[CalendarServer-changes] [8684] CalendarServer/branches/users/wsanchez/d2
source_changes at macosforge.org
source_changes at macosforge.org
Wed Feb 15 10:57:02 PST 2012
Revision: 8684
http://trac.macosforge.org/projects/calendarserver/changeset/8684
Author: sagen at apple.com
Date: 2012-02-15 10:57:02 -0800 (Wed, 15 Feb 2012)
Log Message:
-----------
Auth mechanisms for /apns inherit from root (except for Kerberos)
Modified Paths:
--------------
CalendarServer/branches/users/wsanchez/d2/calendarserver/tap/caldav.py
CalendarServer/branches/users/wsanchez/d2/calendarserver/tap/util.py
CalendarServer/branches/users/wsanchez/d2/twistedcaldav/mail.py
CalendarServer/branches/users/wsanchez/d2/twistedcaldav/stdconfig.py
Modified: CalendarServer/branches/users/wsanchez/d2/calendarserver/tap/caldav.py
===================================================================
--- CalendarServer/branches/users/wsanchez/d2/calendarserver/tap/caldav.py 2012-02-15 18:45:23 UTC (rev 8683)
+++ CalendarServer/branches/users/wsanchez/d2/calendarserver/tap/caldav.py 2012-02-15 18:57:02 UTC (rev 8684)
@@ -670,7 +670,7 @@
additional = []
if config.Scheduling.iMIP.Enabled:
- additional.append(("inbox", IMIPReplyInboxResource, [], "digest"))
+ additional.append(("inbox", IMIPReplyInboxResource, [], ("digest",)))
#
# Configure the service
Modified: CalendarServer/branches/users/wsanchez/d2/calendarserver/tap/util.py
===================================================================
--- CalendarServer/branches/users/wsanchez/d2/calendarserver/tap/util.py 2012-02-15 18:45:23 UTC (rev 8683)
+++ CalendarServer/branches/users/wsanchez/d2/calendarserver/tap/util.py 2012-02-15 18:57:02 UTC (rev 8684)
@@ -369,7 +369,7 @@
Additional resources can be added to the hierarchy by passing a list of
tuples containing: path, resource class, __init__ args list, and optional
- authentication scheme ("basic" or "digest").
+ authentication schemes list ("basic", "digest").
If the store is specified, then it has already been constructed, so use it.
Otherwise build one with L{storeFromConfig}.
@@ -640,14 +640,13 @@
#
apnConfig = config.Notifications.Services["ApplePushNotifier"]
if apnConfig.Enabled:
- log.info("Setting up APNS resource at /%s" %
- (apnConfig["SubscriptionURL"],))
- # Only advertise basic auth on /apns
+ log.info("Setting up APNS resource at /%s with auth: %s" %
+ (apnConfig["SubscriptionURL"], apnConfig["AuthMechanisms"]))
resources.append((
apnConfig["SubscriptionURL"],
apnSubscriptionResourceClass,
[],
- "basic"
+ apnConfig["AuthMechanisms"]
))
#
@@ -661,7 +660,7 @@
overrides = { }
if resources:
- for path, cls, args, scheme in resources:
+ for path, cls, args, schemes in resources:
# putChild doesn't want "/" starting the path
root.putChild(path, cls(root, newStore, *args))
@@ -669,17 +668,19 @@
# overrides requires "/" prepended
path = "/" + path
- if scheme == "basic":
- overrides[path] = (BasicCredentialFactory(realm),)
+ overrides[path] = []
+ for scheme in schemes:
+ if scheme == "basic":
+ overrides[path].append(BasicCredentialFactory(realm))
- elif scheme == "digest":
- schemeConfig = config.Authentication.Digest
- overrides[path] = (QopDigestCredentialFactory(
- schemeConfig["Algorithm"],
- schemeConfig["Qop"],
- realm,
- ),)
- log.info("Overriding %s with %s (%s)" % (path, cls, scheme))
+ elif scheme == "digest":
+ schemeConfig = config.Authentication.Digest
+ overrides[path].append(QopDigestCredentialFactory(
+ schemeConfig["Algorithm"],
+ schemeConfig["Qop"],
+ realm,
+ ))
+ log.info("Overriding %s with %s (%s)" % (path, cls, schemes))
authWrapper = AuthenticationWrapper(
root,
Modified: CalendarServer/branches/users/wsanchez/d2/twistedcaldav/mail.py
===================================================================
--- CalendarServer/branches/users/wsanchez/d2/twistedcaldav/mail.py 2012-02-15 18:45:23 UTC (rev 8683)
+++ CalendarServer/branches/users/wsanchez/d2/twistedcaldav/mail.py 2012-02-15 18:57:02 UTC (rev 8684)
@@ -885,7 +885,7 @@
config,
"IGNORED", # no need for a store - no /calendars nor /addressbooks
resources = [
- ("inbox", IMIPInvitationInboxResource, (mailer,), "digest"),
+ ("inbox", IMIPInvitationInboxResource, (mailer,), ("digest",)),
]
)
Modified: CalendarServer/branches/users/wsanchez/d2/twistedcaldav/stdconfig.py
===================================================================
--- CalendarServer/branches/users/wsanchez/d2/twistedcaldav/stdconfig.py 2012-02-15 18:45:23 UTC (rev 8683)
+++ CalendarServer/branches/users/wsanchez/d2/twistedcaldav/stdconfig.py 2012-02-15 18:57:02 UTC (rev 8684)
@@ -663,6 +663,7 @@
"Service" : "calendarserver.push.applepush.ApplePushNotifierService",
"Enabled" : False,
"SubscriptionURL" : "apns",
+ "AuthMechanisms" : [],
"DataHost" : "",
"ProviderHost" : "gateway.push.apple.com",
"ProviderPort" : 2195,
@@ -1248,6 +1249,17 @@
if service["DataHost"] == "":
service["DataHost"] = configDict.ServerHostName
+ # Advertise Basic and/or Digest on subscription resource
+ if not service["AuthMechanisms"]:
+ authMechanisms = []
+ if configDict.Authentication.Basic.Enabled:
+ authMechanisms.append("basic")
+ if configDict.Authentication.Digest.Enabled:
+ authMechanisms.append("digest")
+ if not authMechanisms:
+ raise ConfigurationError("Must have either 'basic' or 'digest' enabled for Apple Push Notifications.")
+ service["AuthMechanisms"] = authMechanisms
+
# Retrieve APN topics from certificates if not explicitly set
for protocol, accountName in (
("CalDAV", "apns:com.apple.calendar"),
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20120215/d3dec7cc/attachment-0001.html>
More information about the calendarserver-changes
mailing list