/usr/share/pyshared/zope/pluggableauth/authentication.py is in python-zope.pluggableauth 1.3-0ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 | ##############################################################################
#
# Copyright (c) 2004 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Pluggable Authentication Utility implementation
"""
from zope import component
from zope.authentication.interfaces import (
IAuthentication, PrincipalLookupError)
from zope.container.btree import BTreeContainer
from zope.interface import implements
from zope.pluggableauth import interfaces
from zope.schema.interfaces import ISourceQueriables
from zope.site.next import queryNextUtility
class PluggableAuthentication(BTreeContainer):
implements(
IAuthentication,
interfaces.IPluggableAuthentication,
ISourceQueriables)
authenticatorPlugins = ()
credentialsPlugins = ()
def __init__(self, prefix=''):
super(PluggableAuthentication, self).__init__()
self.prefix = prefix
def _plugins(self, names, interface):
for name in names:
plugin = self.get(name)
if not interface.providedBy(plugin):
plugin = component.queryUtility(interface, name, context=self)
if plugin is not None:
yield name, plugin
def getAuthenticatorPlugins(self):
return self._plugins(
self.authenticatorPlugins, interfaces.IAuthenticatorPlugin)
def getCredentialsPlugins(self):
return self._plugins(
self.credentialsPlugins, interfaces.ICredentialsPlugin)
def authenticate(self, request):
authenticatorPlugins = [p for n, p in self.getAuthenticatorPlugins()]
for name, credplugin in self.getCredentialsPlugins():
credentials = credplugin.extractCredentials(request)
for authplugin in authenticatorPlugins:
if authplugin is None:
continue
info = authplugin.authenticateCredentials(credentials)
if info is None:
continue
info.credentialsPlugin = credplugin
info.authenticatorPlugin = authplugin
principal = component.getMultiAdapter((info, request),
interfaces.IAuthenticatedPrincipalFactory)(self)
principal.id = self.prefix + info.id
return principal
return None
def getPrincipal(self, id):
if not id.startswith(self.prefix):
next = queryNextUtility(self, IAuthentication)
if next is None:
raise PrincipalLookupError(id)
return next.getPrincipal(id)
id = id[len(self.prefix):]
for name, authplugin in self.getAuthenticatorPlugins():
info = authplugin.principalInfo(id)
if info is None:
continue
info.credentialsPlugin = None
info.authenticatorPlugin = authplugin
principal = interfaces.IFoundPrincipalFactory(info)(self)
principal.id = self.prefix + info.id
return principal
next = queryNextUtility(self, IAuthentication)
if next is not None:
return next.getPrincipal(self.prefix + id)
raise PrincipalLookupError(id)
def getQueriables(self):
for name, authplugin in self.getAuthenticatorPlugins():
queriable = component.queryMultiAdapter((authplugin, self),
interfaces.IQueriableAuthenticator)
if queriable is not None:
yield name, queriable
def unauthenticatedPrincipal(self):
return None
def unauthorized(self, id, request):
challengeProtocol = None
for name, credplugin in self.getCredentialsPlugins():
protocol = getattr(credplugin, 'challengeProtocol', None)
if challengeProtocol is None or protocol == challengeProtocol:
if credplugin.challenge(request):
if protocol is None:
return
elif challengeProtocol is None:
challengeProtocol = protocol
if challengeProtocol is None:
next = queryNextUtility(self, IAuthentication)
if next is not None:
next.unauthorized(id, request)
def logout(self, request):
challengeProtocol = None
for name, credplugin in self.getCredentialsPlugins():
protocol = getattr(credplugin, 'challengeProtocol', None)
if challengeProtocol is None or protocol == challengeProtocol:
if credplugin.logout(request):
if protocol is None:
return
elif challengeProtocol is None:
challengeProtocol = protocol
if challengeProtocol is None:
next = queryNextUtility(self, IAuthentication)
if next is not None:
next.logout(request)
|