[CalendarServer-changes] [8611] CalendarServer/trunk/calendarserver
source_changes at macosforge.org
source_changes at macosforge.org
Tue Jan 31 12:27:35 PST 2012
Revision: 8611
http://trac.macosforge.org/projects/calendarserver/changeset/8611
Author: sagen at apple.com
Date: 2012-01-31 12:27:33 -0800 (Tue, 31 Jan 2012)
Log Message:
-----------
Call into webauth serivce rather than collabd to convert an auth token to a username.
Modified Paths:
--------------
CalendarServer/trunk/calendarserver/platform/darwin/wiki.py
CalendarServer/trunk/calendarserver/provision/root.py
Modified: CalendarServer/trunk/calendarserver/platform/darwin/wiki.py
===================================================================
--- CalendarServer/trunk/calendarserver/platform/darwin/wiki.py 2012-01-31 19:36:23 UTC (rev 8610)
+++ CalendarServer/trunk/calendarserver/platform/darwin/wiki.py 2012-01-31 20:27:33 UTC (rev 8611)
@@ -14,25 +14,39 @@
# limitations under the License.
##
+from twext.python.log import Logger
from twisted.web.client import HTTPPageGetter, HTTPClientFactory
from twisted.internet import reactor
+from twisted.internet.defer import inlineCallbacks, returnValue
+import json
-def usernameForAuthToken(token, host="localhost", port=4444):
+log = Logger()
+
+ at inlineCallbacks
+def usernameForAuthToken(token, host="localhost", port=80):
"""
- Send a GET request to the wiki collabd service to retrieve the user record
+ Send a GET request to the web auth service to retrieve the user record
name associated with the provided auth token.
@param token: An auth token, usually passed in via cookie when webcal
makes a request.
@type token: C{str}
@return: deferred returning a record name (C{str}) if successful, or
- if the auth token is not recognized a twisted.web.error.Error with
- status FORBIDDEN will errBack.
+ will raise WebAuthError otherwise.
"""
- url = "http://%s:%d/cal/userForSession/%s" % (host, port, token,)
- return _getPage(url, host, port)
+ url = "http://%s:%d/auth/verify?auth_token=%s" % (host, port, token,)
+ jsonResponse = (yield _getPage(url, host, port))
+ try:
+ response = json.loads(jsonResponse)
+ except Exception, e:
+ log.error("Error parsing JSON response from webauth: %s (%s)" %
+ (jsonResponse, str(e)))
+ raise WebAuthError("Could not look up token: %s" % (token,))
+ if response["succeeded"]:
+ returnValue(response["shortname"])
+ else:
+ raise WebAuthError("Could not look up token: %s" % (token,))
-
def accessForUserToWiki(user, wiki, host="localhost", port=4444):
"""
Send a GET request to the wiki collabd service to retrieve the access level
@@ -71,3 +85,8 @@
factory.protocol = HTTPPageGetter
reactor.connectTCP(host, port, factory)
return factory.deferred
+
+class WebAuthError(RuntimeError):
+ """
+ Error in web auth
+ """
Modified: CalendarServer/trunk/calendarserver/provision/root.py
===================================================================
--- CalendarServer/trunk/calendarserver/provision/root.py 2012-01-31 19:36:23 UTC (rev 8610)
+++ CalendarServer/trunk/calendarserver/provision/root.py 2012-01-31 20:27:33 UTC (rev 8611)
@@ -273,14 +273,12 @@
proxy = Proxy(wikiConfig["URL"])
username = (yield proxy.callRemote(wikiConfig["UserMethod"], token))
else:
- username = (yield usernameForAuthToken(token,
- host=wikiConfig.CollabHost,
- port=wikiConfig.CollabPort))
+ username = (yield usernameForAuthToken(token))
except WebError, w:
username = None
# FORBIDDEN status means it's an unknown token
- if int(w.status) == responsecode.FORBIDDEN:
+ if int(w.status) == responsecode.NOT_FOUND:
log.debug("Unknown wiki token: %s" % (token,))
else:
log.error("Failed to look up wiki token %s: %s" %
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20120131/439d3e32/attachment.html>
More information about the calendarserver-changes
mailing list