[Zope3-checkins] SVN: Zope3/trunk/src/zope/app/authentication/ Wrote FTP credentials extraction plugin. Also fixed bug in the session

Michael Kerrin michael.kerrin at openapp.biz
Tue Apr 19 14:52:52 EDT 2005


Log message for revision 30047:
  Wrote FTP credentials extraction plugin. Also fixed bug in the session
  credentials extraction and HTTP basic-auth credentials extraction plugins
  which blindly assumed that all requests are HTTP based.
  

Changed:
  U   Zope3/trunk/src/zope/app/authentication/configure.zcml
  A   Zope3/trunk/src/zope/app/authentication/ftpplugins.py
  A   Zope3/trunk/src/zope/app/authentication/ftpplugins.zcml
  U   Zope3/trunk/src/zope/app/authentication/httpplugins.py
  U   Zope3/trunk/src/zope/app/authentication/principalfolder.py
  U   Zope3/trunk/src/zope/app/authentication/session.py
  U   Zope3/trunk/src/zope/app/authentication/tests.py

-=-
Modified: Zope3/trunk/src/zope/app/authentication/configure.zcml
===================================================================
--- Zope3/trunk/src/zope/app/authentication/configure.zcml	2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/configure.zcml	2005-04-19 18:52:51 UTC (rev 30047)
@@ -44,6 +44,7 @@
   <include file="httpplugins.zcml" />
   <include file="principalfolder.zcml" />
   <include file="groupfolder.zcml" />
+  <include file="ftpplugins.zcml" />
 
   <include package=".browser" />
 

Added: Zope3/trunk/src/zope/app/authentication/ftpplugins.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/ftpplugins.py	2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/ftpplugins.py	2005-04-19 18:52:51 UTC (rev 30047)
@@ -0,0 +1,64 @@
+##############################################################################
+#
+# Copyright (c) 2004 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""PAS plugins related to FTP
+"""
+
+from zope.interface import implements
+from zope.publisher.interfaces.ftp import IFTPRequest
+
+from zope.app.authentication import interfaces
+
+class FTPCredentialsPlugin(object):
+
+    implements(interfaces.ICredentialsPlugin)
+
+    def extractCredentials(self, request):
+        """Extracts the FTP credentials from a request.
+
+        First we need to create a FTP request that contains some credentials.
+        Note the path is a required in the envirnoment.
+
+          >>> from zope.publisher.ftp import FTPRequest
+          >>> from StringIO import StringIO
+          >>> request = FTPRequest(StringIO(''), StringIO(),
+          ...                      {'credentials': ('bob', '123'),
+          ...                       'path': '/a/b/c'})
+
+        Now we create the plugin and get the credentials.
+
+          >>> plugin = FTPCredentialsPlugin()
+          >>> plugin.extractCredentials(request)
+          {'login': u'bob', 'password': u'123'}
+
+        This only works for FTPRequests.
+
+          >>> from zope.publisher.base import TestRequest
+          >>> print plugin.extractCredentials(TestRequest('/'))
+          None
+
+        """
+        if not IFTPRequest.providedBy(request):
+            return None
+
+        if request._auth:
+            login, password = request._auth
+            return {'login': login.decode('utf-8'),
+                    'password': password.decode('utf-8')}
+        return None
+
+    def challenge(self, request):
+        return False
+
+    def logout(self, request):
+        return False


Property changes on: Zope3/trunk/src/zope/app/authentication/ftpplugins.py
___________________________________________________________________
Name: svn:eol-style
   + native

Added: Zope3/trunk/src/zope/app/authentication/ftpplugins.zcml
===================================================================
--- Zope3/trunk/src/zope/app/authentication/ftpplugins.zcml	2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/ftpplugins.zcml	2005-04-19 18:52:51 UTC (rev 30047)
@@ -0,0 +1,11 @@
+<configure
+    xmlns="http://namespaces.zope.org/zope"
+    i18n_domain="zope">
+
+  <utility
+     name="FTP Credentials"
+     provides=".interfaces.ICredentialsPlugin"
+     factory=".ftpplugins.FTPCredentialsPlugin"
+     />
+
+</configure>


Property changes on: Zope3/trunk/src/zope/app/authentication/ftpplugins.zcml
___________________________________________________________________
Name: svn:eol-style
   + native

Modified: Zope3/trunk/src/zope/app/authentication/httpplugins.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/httpplugins.py	2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/httpplugins.py	2005-04-19 18:52:51 UTC (rev 30047)
@@ -73,7 +73,16 @@
           >>> print plugin.extractCredentials(TestRequest())
           None
 
+        This plugin only works with HTTP requests.
+
+          >>> from zope.publisher.base import TestRequest
+          >>> print plugin.extractCredentials(TestRequest('/'))
+          None
+
         """
+        if not IHTTPRequest.providedBy(request):
+            return None
+
         if request._auth:
             if request._auth.lower().startswith(u'basic '):
                 credentials = request._auth.split()[-1]
@@ -108,11 +117,11 @@
           >>> request = TestRequest('/')
           >>> response = request.response
           >>> print plugin.challenge(request)
-          None
+          False
 
         """
         if not IHTTPRequest.providedBy(request):
-            return None
+            return False
         request.response.setHeader("WWW-Authenticate",
                                    "basic realm=%s" % self.realm, literal=True)
         request.response.setStatus(401)
@@ -137,4 +146,4 @@
     pass
 
 class HTTPBasicAuthChallenger(Persistent, Contained):
-    pass
\ No newline at end of file
+    pass

Modified: Zope3/trunk/src/zope/app/authentication/principalfolder.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/principalfolder.py	2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/principalfolder.py	2005-04-19 18:52:51 UTC (rev 30047)
@@ -22,7 +22,7 @@
 from zope import component
 from zope.event import notify
 from zope.schema import Text, TextLine, Password
-from zope.publisher.interfaces.browser import IBrowserRequest
+from zope.publisher.interfaces import IRequest
 from zope.security.interfaces import IGroupAwarePrincipal
 
 from zope.app.container.contained import Contained
@@ -288,8 +288,8 @@
     the principal to create and a request:
 
       >>> info = PrincipalInfo('users.mary', 'mary', 'Mary', 'The site admin.')
-      >>> from zope.publisher.browser import TestRequest
-      >>> request = TestRequest()
+      >>> from zope.publisher.base import TestRequest
+      >>> request = TestRequest('/')
       >>> factory = AuthenticatedPrincipalFactory(info, request)
       >>> principal = factory()
 
@@ -320,7 +320,7 @@
     For information on how factories are used in the authentication process,
     see README.txt.
     """
-    component.adapts(interfaces.IPrincipalInfo, IBrowserRequest)
+    component.adapts(interfaces.IPrincipalInfo, IRequest)
 
     interface.implements(interfaces.IAuthenticatedPrincipalFactory)
 

Modified: Zope3/trunk/src/zope/app/authentication/session.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/session.py	2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/session.py	2005-04-19 18:52:51 UTC (rev 30047)
@@ -22,6 +22,7 @@
 
 from zope.interface import implements, Interface
 from zope.schema import TextLine
+from zope.publisher.interfaces.http import IHTTPRequest
 
 from zope.app import zapi
 from zope.app.component import hooks
@@ -157,6 +158,8 @@
 
     def extractCredentials(self, request):
         """Extracts credentials from a session if they exist."""
+        if not IHTTPRequest.providedBy(request):
+            return None
 
         sessionData = ISession(request)[
             'zope.app.authentication.browserplugins']
@@ -227,6 +230,9 @@
         This can be used by the login form to redirect the user back to the
         originating URL upon successful authentication.
         """
+        if not IHTTPRequest.providedBy(request):
+            return False
+
         site = hooks.getSite()
         camefrom = request.getURL()
         url = '%s/@@%s?%s' % (absoluteURL(site, request),
@@ -237,6 +243,9 @@
 
     def logout(self, request):
         """Performs logout by clearing session data credentials."""
+        if not IHTTPRequest.providedBy(request):
+            return False
+
         sessionData = ISession(request)[
             'zope.app.authentication.browserplugins']
         sessionData['credentials'] = None

Modified: Zope3/trunk/src/zope/app/authentication/tests.py
===================================================================
--- Zope3/trunk/src/zope/app/authentication/tests.py	2005-04-19 15:52:29 UTC (rev 30046)
+++ Zope3/trunk/src/zope/app/authentication/tests.py	2005-04-19 18:52:51 UTC (rev 30047)
@@ -37,6 +37,8 @@
         PersistentSessionDataContainer, RAMSessionDataContainer
 from zope.app.session.http import CookieClientIdManager
 
+from zope.publisher import base
+from zope.app.authentication.session import SessionCredentialsPlugin
 
 class TestClientId(object):
     implements(IClientId)
@@ -57,10 +59,45 @@
     sdc = session_data_container_class()
     ztapi.provideUtility(ISessionDataContainer, sdc, '')
 
+def nonHTTPSessionTestCaseSetUp(sdc_class=PersistentSessionDataContainer):
+    # I am getting an error with ClientId and not TestClientId
+    placelesssetup.setUp()
+    ztapi.provideAdapter(IRequest, IClientId, ClientId)
+    ztapi.provideAdapter(IRequest, ISession, Session)
+    ztapi.provideUtility(IClientIdManager, CookieClientIdManager())
+    sdc = sdc_class()
+    ztapi.provideUtility(ISessionDataContainer, sdc, '')
+
+
+class NonHTTPSessionTestCase(unittest.TestCase):
+    # Small test suite to catch an error with non HTTP protocols, like FTP
+    # and SessionCredentialsPlugin.
+    def setUp(self):
+        nonHTTPSessionTestCaseSetUp()
+
+    def tearDown(self):
+        placefulTearDown()
+
+    def test_exeractCredentials(self):
+        plugin = SessionCredentialsPlugin()
+
+        self.assertEqual(plugin.extractCredentials(base.TestRequest('/')), None)
+
+    def test_challenge(self):
+        plugin = SessionCredentialsPlugin()
+
+        self.assertEqual(plugin.challenge(base.TestRequest('/')), False)
+
+    def test_logout(self):
+        plugin = SessionCredentialsPlugin()
+
+        self.assertEqual(plugin.logout(base.TestRequest('/')), False)
+
 def test_suite():
     return unittest.TestSuite((
         doctest.DocTestSuite('zope.app.authentication.generic'),
         doctest.DocTestSuite('zope.app.authentication.httpplugins'),
+        doctest.DocTestSuite('zope.app.authentication.ftpplugins'),
         doctest.DocFileSuite('principalfolder.txt'),
         doctest.DocTestSuite('zope.app.authentication.principalfolder',
                              setUp=placelesssetup.setUp,
@@ -82,6 +119,7 @@
                              setUp=placelesssetup.setUp,
                              tearDown=placelesssetup.tearDown,
                              ),
+        unittest.makeSuite(NonHTTPSessionTestCase),
         ))
 
 if __name__ == '__main__':



More information about the Zope3-Checkins mailing list