/usr/lib/python2.7/dist-packages/repoze/who/classifiers.py is in python-repoze.who 2.2-3.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 | from repoze.who._compat import CONTENT_TYPE
from repoze.who._compat import REQUEST_METHOD
from repoze.who._compat import USER_AGENT
from zope.interface import directlyProvides
from repoze.who.interfaces import IRequestClassifier
from repoze.who.interfaces import IChallengeDecider
_DAV_METHODS = (
'OPTIONS',
'PROPFIND',
'PROPPATCH',
'MKCOL',
'LOCK',
'UNLOCK',
'TRACE',
'DELETE',
'COPY',
'MOVE'
)
_DAV_USERAGENTS = (
'Microsoft Data Access Internet Publishing Provider',
'WebDrive',
'Zope External Editor',
'WebDAVFS',
'Goliath',
'neon',
'davlib',
'wsAPI',
'Microsoft-WebDAV'
)
def default_request_classifier(environ):
"""Return one of the following classifiers:
'dav': the request comes from a WebDAV agent.
'xmlpost': the request is a POST of XML data.
'browser': the request comes from a normal browser (default).
"""
request_method = REQUEST_METHOD(environ)
if request_method in _DAV_METHODS:
return 'dav'
useragent = USER_AGENT(environ)
if useragent:
for agent in _DAV_USERAGENTS:
if useragent.find(agent) != -1:
return 'dav'
if request_method == 'POST':
if CONTENT_TYPE(environ).lower().startswith('text/xml'):
return 'xmlpost'
return 'browser'
directlyProvides(default_request_classifier, IRequestClassifier)
def default_challenge_decider(environ, status, headers):
return status.startswith('401 ')
directlyProvides(default_challenge_decider, IChallengeDecider)
def passthrough_challenge_decider(environ, status, headers):
""" Don't challenge for pre-challenged responses.
o Assume responsese with 'WWW-Authenticate' or an HTML content type
are pre-challenged.
"""
if not status.startswith('401 '):
return False
h_dict = dict(headers)
if 'WWW-Authenticate' in h_dict:
return False
ct = h_dict.get('Content-Type')
if ct is not None:
return not ct.startswith('text/html')
return True
directlyProvides(passthrough_challenge_decider, IChallengeDecider)
|