[Zope3-checkins] SVN: Zope3/trunk/src/zope/app/pas/ Some basic HTTP auth plugins.

Stephan Richter srichter at cosmos.phy.tufts.edu
Sun Oct 10 09:43:35 EDT 2004


Log message for revision 27902:
  Some basic HTTP auth plugins.
  
  


Changed:
  A   Zope3/trunk/src/zope/app/pas/configure.zcml
  A   Zope3/trunk/src/zope/app/pas/httpplugin.py
  U   Zope3/trunk/src/zope/app/pas/tests.py


-=-
Added: Zope3/trunk/src/zope/app/pas/configure.zcml
===================================================================
--- Zope3/trunk/src/zope/app/pas/configure.zcml	2004-10-10 13:20:22 UTC (rev 27901)
+++ Zope3/trunk/src/zope/app/pas/configure.zcml	2004-10-10 13:43:35 UTC (rev 27902)
@@ -0,0 +1,55 @@
+<configure
+    xmlns="http://namespaces.zope.org/zope"
+    xmlns:browser="http://namespaces.zope.org/browser"
+    i18n_domain="zope"
+    >
+
+  <localUtility class=".httpplugin.HTTPBasicAuthExtractor">
+
+    <implements
+        interface="zope.app.annotation.interfaces.IAttributeAnnotatable" />
+
+    <require
+        permission="zope.ManageContent"
+        interface=".interfaces.IExtractionPlugin" />
+
+  </localUtility>
+
+  <localUtility class=".httpplugin.HTTPBasicAuthChallenger">
+
+    <implements
+        interface="zope.app.annotation.interfaces.IAttributeAnnotatable" />
+
+    <require
+        permission="zope.ManageContent"
+        interface=".interfaces.IExtractionPlugin" />
+
+  </localUtility>
+
+  <browser:tool
+      interface=".interfaces.IExtractionPlugin"
+      title="PAS Extraction Plugin"
+      description="PAS Extraction Plugin"
+      />
+  
+  <browser:tool
+      interface=".interfaces.IChallengePlugin"
+      title="PAS Challenge Plugin"
+      description="PAS Challenge Plugin"
+      />
+
+  <browser:addMenuItem
+      title="PAS Extraction Plugin"
+      description="A PAS Extraction Plugin"
+      class="zope.app.pas.httpplugin.HTTPBasicAuthExtractor"
+      permission="zope.ManageContent"
+      />
+  
+  <browser:addMenuItem
+      title="PAS Challenge Plugin"
+      description="A PAS Challenge Plugin"
+      class="zope.app.pas.httpplugin.HTTPBasicAuthChallenger"
+      permission="zope.ManageContent"
+      />
+  
+</configure>

Added: Zope3/trunk/src/zope/app/pas/httpplugin.py
===================================================================
--- Zope3/trunk/src/zope/app/pas/httpplugin.py	2004-10-10 13:20:22 UTC (rev 27901)
+++ Zope3/trunk/src/zope/app/pas/httpplugin.py	2004-10-10 13:43:35 UTC (rev 27902)
@@ -0,0 +1,76 @@
+##############################################################################
+#
+# Copyright (c) 2004 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""PAS plugins related to HTTP
+
+$Id$
+"""
+__docformat__ = "reStructuredText"
+import base64
+from persistent import Persistent
+from zope.interface import implements
+
+from zope.app.container.contained import Contained
+from interfaces import IExtractionPlugin, IChallengePlugin
+
+
+class HTTPBasicAuthExtractor(Persistent, Contained):
+    """A Basic HTTP Authentication Crendentials Extraction Plugin
+
+    First we need to create a request that contains some credentials.
+    
+    >>> from zope.publisher.browser import TestRequest
+    >>> request = TestRequest(
+    ...     environ={'HTTP_AUTHORIZATION': u'Basic bWdyOm1ncnB3'})
+
+    Now create the extraction plugin and get the credentials.
+
+    >>> extractor = HTTPBasicAuthExtractor()
+    >>> extractor.extractCredentials(request)
+    (u'mgr', u'mgrpw')
+
+    Make sure we return `None`, if no authentication header has been
+    specified.
+
+    >>> extractor.extractCredentials(TestRequest()) is None
+    True
+
+    Also, this extractor can *only* hadle basic authentication.
+
+    >>> request = TestRequest({'HTTP_AUTHORIZATION': 'foo bar'})
+    >>> extractor.extractCredentials(TestRequest()) is None
+    True
+    """
+    implements(IExtractionPlugin)
+
+    def extractCredentials(self, request):
+        if request._auth:
+            if request._auth.lower().startswith(u'basic '):
+                credentials = request._auth.split()[-1] 
+                username, password = base64.decodestring(credentials).split(':')
+                return username.decode('utf-8'), password.decode('utf-8')
+
+
+class HTTPBasicAuthChallenger(Persistent, Contained):
+    """A Basic HTTP Authentication Challenge Plugin
+
+    """
+    implements(IChallengePlugin)
+
+    realm = 'Zope 3'
+    
+    def challenge(self, requests, response):
+        response.setHeader("WWW-Authenticate", "basic realm=%s" %self.realm,
+                           True)
+        response.setStatus(401)
+        return True

Modified: Zope3/trunk/src/zope/app/pas/tests.py
===================================================================
--- Zope3/trunk/src/zope/app/pas/tests.py	2004-10-10 13:20:22 UTC (rev 27901)
+++ Zope3/trunk/src/zope/app/pas/tests.py	2004-10-10 13:43:35 UTC (rev 27902)
@@ -45,6 +45,7 @@
 
 def test_suite():
     return unittest.TestSuite((
+        doctest.DocTestSuite('zope.app.pas.httpplugin'),
         doctest.DocFileSuite('README.txt',
                              setUp=placelesssetup.setUp,
                              tearDown=placelesssetup.tearDown,



More information about the Zope3-Checkins mailing list