[CalendarServer-changes] [516]
CalendarServer/branches/users/wsanchez/provisioning
source_changes at macosforge.org
source_changes at macosforge.org
Fri Nov 17 16:14:06 PST 2006
Revision: 516
http://trac.macosforge.org/projects/calendarserver/changeset/516
Author: wsanchez at apple.com
Date: 2006-11-17 16:14:05 -0800 (Fri, 17 Nov 2006)
Log Message:
-----------
Add digest auth to XML directory
Modified Paths:
--------------
CalendarServer/branches/users/wsanchez/provisioning/support/CalendarServer.tmproj
CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/directory.py
CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/idirectory.py
CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/accounts.xml
CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/test_xmlfile.py
CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/util.py
CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/xmlaccountsparser.py
CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/xmlfile.py
Modified: CalendarServer/branches/users/wsanchez/provisioning/support/CalendarServer.tmproj
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/support/CalendarServer.tmproj 2006-11-17 22:11:06 UTC (rev 515)
+++ CalendarServer/branches/users/wsanchez/provisioning/support/CalendarServer.tmproj 2006-11-18 00:14:05 UTC (rev 516)
@@ -63,6 +63,8 @@
<string>../bin</string>
</dict>
<dict>
+ <key>expanded</key>
+ <true/>
<key>name</key>
<string>doc</string>
<key>regexFolderFilter</key>
@@ -72,7 +74,7 @@
</dict>
</array>
<key>fileHierarchyDrawerWidth</key>
- <integer>200</integer>
+ <integer>325</integer>
<key>metaData</key>
<dict>
<key>../../Twisted/twisted/web2/dav/element/base.py</key>
Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/directory.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/directory.py 2006-11-17 22:11:06 UTC (rev 515)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/directory.py 2006-11-18 00:14:05 UTC (rev 516)
@@ -41,6 +41,15 @@
class DirectoryService(object):
implements(IDirectoryService, ICredentialsChecker)
+ ##
+ # IDirectoryService
+ ##
+ realmName = None
+
+ ##
+ # ICredentialsChecker
+ ##
+
# For ICredentialsChecker
credentialInterfaces = (IPrincipalCredentials,)
Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/idirectory.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/idirectory.py 2006-11-17 22:11:06 UTC (rev 515)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/idirectory.py 2006-11-18 00:14:05 UTC (rev 516)
@@ -31,6 +31,8 @@
"""
Directory Service
"""
+ realmName = Attribute("The name of the authentication realm this service represents.")
+
def recordTypes():
"""
@return: a sequence of strings denoting the record types that are kept
Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/accounts.xml
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/accounts.xml 2006-11-17 22:11:06 UTC (rev 515)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/accounts.xml 2006-11-18 00:14:05 UTC (rev 516)
@@ -18,7 +18,7 @@
<!DOCTYPE accounts SYSTEM "accounts.dtd">
-<accounts>
+<accounts realm="Test Realm">
<user>
<uid>admin</uid>
<pswd>nimda</pswd>
Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/test_xmlfile.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/test_xmlfile.py 2006-11-17 22:11:06 UTC (rev 515)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/test_xmlfile.py 2006-11-18 00:14:05 UTC (rev 516)
@@ -27,7 +27,7 @@
# FIXME: Add tests for GUID hooey, once we figure out what that means here
-class Basic (twistedcaldav.directory.test.util.BasicTestCase):
+class XMLFile (twistedcaldav.directory.test.util.BasicTestCase, twistedcaldav.directory.test.util.DigestTestCase):
"""
Test XML file based directory implementation.
"""
Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/util.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/util.py 2006-11-17 22:11:06 UTC (rev 515)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/test/util.py 2006-11-18 00:14:05 UTC (rev 516)
@@ -18,6 +18,7 @@
import twisted.trial.unittest
from twisted.cred.credentials import UsernamePassword
+from twisted.web2.auth.digest import DigestedCredentials, calcResponse, calcHA1
# FIXME: Add tests for GUID hooey, once we figure out what that means here
@@ -121,11 +122,69 @@
"""
Tests a directory implementation with basic auth.
"""
- def test_verifyCredentials(self):
+ def test_verifyCredentials_basic(self):
"""
- IDirectoryRecord.verifyCredentials()
+ IDirectoryRecord.verifyCredentials() with basic
"""
service = self.service()
for user in self.users:
userRecord = service.recordWithShortName("user", user)
self.failUnless(userRecord.verifyCredentials(UsernamePassword(user, self.users[user])))
+
+# authRequest = {
+# username="username",
+# realm="test realm",
+# nonce="178288758716122392881254770685",
+# uri="/write/",
+# response="62f388be1cf678fbdfce87910871bcc5",
+# opaque="1041524039",
+# algorithm="md5",
+# cnonce="29fc54aa1641c6fa0e151419361c8f23",
+# nc=00000001,
+# qop="auth",
+# }
+
+class DigestTestCase (DirectoryTestCase):
+ """
+ Tests a directory implementation with digest auth.
+ """
+ def test_verifyCredentials_digest(self):
+ """
+ IDirectoryRecord.verifyCredentials() with digest
+ """
+ service = self.service()
+ for user in self.users:
+ userRecord = service.recordWithShortName("user", user)
+
+ # I'm glad this is so simple...
+ response = calcResponse(
+ calcHA1(
+ "md5",
+ user,
+ service.realmName,
+ userRecord.password,
+ "booger",
+ "phlegm",
+ ),
+ "md5",
+ "booger",
+ None,
+ "phlegm",
+ "auth",
+ "GET",
+ "/",
+ None,
+ )
+
+ self.failUnless(userRecord.verifyCredentials(DigestedCredentials(
+ user,
+ "GET",
+ service.realmName,
+ {
+ "response": response,
+ "uri": "/",
+ "nonce": "booger",
+ "cnonce": "phlegm",
+ "nc": None,
+ },
+ )))
Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/xmlaccountsparser.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/xmlaccountsparser.py 2006-11-17 22:11:06 UTC (rev 515)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/xmlaccountsparser.py 2006-11-18 00:14:05 UTC (rev 516)
@@ -43,6 +43,7 @@
ELEMENT_CUADDR = "cuaddr"
ELEMENT_CANPROXY = "canproxy"
+ATTRIBUTE_REALM = "realm"
ATTRIBUTE_REPEAT = "repeat"
class XMLAccountsParser(object):
@@ -57,6 +58,7 @@
xmlFile = FilePath(xmlFile)
self.xmlFile = xmlFile
+ self.realm = None
self.items = {}
# Read in XML
@@ -76,10 +78,13 @@
Parse the XML root node from the accounts configuration document.
@param node: the L{Node} to parse.
"""
+ if node.hasAttribute(ATTRIBUTE_REALM):
+ self.realm = node.getAttribute(ATTRIBUTE_REALM)
+
for child in node._get_childNodes():
if child._get_localName() in (ELEMENT_USER, ELEMENT_GROUP, ELEMENT_RESOURCE):
- if child.hasAttribute( ATTRIBUTE_REPEAT ):
- repeat = int(child.getAttribute( ATTRIBUTE_REPEAT ))
+ if child.hasAttribute(ATTRIBUTE_REPEAT):
+ repeat = int(child.getAttribute(ATTRIBUTE_REPEAT))
else:
repeat = 1
Modified: CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/xmlfile.py
===================================================================
--- CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/xmlfile.py 2006-11-17 22:11:06 UTC (rev 515)
+++ CalendarServer/branches/users/wsanchez/provisioning/twistedcaldav/directory/xmlfile.py 2006-11-18 00:14:05 UTC (rev 516)
@@ -26,6 +26,7 @@
]
from twisted.cred.credentials import UsernamePassword
+from twisted.web2.auth.digest import DigestedCredentials
from twisted.python.filepath import FilePath
from twistedcaldav.directory.directory import DirectoryService, DirectoryRecord
@@ -77,7 +78,9 @@
def _accounts(self):
fileInfo = (self.xmlFile.getmtime(), self.xmlFile.getsize())
if fileInfo != self._fileInfo:
- self._parsedAccounts = XMLAccountsParser(self.xmlFile).items
+ parser = XMLAccountsParser(self.xmlFile)
+ self._parsedAccounts = parser.items
+ self.realmName = parser.realm
self._fileInfo = fileInfo
return self._parsedAccounts
@@ -109,5 +112,7 @@
def verifyCredentials(self, credentials):
if isinstance(credentials, UsernamePassword):
return credentials.password == self.password
+ if isinstance(credentials, DigestedCredentials):
+ return credentials.checkPassword(self.password)
return super(XMLDirectoryRecord, self).verifyCredentials(credentials)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20061117/a3ff9bbf/attachment.html
More information about the calendarserver-changes
mailing list