            attempt.

        @return: A L{Failure} containing an L{HTTPError} containing the
            L{UnauthorizedResponse} if C{result} is an L{UnauthorizedLogin}
            or L{UnhandledCredentials} error
        """
        result.trap(error.UnauthorizedLogin, error.UnhandledCredentials)

        return failure.Failure(
            http.HTTPError(
                UnauthorizedResponse(self.credentialFactories,
                                     request.remoteAddr)))
示例#5
0
    def authenticate(self, request):
        """
        Attempt to authenticate the givin request

        @param request: An L{IRequest} to be authenticated.
        """
        authHeader = request.headers.getHeader('authorization')

        if authHeader is None:
            return self.portal.login(credentials.Anonymous(), None,
                                     *self.interfaces).addCallbacks(
                                         self._loginSucceeded,
                                         self._loginFailed, (request, ), None,
                                         (request, ), None)

        elif authHeader[0] not in self.credentialFactories:
            raise http.HTTPError(
                UnauthorizedResponse(self.credentialFactories,
                                     request.remoteAddr))
        else:
            return self.login(self.credentialFactories[authHeader[0]],
                              authHeader[1], request)
示例#6
0
    def login(self, factory, response, request):
        """
        @param factory: An L{ICredentialFactory} that understands the given
            response.

        @param response: The client's authentication response as a string.

        @param request: The request that prompted this authentication attempt.

        @return: A L{Deferred} that fires with the wrappedResource on success
            or a failure containing an L{UnauthorizedResponse}
        """
        try:
            creds = factory.decode(response, request)
        except error.LoginFailed:
            raise http.HTTPError(
                UnauthorizedResponse(self.credentialFactories,
                                     request.remoteAddr))

        return self.portal.login(creds, None, *self.interfaces).addCallbacks(
            self._loginSucceeded, self._loginFailed, (request, ), None,
            (request, ), None)
示例#7
0
#
#     def __init__(self, path):
#         self.path = path
#
#     def renderHTTP(self, request):
#         request.startedWriting = 1
#         return File(self.path)
#
#     def locateChild(self, request):
#         return None, ()

##
# Utilities
##

dangerousPathError = http.HTTPError(
    responsecode.NOT_FOUND)  #"Invalid request URL."


def isDangerous(path):
    return path == '..' or '/' in path or os.sep in path


def addSlash(request):
    return "http%s://%s%s/" % (request.isSecure() and 's'
                               or '', request.getHeader("host"),
                               (request.uri.split('?')[0]))


def loadMimeTypes(mimetype_locations=['/etc/mime.types']):
    """
    Multiple file locations containing mime-types can be passed as a list.