[CalendarServer-changes] [381] CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/ directory/cred.py

source_changes at macosforge.org source_changes at macosforge.org
Mon Nov 6 19:31:14 PST 2006


Revision: 381
          http://trac.macosforge.org/projects/calendarserver/changeset/381
Author:   wsanchez at apple.com
Date:     2006-11-06 19:31:14 -0800 (Mon, 06 Nov 2006)

Log Message:
-----------
Use new DirectoryCredentialsChecker implementation, which uses the abstract IDirectoryService interface.

Modified Paths:
--------------
    CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/cred.py

Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/cred.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/cred.py	2006-11-07 03:29:59 UTC (rev 380)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/cred.py	2006-11-07 03:31:14 UTC (rev 381)
@@ -25,55 +25,33 @@
 ]
 
 from twisted.internet.defer import succeed
-from twisted.cred.credentials import UsernamePassword
 from twisted.cred.error import UnauthorizedLogin
 from twisted.web2.dav.auth import IPrincipalCredentials
 from twisted.web2.dav.auth import TwistedPropertyChecker
 
-import opendirectory
-
 from twistedcaldav import customxml
 
 class DirectoryCredentialsChecker (TwistedPropertyChecker):
+    def __init__(self, service):
+        """
+        @param service: an L{IDirectoryService} provider.
+        """
+        self.service = service
 
     def requestAvatarId(self, credentials):
-
         # If there is no calendar principal URI then the calendar user is disabled.
-        pcreds = IPrincipalCredentials(credentials)
-        if not pcreds.authnPrincipal.hasDeadProperty(customxml.TwistedCalendarPrincipalURI):
+        credentials = IPrincipalCredentials(credentials)
+        if not credentials.authnPrincipal.hasDeadProperty(customxml.TwistedCalendarPrincipalURI):
             # Try regular password check
             return TwistedPropertyChecker.requestAvatarId(self, credentials)
 
-        creds = pcreds.credentials
-        if isinstance(creds, UsernamePassword):
-            user = creds.username
-            pswd = creds.password
-            if opendirectory.authenticateUser(pcreds.authnPrincipal.directory(), user, pswd):
-                return succeed((pcreds.authnURI, pcreds.authzURI,))
-        
-        raise UnauthorizedLogin("Bad credentials for: %s" % (pcreds.authnURI,))
+        user = self.service.userWithShortName(credentials.credentials.username)
+        raise UnauthorizedLogin("Unknown credentials type for principal: %s" % (credentials.authnURI,))
 
-#class DirectoryCredentialsChecker (TwistedPropertyChecker):
-#    def __init__(self, service):
-#        """
-#        @param service: an L{IDirectoryService} provider.
-#        """
-#        self.service = service
-#
-#    def requestAvatarId(self, credentials):
-#        # If there is no calendar principal URI then the calendar user is disabled.
-#        credentials = IPrincipalCredentials(credentials)
-#        if not credentials.authnPrincipal.hasDeadProperty(customxml.TwistedCalendarPrincipalURI):
-#            # Try regular password check
-#            return TwistedPropertyChecker.requestAvatarId(self, credentials)
-#
-#        user = self.service.userWithShortName(credentials.credentials.username)
-#        raise UnauthorizedLogin("Unknown credentials type for principal: %s" % (credentials.authnURI,))
-#
-#        if not user:
-#            raise UnauthorizedLogin("No such user: %s" % (user,))
-#
-#        if user.authenticate(credentials.credentials):
-#            return succeed((credentials.authnURI, credentials.authzURI))
-#        else:
-#            raise UnauthorizedLogin("Incorrect credentials for user: %s" % (user,)) 
+        if not user:
+            raise UnauthorizedLogin("No such user: %s" % (user,))
+
+        if user.authenticate(credentials.credentials):
+            return succeed((credentials.authnURI, credentials.authzURI))
+        else:
+            raise UnauthorizedLogin("Incorrect credentials for user: %s" % (user,)) 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20061106/b27ceac0/attachment.html


More information about the calendarserver-changes mailing list