Univention Bugzilla – Attachment 5300 Details for
Bug 31861
UMC-Server: authentication API should be more generic
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
generic-umc-auth.patch (text/plain), 7.17 KB, created by
Jacek Groth
on 2013-07-01 14:41:57 CEST
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Jacek Groth
Created:
2013-07-01 14:41:57 CEST
Size:
7.17 KB
patch
obsolete
>diff -rupN original/univention-management-console/src/univention/management/console/auth.py changed/univention-management-console/src/univention/management/console/auth.py >--- original/univention-management-console/src/univention/management/console/auth.py 2013-07-01 14:10:32.847889800 +0200 >+++ changed/univention-management-console/src/univention/management/console/auth.py 2013-07-01 14:24:20.519870700 +0200 >@@ -247,22 +247,32 @@ class AuthHandler( signals.Provider ): > self.signal_new( 'authenticated' ) > self.__credentials = None > >- def _create_modules( self, username, password ): >+ def _create_modules( self, **kwargs ): > global _all_modules > self._modules = [] > for mod in _all_modules: >- instance = mod( username, password ) >- instance.signal_connect( 'auth_return', self._auth_return ) >- instance.signal_connect( 'password_changed', self._password_changed ) >- self._modules.append( instance ) >+ try: >+ instance = mod( kwargs['username'] , kwargs['password'] ) >+ instance.signal_connect( 'auth_return', self._auth_return ) >+ instance.signal_connect( 'password_changed', self._password_changed ) >+ self._modules.append( instance ) >+ except Exception, e: >+ AUTH.warn( "AuthHandler - _create_modules error: %s" % str( e ) ) > self._modules.reverse() >+ >+ def authenticate( self, **kwargs ): >+ try: >+ if kwargs['auth_type'] == "saml": >+ AUTH.warn('__starting SAML Authenticate __') >+ >+ self._create_modules( **kwargs ) >+ self._current = self._modules.pop() >+ self.__new_password = kwargs['new_password'] >+ self._current.authenticate() >+ self.__credentials = ( kwargs['username'], kwargs['password'] ) >+ except Exception, e: >+ AUTH.warn( "authenticate.... error: %s" % str( e ) ) > >- def authenticate( self, username, password, new_password=None ): >- self._create_modules( username, password ) >- self._current = self._modules.pop() >- self.__new_password = new_password >- self._current.authenticate() >- self.__credentials = ( username, password ) > > def credentials( self ): > return self.__credentials >diff -rupN original/univention-management-console/src/univention/management/console/protocol/client.py changed/univention-management-console/src/univention/management/console/protocol/client.py >--- original/univention-management-console/src/univention/management/console/protocol/client.py 2013-07-01 14:10:32.851889800 +0200 >+++ changed/univention-management-console/src/univention/management/console/protocol/client.py 2013-07-01 14:27:26.275866400 +0200 >@@ -31,7 +31,6 @@ > # <http://www.gnu.org/licenses/>. > > """Provides a class :class:`.Client` that implements an UMCP client""" >- > import errno, os, socket, sys, fcntl > > from univention.lib.i18n import Translation >@@ -340,12 +339,12 @@ class Client( signals.Provider, Translat > else: > self.signal_emit( 'error', UnknownRequestError() ) > >- def authenticate( self, username, password, new_password=None ): >+ def authenticate( self, **kwargs ): > """Authenticate against the UMC server""" > authRequest = Request ('AUTH' ) >- authRequest.body['username'] = username >- authRequest.body['password'] = password >- authRequest.body['new_password'] = new_password >+ >+ for opt in kwargs: >+ authRequest.body[opt] = kwargs[opt] > > self.request( authRequest ) > >diff -rupN original/univention-management-console/src/univention/management/console/protocol/server.py changed/univention-management-console/src/univention/management/console/protocol/server.py >--- original/univention-management-console/src/univention/management/console/protocol/server.py 2013-07-01 14:10:32.859889800 +0200 >+++ changed/univention-management-console/src/univention/management/console/protocol/server.py 2013-07-01 14:28:40.335864600 +0200 >@@ -35,6 +35,7 @@ > Defines the basic class for an UMC server. > """ > >+ > # python packages > import fcntl > import gzip >@@ -213,7 +214,7 @@ class MagicBucket( object ): > elif msg.command == 'AUTH': > state.authResponse = Response( msg ) > try: >- state.authenticate( msg.body[ 'username' ], msg.body[ 'password' ], msg.body.get( 'new_password' ) ) >+ state.authenticate( **{'auth_type':msg.body[ 'auth_type' ],'username':msg.body[ 'username' ], 'password':msg.body[ 'password' ], 'new_password':msg.body.get( 'new_password' )} ) > except ( TypeError, KeyError ), e: > state.authResponse.status = BAD_REQUEST_INVALID_OPTS > state.authResponse.message = 'insufficient authentification information' >@@ -500,6 +501,7 @@ class Server( signals.Provider ): > > def _connection( self, socket ): > '''Signal callback: Invoked on incoming connections.''' >+ > socket, addr = socket.accept() > socket.setblocking( 0 ) > if addr: >diff -rupN original/univention-management-console/src/univention/management/console/protocol/session.py changed/univention-management-console/src/univention/management/console/protocol/session.py >--- original/univention-management-console/src/univention/management/console/protocol/session.py 2013-07-01 14:10:32.863889800 +0200 >+++ changed/univention-management-console/src/univention/management/console/protocol/session.py 2013-05-28 10:12:09.632265000 +0200 >@@ -99,10 +99,10 @@ class State( signals.Provider ): > def _authenticated( self, success ): > self.signal_emit( 'authenticated', success, self ) > >- def authenticate( self, username, password, new_password=None ): >+ def authenticate( self, **kwargs ): > """Initiates an authentication process""" >- self.username = username >- self.__auth.authenticate( username, password, new_password ) >+ self.username = kwargs['username'] >+ self.__auth.authenticate( **kwargs ) > > def credentials( self ): > """Returns the credentials""" >diff -rupN original/univention-management-console-frontend/univention-management-console-web-server changed/univention-management-console-frontend/univention-management-console-web-server >--- original/univention-management-console-frontend/univention-management-console-web-server 2013-07-01 14:10:32.871889800 +0200 >+++ changed/univention-management-console-frontend/univention-management-console-web-server 2013-07-01 14:31:56.027860100 +0200 >@@ -133,7 +133,7 @@ class SessionClient(object): > self._auth_response = umcp.Response( request ) > self._auth_response.body['sessionid'] = request.body.get('sessionid','') > self._auth_response_queue = response_queue >- self.client.authenticate( request.body[ 'username' ], request.body[ 'password' ], request.body[ 'new_password' ] ) >+ self.client.authenticate( **request.body ) > > def _response(self, response): > """Queue response from UMC server.""" >@@ -553,16 +553,15 @@ class CPAuth(CPgeneric): > body = cherrypy.request.body.read() > > json = self.load_json(body) >- > CORE.info('CPRoot/command: request: command=%s' % cherrypy.request.path_info ) > > # create new UMCP request > req = umcp.Request( 'AUTH' ) >- req.body[ 'username' ] = json[ 'options' ].get('username','') >- req.body[ 'password' ] = json[ 'options' ].get('password','') >- req.body[ 'new_password' ] = json[ 'options' ].get('new_password') >+ for opt in json['options']: >+ req.body[opt] = json['options'][opt] >+ req.body[ 'new_password' ] = json[ 'options' ].get('new_password') > >- # create new response queue >+ # create new response queue > response_queue = Queue.Queue() > > # send request to UMC server
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=5300">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 31861
:
5300
|
5318