[CalendarServer-changes] [12148] twext/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Wed Mar 12 11:19:23 PDT 2014
Revision: 12148
http://trac.calendarserver.org//changeset/12148
Author: wsanchez at apple.com
Date: 2013-12-19 11:43:30 -0800 (Thu, 19 Dec 2013)
Log Message:
-----------
Clean up scripts
Modified Paths:
--------------
twext/trunk/twext/who/opendirectory/__init__.py
twext/trunk/twext/who/opendirectory/odframework.py
twext/trunk/twext/who/opendirectory/service.py
twext/trunk/twext/who/opendirectory/test/__init__.py
twext/trunk/twext/who/opendirectory/test/test_service.py
Added Paths:
-----------
twext/trunk/bin/test_opendirectory_auth
twext/trunk/bin/test_opendirectory_lookup
twext/trunk/twext/who/opendirectory/_scripts.py
Removed Paths:
-------------
twext/trunk/bin/test_opendirectory.py
Deleted: twext/trunk/bin/test_opendirectory.py
===================================================================
--- twext/trunk/bin/test_opendirectory.py 2013-12-19 19:22:43 UTC (rev 12147)
+++ twext/trunk/bin/test_opendirectory.py 2013-12-19 19:43:30 UTC (rev 12148)
@@ -1,192 +0,0 @@
-#!/usr/bin/env python
-##
-# Copyright (c) 2006-2008 Apple Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##
-
-import md5
-import sha
-from getpass import getpass
-
-from twext.who.opendirectory.service import DirectoryService
-
-from twisted.cred.credentials import UsernamePassword, DigestedCredentials
-from twisted.cred.error import UnauthorizedLogin
-from twisted.internet.defer import inlineCallbacks
-
-
-algorithms = {
- 'md5': md5.new,
- 'md5-sess': md5.new,
- 'sha': sha.new,
-}
-
-# DigestCalcHA1
-def calcHA1(
- pszAlg,
- pszUserName,
- pszRealm,
- pszPassword,
- pszNonce,
- pszCNonce,
- preHA1=None
-):
- """
- @param pszAlg: The name of the algorithm to use to calculate the digest.
- Currently supported are md5 md5-sess and sha.
-
- @param pszUserName: The username
- @param pszRealm: The realm
- @param pszPassword: The password
- @param pszNonce: The nonce
- @param pszCNonce: The cnonce
-
- @param preHA1: If available this is a str containing a previously
- calculated HA1 as a hex string. If this is given then the values for
- pszUserName, pszRealm, and pszPassword are ignored.
- """
-
- if (preHA1 and (pszUserName or pszRealm or pszPassword)):
- raise TypeError(("preHA1 is incompatible with the pszUserName, "
- "pszRealm, and pszPassword arguments"))
-
- if preHA1 is None:
- # We need to calculate the HA1 from the username:realm:password
- m = algorithms[pszAlg]()
- m.update(pszUserName)
- m.update(":")
- m.update(pszRealm)
- m.update(":")
- m.update(pszPassword)
- HA1 = m.digest()
- else:
- # We were given a username:realm:password
- HA1 = preHA1.decode('hex')
-
- if pszAlg == "md5-sess":
- m = algorithms[pszAlg]()
- m.update(HA1)
- m.update(":")
- m.update(pszNonce)
- m.update(":")
- m.update(pszCNonce)
- HA1 = m.digest()
-
- return HA1.encode('hex')
-
-# DigestCalcResponse
-def calcResponse(
- HA1,
- algo,
- pszNonce,
- pszNonceCount,
- pszCNonce,
- pszQop,
- pszMethod,
- pszDigestUri,
- pszHEntity,
-):
- m = algorithms[algo]()
- m.update(pszMethod)
- m.update(":")
- m.update(pszDigestUri)
- if pszQop == "auth-int" or pszQop == "auth-conf":
- m.update(":")
- m.update(pszHEntity)
- HA2 = m.digest().encode('hex')
-
- m = algorithms[algo]()
- m.update(HA1)
- m.update(":")
- m.update(pszNonce)
- m.update(":")
- if pszNonceCount and pszCNonce and pszQop:
- m.update(pszNonceCount)
- m.update(":")
- m.update(pszCNonce)
- m.update(":")
- m.update(pszQop)
- m.update(":")
- m.update(HA2)
- respHash = m.digest().encode('hex')
- return respHash
-
-
- at inlineCallbacks
-def testAuth(service, username, password):
-
- # Authenticate using simple password
-
- creds = UsernamePassword(username, password)
- try:
- id = yield service.requestAvatarId(creds)
- print("OK via UsernamePassword, avatarID: {id}".format(id=id))
- print(" {name}".format(name=id.fullNames))
- except UnauthorizedLogin:
- print("Via UsernamePassword, could not authenticate")
-
- print("")
-
- # Authenticate using Digest
-
- algorithm = "md5" # "md5-sess"
- cnonce = "/rrD6TqPA3lHRmg+fw/vyU6oWoQgzK7h9yWrsCmv/lE="
- entity = "00000000000000000000000000000000"
- method = "GET"
- nc = "00000001"
- nonce = "128446648710842461101646794502"
- qop = None
- realm = "host.example.com"
- uri = "http://host.example.com"
-
- responseHash = calcResponse(
- calcHA1(
- algorithm.lower(), username, realm, password, nonce, cnonce
- ),
- algorithm.lower(), nonce, nc, cnonce, qop, method, uri, entity
- )
-
- response = (
- 'Digest username="{username}", uri="{uri}", response={hash}'.format(
- username=username, uri=uri, hash=responseHash
- )
- )
-
- fields = {
- "realm" : realm,
- "nonce" : nonce,
- "response" : response,
- "algorithm" : algorithm,
- }
-
- creds = DigestedCredentials(username, method, realm, fields)
-
- try:
- id = yield service.requestAvatarId(creds)
- print("OK via DigestedCredentials, avatarID: {id}".format(id=id))
- print(" {name}".format(name=id.fullNames))
- except UnauthorizedLogin:
- print("Via DigestedCredentials, could not authenticate")
-
-
-
-if __name__ == "__main__":
-
- service = DirectoryService()
-
- username = raw_input("Username: ")
- if username:
- password = getpass()
- if password:
- testAuth(service, username, password)
Added: twext/trunk/bin/test_opendirectory_auth
===================================================================
--- twext/trunk/bin/test_opendirectory_auth (rev 0)
+++ twext/trunk/bin/test_opendirectory_auth 2013-12-19 19:43:30 UTC (rev 12148)
@@ -0,0 +1,35 @@
+#!/usr/bin/env python
+
+##
+# Copyright (c) 2006-2013 Apple Inc. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+
+from __future__ import print_function
+
+import sys
+
+#PYTHONPATH
+
+if __name__ == "__main__":
+ if "PYTHONPATH" in globals():
+ sys.path.insert(0, PYTHONPATH)
+ else:
+ try:
+ import _twext_preamble
+ except ImportError:
+ sys.exc_clear()
+
+ from twext.who.opendirectory._scripts import run_auth
+ run_auth()
Property changes on: twext/trunk/bin/test_opendirectory_auth
___________________________________________________________________
Added: svn:executable
+ *
Added: twext/trunk/bin/test_opendirectory_lookup
===================================================================
--- twext/trunk/bin/test_opendirectory_lookup (rev 0)
+++ twext/trunk/bin/test_opendirectory_lookup 2013-12-19 19:43:30 UTC (rev 12148)
@@ -0,0 +1,35 @@
+#!/usr/bin/env python
+
+##
+# Copyright (c) 2006-2013 Apple Inc. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+
+from __future__ import print_function
+
+import sys
+
+#PYTHONPATH
+
+if __name__ == "__main__":
+ if "PYTHONPATH" in globals():
+ sys.path.insert(0, PYTHONPATH)
+ else:
+ try:
+ import _twext_preamble
+ except ImportError:
+ sys.exc_clear()
+
+ from twext.who.opendirectory._scripts import run_lookup
+ run_lookup()
Property changes on: twext/trunk/bin/test_opendirectory_lookup
___________________________________________________________________
Added: svn:executable
+ *
Modified: twext/trunk/twext/who/opendirectory/__init__.py
===================================================================
--- twext/trunk/twext/who/opendirectory/__init__.py 2013-12-19 19:22:43 UTC (rev 12147)
+++ twext/trunk/twext/who/opendirectory/__init__.py 2013-12-19 19:43:30 UTC (rev 12148)
@@ -1,5 +1,5 @@
##
-# Copyright (c) 2010-2013 Apple Inc. All rights reserved.
+# Copyright (c) 2013 Apple Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Added: twext/trunk/twext/who/opendirectory/_scripts.py
===================================================================
--- twext/trunk/twext/who/opendirectory/_scripts.py (rev 0)
+++ twext/trunk/twext/who/opendirectory/_scripts.py 2013-12-19 19:43:30 UTC (rev 12148)
@@ -0,0 +1,252 @@
+##
+# Copyright (c) 2010-2013 Apple Inc. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+
+import sys
+import md5
+import sha
+from getpass import getpass
+
+from twisted.internet.defer import inlineCallbacks
+from twisted.cred.credentials import UsernamePassword, DigestedCredentials
+from twisted.cred.error import UnauthorizedLogin
+
+from twext.who.expression import (
+ MatchExpression, MatchType, CompoundExpression, Operand,
+)
+from twext.who.opendirectory import DirectoryService
+
+
+
+algorithms = {
+ 'md5': md5.new,
+ 'md5-sess': md5.new,
+ 'sha': sha.new,
+}
+
+
+# DigestCalcHA1
+def calcHA1(
+ pszAlg,
+ pszUserName,
+ pszRealm,
+ pszPassword,
+ pszNonce,
+ pszCNonce,
+ preHA1=None
+):
+ """
+ @param pszAlg: The name of the algorithm to use to calculate the digest.
+ Currently supported are md5 md5-sess and sha.
+
+ @param pszUserName: The username
+ @param pszRealm: The realm
+ @param pszPassword: The password
+ @param pszNonce: The nonce
+ @param pszCNonce: The cnonce
+
+ @param preHA1: If available this is a str containing a previously
+ calculated HA1 as a hex string. If this is given then the values for
+ pszUserName, pszRealm, and pszPassword are ignored.
+ """
+
+ if (preHA1 and (pszUserName or pszRealm or pszPassword)):
+ raise TypeError(("preHA1 is incompatible with the pszUserName, "
+ "pszRealm, and pszPassword arguments"))
+
+ if preHA1 is None:
+ # We need to calculate the HA1 from the username:realm:password
+ m = algorithms[pszAlg]()
+ m.update(pszUserName)
+ m.update(":")
+ m.update(pszRealm)
+ m.update(":")
+ m.update(pszPassword)
+ HA1 = m.digest()
+ else:
+ # We were given a username:realm:password
+ HA1 = preHA1.decode('hex')
+
+ if pszAlg == "md5-sess":
+ m = algorithms[pszAlg]()
+ m.update(HA1)
+ m.update(":")
+ m.update(pszNonce)
+ m.update(":")
+ m.update(pszCNonce)
+ HA1 = m.digest()
+
+ return HA1.encode('hex')
+
+
+# DigestCalcResponse
+def calcResponse(
+ HA1,
+ algo,
+ pszNonce,
+ pszNonceCount,
+ pszCNonce,
+ pszQop,
+ pszMethod,
+ pszDigestUri,
+ pszHEntity,
+):
+ m = algorithms[algo]()
+ m.update(pszMethod)
+ m.update(":")
+ m.update(pszDigestUri)
+ if pszQop == "auth-int" or pszQop == "auth-conf":
+ m.update(":")
+ m.update(pszHEntity)
+ HA2 = m.digest().encode('hex')
+
+ m = algorithms[algo]()
+ m.update(HA1)
+ m.update(":")
+ m.update(pszNonce)
+ m.update(":")
+ if pszNonceCount and pszCNonce and pszQop:
+ m.update(pszNonceCount)
+ m.update(":")
+ m.update(pszCNonce)
+ m.update(":")
+ m.update(pszQop)
+ m.update(":")
+ m.update(HA2)
+ respHash = m.digest().encode('hex')
+ return respHash
+
+
+ at inlineCallbacks
+def authUsernamePassword(username, password):
+ # Authenticate using simple password
+
+ service = DirectoryService()
+
+ creds = UsernamePassword(username, password)
+ try:
+ id = yield service.requestAvatarId(creds)
+ print("OK via UsernamePassword, avatarID: {id}".format(id=id))
+ print(" {name}".format(name=id.fullNames))
+ except UnauthorizedLogin:
+ print("Via UsernamePassword, could not authenticate")
+
+ print("")
+
+ # Authenticate using Digest
+
+ algorithm = "md5" # "md5-sess"
+ cnonce = "/rrD6TqPA3lHRmg+fw/vyU6oWoQgzK7h9yWrsCmv/lE="
+ entity = "00000000000000000000000000000000"
+ method = "GET"
+ nc = "00000001"
+ nonce = "128446648710842461101646794502"
+ qop = None
+ realm = "host.example.com"
+ uri = "http://host.example.com"
+
+ responseHash = calcResponse(
+ calcHA1(
+ algorithm.lower(), username, realm, password, nonce, cnonce
+ ),
+ algorithm.lower(), nonce, nc, cnonce, qop, method, uri, entity
+ )
+
+ response = (
+ 'Digest username="{username}", uri="{uri}", response={hash}'.format(
+ username=username, uri=uri, hash=responseHash
+ )
+ )
+
+ fields = {
+ "realm": realm,
+ "nonce": nonce,
+ "response": response,
+ "algorithm": algorithm,
+ }
+
+ creds = DigestedCredentials(username, method, realm, fields)
+
+ try:
+ id = yield service.requestAvatarId(creds)
+ print("OK via DigestedCredentials, avatarID: {id}".format(id=id))
+ print(" {name}".format(name=id.fullNames))
+ except UnauthorizedLogin:
+ print("Via DigestedCredentials, could not authenticate")
+
+
+ at inlineCallbacks
+def lookup(shortNames):
+ service = DirectoryService()
+ print(
+ "Service = {service}\n"
+ "Session = {service.session}\n"
+ "Node = {service.node}\n"
+ # "Local node = {service.localNode}\n"
+ .format(service=service)
+ )
+ print("-" * 80)
+
+ for shortName in shortNames:
+ print("Looking up short name: {0}".format(shortName))
+
+ matchExpression = MatchExpression(
+ service.fieldName.shortNames, shortName,
+ matchType=MatchType.equals,
+ )
+ queryString = service._queryStringFromExpression(matchExpression)
+ print(
+ "\n...via MatchExpression, query={query!r}\n"
+ .format(query=queryString)
+ )
+
+ records = yield service.recordsFromExpression(matchExpression)
+ for record in records:
+ print(record.description())
+
+ compoundExpression = CompoundExpression(
+ [
+ MatchExpression(
+ service.fieldName.shortNames, shortName,
+ matchType=MatchType.contains
+ ),
+ MatchExpression(
+ service.fieldName.emailAddresses, shortName,
+ matchType=MatchType.contains
+ ),
+ ],
+ Operand.OR
+ )
+ queryString = service._queryStringFromExpression(compoundExpression)
+ print(
+ "\n...via CompoundExpression, query={query!r}\n"
+ .format(query=queryString)
+ )
+
+ records = yield service.recordsFromExpression(compoundExpression)
+ for record in records:
+ print(record.description())
+
+
+def run_auth():
+ username = raw_input("Username: ")
+ if username:
+ password = getpass()
+ if password:
+ authUsernamePassword(username, password)
+
+
+def run_lookup():
+ lookup(sys.argv[1:])
Modified: twext/trunk/twext/who/opendirectory/odframework.py
===================================================================
--- twext/trunk/twext/who/opendirectory/odframework.py 2013-12-19 19:22:43 UTC (rev 12147)
+++ twext/trunk/twext/who/opendirectory/odframework.py 2013-12-19 19:43:30 UTC (rev 12148)
@@ -1,5 +1,5 @@
##
-# Copyright (c) 2013 Apple Inc. All rights reserved.
+# Copyright (c) 2010-2013 Apple Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Modified: twext/trunk/twext/who/opendirectory/service.py
===================================================================
--- twext/trunk/twext/who/opendirectory/service.py 2013-12-19 19:22:43 UTC (rev 12147)
+++ twext/trunk/twext/who/opendirectory/service.py 2013-12-19 19:43:30 UTC (rev 12148)
@@ -714,59 +714,3 @@
super(DirectoryRecord, self).__init__(service, fields)
self._odRecord = odRecord
-
-
-
-if __name__ == "__main__":
- import sys
-
- service = DirectoryService()
- print(
- "Service = {service}\n"
- "Session = {service.session}\n"
- "Node = {service.node}\n"
- # "Local node = {service.localNode}\n"
- .format(service=service)
- )
- print("-" * 80)
-
- for shortName in sys.argv[1:]:
- print("Looking up short name: {0}".format(shortName))
-
- matchExpression = MatchExpression(
- service.fieldName.shortNames, shortName,
- matchType=MatchType.equals,
- )
- queryString = service._queryStringFromExpression(matchExpression)
- print(
- "\n...via MatchExpression, query={query!r}"
- .format(query=queryString)
- )
- print()
-
- for record in service.recordsFromExpression(matchExpression):
- print(record.description())
-
- compoundExpression = CompoundExpression(
- [
- MatchExpression(
- service.fieldName.shortNames, shortName,
- matchType=MatchType.contains
- ),
- MatchExpression(
- service.fieldName.emailAddresses, shortName,
- matchType=MatchType.contains
- ),
- ],
- Operand.OR
- )
- queryString = service._queryStringFromExpression(compoundExpression)
- print(
- "\n...via CompoundExpression, query={query!r}"
- .format(query=queryString)
- )
- print()
-
- for record in service.recordsFromExpression(compoundExpression):
- print(record.description())
- print()
Modified: twext/trunk/twext/who/opendirectory/test/__init__.py
===================================================================
--- twext/trunk/twext/who/opendirectory/test/__init__.py 2013-12-19 19:22:43 UTC (rev 12147)
+++ twext/trunk/twext/who/opendirectory/test/__init__.py 2013-12-19 19:43:30 UTC (rev 12148)
@@ -1,5 +1,5 @@
##
-# Copyright (c) 2010-2013 Apple Inc. All rights reserved.
+# Copyright (c) 2013 Apple Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Modified: twext/trunk/twext/who/opendirectory/test/test_service.py
===================================================================
--- twext/trunk/twext/who/opendirectory/test/test_service.py 2013-12-19 19:22:43 UTC (rev 12147)
+++ twext/trunk/twext/who/opendirectory/test/test_service.py 2013-12-19 19:43:30 UTC (rev 12148)
@@ -1,5 +1,5 @@
##
-# Copyright (c) 2013 Apple Inc. All rights reserved.
+# Copyright (c) 2010-2013 Apple Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20140312/16cfd572/attachment.html>
More information about the calendarserver-changes
mailing list