Package flumotion :: Package common :: Module keycards
[hide private]

Source Code for Module flumotion.common.keycards

  1  # -*- Mode: Python; test-case-name: flumotion.test.test_keycards -*- 
  2  # vi:si:et:sw=4:sts=4:ts=4 
  3   
  4  # Flumotion - a streaming media server 
  5  # Copyright (C) 2004,2005,2006,2007,2008,2009 Fluendo, S.L. 
  6  # Copyright (C) 2010,2011 Flumotion Services, S.A. 
  7  # All rights reserved. 
  8  # 
  9  # This file may be distributed and/or modified under the terms of 
 10  # the GNU Lesser General Public License version 2.1 as published by 
 11  # the Free Software Foundation. 
 12  # This file is distributed without any warranty; without even the implied 
 13  # warranty of merchantability or fitness for a particular purpose. 
 14  # See "LICENSE.LGPL" in the source distribution for more information. 
 15  # 
 16  # Headers in this file shall remain intact. 
 17   
 18  """ 
 19  serializable keycards used for authentication 
 20  """ 
 21   
 22  from twisted.cred.credentials import ICredentials 
 23  from twisted.spread import pb 
 24  from zope.interface import implements 
 25   
 26  from flumotion.twisted import credentials 
 27   
 28  __version__ = "$Rev$" 
 29  _statesEnum = ['REFUSED', 'REQUESTING', 'AUTHENTICATED'] 
 30  # state enum values 
 31  (REFUSED, 
 32   REQUESTING, 
 33   AUTHENTICATED) = range(3) 
 34   
 35   
36 -class Keycard(pb.Copyable, pb.RemoteCopy):
37 """ 38 I am the base class for keycards which together with credentials are 39 a serializable object used in authentication inside Flumotion. 40 41 @ivar bouncerName: name of the bouncer to authenticate against; set by 42 requester 43 @type bouncerName: str 44 @ivar requesterId: avatarId of the requester 45 @type requesterId: str 46 @ivar avatarId: avatarId preferred by requester 47 @type avatarId: str 48 @ivar id: id of keycard decided by bouncer after authenticating 49 @type id: object 50 @ivar duration: duration for which the keycard is valid, or 0 for 51 unlimited 52 @type duration: int 53 @ivar domain: requester can pass a domain id to the bouncer 54 @type domain: str 55 @ivar state: state the keycard is in 56 @type state: int 57 @ivar address: IP address of requester (optional) 58 @type address: str 59 @ivar username: username of requester (optional) 60 @type username: str 61 @ivar password: password of requester (optional) 62 @type password: str 63 @ivar path: path of request (optional) 64 @type path: str 65 @type token: token for request (optional) 66 @type token: str 67 @ivar arguments: arguments passed with request (optional) 68 @type arguments: dict of str->str 69 """ 70 implements(ICredentials) 71 72 address = None 73 username = None 74 password = None 75 path = None 76 token = '' 77 arguments = {} 78
79 - def __init__(self):
80 self.bouncerName = None 81 self.requesterId = None 82 self.avatarId = None 83 self.id = None 84 self.duration = 0 85 self.domain = None 86 self.state = REQUESTING 87 self.arguments = {}
88
89 - def getData(self):
90 """ 91 Return a dictionary of the viewable data on the keycard that can be 92 used to identify the keycard. 93 It doesn't include sensitive information though. 94 95 Subclasses should override to add additional information. 96 """ 97 return {'id': self.id, 98 'requester': self.requesterId, 99 'domain': self.domain, 100 'username': self.username, 101 'address': self.address, 102 'path': self.path, 103 'token': self.token, 104 'arguments': self.arguments}
105
106 - def __repr__(self):
107 return "<%s for requesterId %r in state %s>" % ( 108 self.__class__.__name__, 109 self.requesterId, _statesEnum[self.state])
110 111
112 -class KeycardGeneric(Keycard, object):
113 pass
114 115 pb.setUnjellyableForClass(KeycardGeneric, KeycardGeneric) 116 # class KeycardUACCP: username, address, crypt password 117 # from UsernameCryptPasswordCrypt 118 119 120 UCPP = credentials.UsernameCryptPasswordPlaintext 121 122
123 -class KeycardUACPP(Keycard, UCPP):
124 """ 125 I am a keycard with a username, plaintext password and IP address. 126 I get authenticated against a crypt password. 127 """ 128
129 - def __init__(self, username, password, address):
130 Keycard.__init__(self) 131 UCPP.__init__(self, username, password) 132 self.address = address
133
134 - def getData(self):
135 d = Keycard.getData(self) 136 d['username'] = self.username 137 d['address'] = self.address 138 return d
139
140 - def __repr__(self):
141 return "<%s %s %s@%s for requesterId %r in state %s>" % ( 142 self.__class__.__name__, self.id, self.username, self.address, 143 self.requesterId, _statesEnum[self.state])
144 145 pb.setUnjellyableForClass(KeycardUACPP, KeycardUACPP) 146 147 # username, address, crypt password 148 # from UsernameCryptPasswordCrypt 149 150 151 UCPCC = credentials.UsernameCryptPasswordCryptChallenger 152 153
154 -class KeycardUACPCC(Keycard, UCPCC):
155 """ 156 I am a keycard with a username and IP address. 157 I get authenticated through challenge/response on a crypt password. 158 """ 159
160 - def __init__(self, username, address):
161 Keycard.__init__(self) 162 UCPCC.__init__(self, username) 163 self.address = address
164
165 - def getData(self):
166 d = Keycard.getData(self) 167 d['username'] = self.username 168 d['address'] = self.address 169 return d
170
171 - def __repr__(self):
172 return "<%s %s %s@%s for requesterId %r in state %s>" % ( 173 self.__class__.__name__, self.id, self.username, self.address, 174 self.requesterId, _statesEnum[self.state])
175 176 pb.setUnjellyableForClass(KeycardUACPCC, KeycardUACPCC) 177 178
179 -class KeycardToken(Keycard, credentials.Token):
180 """ 181 I am a keycard with a token and IP address and a path (optional). 182 I get authenticated by token and maybe IP address. 183 """ 184
185 - def __init__(self, token, address, path=None):
186 Keycard.__init__(self) 187 credentials.Token.__init__(self, token) 188 self.address = address 189 self.path = path
190
191 - def getData(self):
192 d = Keycard.getData(self) 193 d['token'] = self.token 194 d['address'] = self.address 195 d['path'] = self.path 196 return d
197
198 - def __repr__(self):
199 return "<%s %s token %s for path %s @%s for reqId %r in state %s>" % ( 200 self.__class__.__name__, self.id, self.token, self.path, 201 self.address, self.requesterId, _statesEnum[self.state])
202 203 pb.setUnjellyableForClass(KeycardToken, KeycardToken) 204 205
206 -class KeycardHTTPGetArguments(Keycard, credentials.HTTPGetArguments):
207 """ 208 I am a keycard with a token and IP address and a path (optional). 209 I get authenticated by HTTP request GET parameters and maybe IP address. 210 211 @type address: C{str} 212 @ivar address: The HTTP client IP address. 213 @type path: C{str} 214 @ivar path: The path requested by the HTTP client. 215 """ 216
217 - def __init__(self, arguments, address, path=None):
222
223 - def getData(self):
224 d = Keycard.getData(self) 225 d['arguments'] = self.arguments 226 d['address'] = self.address 227 d['path'] = self.path 228 return d
229
230 - def __repr__(self):
231 return "<%s %s for path %s @%s for reqId %r in state %s>" % ( 232 self.__class__.__name__, self.id, self.path, 233 self.address, self.requesterId, _statesEnum[self.state])
234 235 pb.setUnjellyableForClass(KeycardHTTPGetArguments, KeycardHTTPGetArguments) 236 237 238 USPCC = credentials.UsernameSha256PasswordCryptChallenger 239 240
241 -class KeycardUASPCC(Keycard, USPCC):
242 """ 243 I am a keycard with a username and IP address. 244 I get authenticated through challenge/response on a SHA-256 password. 245 """ 246
247 - def __init__(self, username, address):
248 Keycard.__init__(self) 249 USPCC.__init__(self, username) 250 self.address = address
251
252 - def getData(self):
253 d = Keycard.getData(self) 254 d['username'] = self.username 255 d['address'] = self.address 256 return d
257
258 - def __repr__(self):
259 return "<%s %s %s@%s for requesterId %r in state %s>" % ( 260 self.__class__.__name__, self.id, self.username, self.address, 261 self.requesterId, _statesEnum[self.state])
262 263 pb.setUnjellyableForClass(KeycardUASPCC, KeycardUASPCC) 264 265
266 -class KeycardHTTPDigest(Keycard, credentials.HTTPDigestChallenger):
267
268 - def __init__(self, username):
271
272 - def getData(self):
273 d = Keycard.getData(self) 274 d['username'] = self.username 275 # Realm? Uri? 276 return d
277
278 - def __repr__(self):
279 return "<%s %s %s for requesterId %r in state %s>" % ( 280 self.__class__.__name__, self.id, self.username, 281 self.requesterId, _statesEnum[self.state])
282 283 pb.setUnjellyableForClass(KeycardHTTPDigest, KeycardHTTPDigest) 284