20 __docformat__ = "restructuredtext en" |
20 __docformat__ = "restructuredtext en" |
21 |
21 |
22 from threading import Lock |
22 from threading import Lock |
23 |
23 |
24 from logilab.common.decorators import clear_cache |
24 from logilab.common.decorators import clear_cache |
|
25 from logilab.common.deprecation import class_renamed |
25 |
26 |
26 from cubicweb import AuthenticationError, BadConnectionId |
27 from cubicweb import AuthenticationError, BadConnectionId |
27 from cubicweb.view import Component |
28 from cubicweb.view import Component |
28 from cubicweb.dbapi import _repo_connect, ConnectionProperties |
29 from cubicweb.dbapi import _repo_connect, ConnectionProperties |
29 from cubicweb.web import InvalidSession |
30 from cubicweb.web import InvalidSession |
30 from cubicweb.web.application import AbstractAuthenticationManager |
31 from cubicweb.web.application import AbstractAuthenticationManager |
31 |
32 |
32 class NoAuthInfo(Exception): pass |
33 class NoAuthInfo(Exception): pass |
33 |
34 |
34 |
35 |
35 class WebAuthInfoRetreiver(Component): |
36 class WebAuthInfoRetriever(Component): |
36 __registry__ = 'webauth' |
37 __registry__ = 'webauth' |
37 order = None |
38 order = None |
38 __abstract__ = True |
39 __abstract__ = True |
39 |
40 |
40 def authentication_information(self, req): |
41 def authentication_information(self, req): |
41 """retreive authentication information from the given request, raise |
42 """retrieve authentication information from the given request, raise |
42 NoAuthInfo if expected information is not found. |
43 NoAuthInfo if expected information is not found. |
43 """ |
44 """ |
44 raise NotImplementedError() |
45 raise NotImplementedError() |
45 |
46 |
46 def authenticated(self, retreiver, req, cnx, login, authinfo): |
47 def authenticated(self, retriever, req, cnx, login, authinfo): |
47 """callback when return authentication information have opened a |
48 """callback when return authentication information have opened a |
48 repository connection successfully. Take care req has no session |
49 repository connection successfully. Take care req has no session |
49 attached yet, hence req.execute isn't available. |
50 attached yet, hence req.execute isn't available. |
50 """ |
51 """ |
51 pass |
52 pass |
64 raise NotImplementedError() |
65 raise NotImplementedError() |
65 |
66 |
66 def cleanup_authentication_information(self, req): |
67 def cleanup_authentication_information(self, req): |
67 """called when the retriever has returned some authentication |
68 """called when the retriever has returned some authentication |
68 information but we get an authentication error when using them, so it |
69 information but we get an authentication error when using them, so it |
69 get a chance to cleanup things (e.g. remove cookie) |
70 get a chance to clean things up (e.g. remove cookie) |
70 """ |
71 """ |
71 pass |
72 pass |
72 |
73 |
|
74 WebAuthInfoRetreiver = class_renamed( |
|
75 'WebAuthInfoRetreiver', WebAuthInfoRetriever, |
|
76 '[3.17] WebAuthInfoRetreiver had been renamed into WebAuthInfoRetriever ' |
|
77 '("ie" instead of "ei")') |
73 |
78 |
74 class LoginPasswordRetreiver(WebAuthInfoRetreiver): |
79 |
|
80 class LoginPasswordRetriever(WebAuthInfoRetriever): |
75 __regid__ = 'loginpwdauth' |
81 __regid__ = 'loginpwdauth' |
76 order = 10 |
82 order = 10 |
77 |
83 |
78 def authentication_information(self, req): |
84 def authentication_information(self, req): |
79 """retreive authentication information from the given request, raise |
85 """retreive authentication information from the given request, raise |
87 def request_has_auth_info(self, req): |
93 def request_has_auth_info(self, req): |
88 return req.get_authorization()[0] is not None |
94 return req.get_authorization()[0] is not None |
89 |
95 |
90 def revalidate_login(self, req): |
96 def revalidate_login(self, req): |
91 return req.get_authorization()[0] |
97 return req.get_authorization()[0] |
|
98 |
|
99 LoginPasswordRetreiver = class_renamed( |
|
100 'LoginPasswordRetreiver', LoginPasswordRetriever, |
|
101 '[3.17] LoginPasswordRetreiver had been renamed into LoginPasswordRetriever ' |
|
102 '("ie" instead of "ei")') |
|
103 |
92 |
104 |
93 class RepositoryAuthenticationManager(AbstractAuthenticationManager): |
105 class RepositoryAuthenticationManager(AbstractAuthenticationManager): |
94 """authenticate user associated to a request and check session validity""" |
106 """authenticate user associated to a request and check session validity""" |
95 |
107 |
96 def __init__(self, repo): |
108 def __init__(self, repo): |