/usr/share/pyshared/repoze/who/plugins/basicauth.py is in python-repoze.who 1.0.18-4.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 | import binascii
from paste.httpheaders import WWW_AUTHENTICATE
from paste.httpheaders import AUTHORIZATION
from paste.httpexceptions import HTTPUnauthorized
from zope.interface import implements
from repoze.who.interfaces import IIdentifier
from repoze.who.interfaces import IChallenger
class BasicAuthPlugin(object):
implements(IIdentifier, IChallenger)
def __init__(self, realm):
self.realm = realm
# IIdentifier
def identify(self, environ):
authorization = AUTHORIZATION(environ)
try:
authmeth, auth = authorization.split(' ', 1)
except ValueError: # not enough values to unpack
return None
if authmeth.lower() == 'basic':
try:
auth = auth.strip().decode('base64')
except binascii.Error: # can't decode
return None
try:
login, password = auth.split(':', 1)
except ValueError: # not enough values to unpack
return None
auth = {'login':login, 'password':password}
return auth
return None
# IIdentifier
def remember(self, environ, identity):
# we need to do nothing here; the browser remembers the basic
# auth info as a result of the user typing it in.
pass
def _get_wwwauth(self):
head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm)
return head
# IIdentifier
def forget(self, environ, identity):
return self._get_wwwauth()
# IChallenger
def challenge(self, environ, status, app_headers, forget_headers):
head = self._get_wwwauth()
if head[0] not in forget_headers:
head = head + forget_headers
return HTTPUnauthorized(headers=head)
def __repr__(self):
return '<%s %s>' % (self.__class__.__name__,
id(self)) #pragma NO COVERAGE
def make_plugin(realm='basic'):
plugin = BasicAuthPlugin(realm)
return plugin
|