[Repoze-checkins] r732 - in repoze.pam/trunk: . repoze/pam repoze/pam/plugins

Chris McDonough chrism at agendaless.com
Sun Feb 24 06:37:09 UTC 2008 

Author: Chris McDonough <chrism at agendaless.com>
Date: Sun Feb 24 01:37:09 2008
New Revision: 732

Log:
Don't add userid to credentials.

Doc fixes.


Modified:
   repoze.pam/trunk/README.txt
   repoze.pam/trunk/repoze/pam/middleware.py
   repoze.pam/trunk/repoze/pam/plugins/htpasswd.py
   repoze.pam/trunk/repoze/pam/tests.py
   repoze.pam/trunk/setup.py

Modified: repoze.pam/trunk/README.txt
==============================================================================
--- repoze.pam/trunk/README.txt	(original)
+++ repoze.pam/trunk/README.txt	Sun Feb 24 01:37:09 2008
@@ -24,7 +24,7 @@
 Middleware Responsibilities
 
   repoze.pam's middleware has one major function on ingress: it
-  conditionally places identification and authorization information
+  conditionally places identification and authentication information
   (including a REMOTE_USER value) into the WSGI environment and allows
   the request to continue to a downstream WSGI application.
 
@@ -50,9 +50,9 @@
   extraction and authentication.  A request from a browser might be
   classified a different way that a request from an XML-RPC client.
   repoze.pam uses request classifiers to decide which other components
-  to consult during subsequent identification, authorization, and
-  challenge steps.  Extraction and authenticator plugins are free to
-  advertise themselves as willing to participate in identification and
+  to consult during subsequent identification and authentication,
+  steps.  Extraction and authenticator plugins are free to advertise
+  themselves as willing to participate in identification and
   authorization for a request based on this classification.
 
   Response classification happens on middleware egress, before
@@ -222,8 +222,8 @@
     encryptpwd = egg:repoze.pam#shaencrypt
 
     [classifiers]
-    ingress_classifier = egg:repoze.pam#defaultingressclassifier
-    egress_classifier = egg:repoze.pam#defaultegressclassifier
+    request_classifier = egg:repoze.pam#defaultrequestclassifier
+    response_classifier = egg:repoze.pam#defaultresponseclassifier
 
     [extractors]
     # plugin_name:ingressclassifier_name:.. or just plugin_name (good for any)

Modified: repoze.pam/trunk/repoze/pam/middleware.py
==============================================================================
--- repoze.pam/trunk/repoze/pam/middleware.py	(original)
+++ repoze.pam/trunk/repoze/pam/middleware.py	Sun Feb 24 01:37:09 2008
@@ -20,11 +20,12 @@
         classification = self.request_classifier(environ)
         credentials = self.extract(environ, classification)
 
+        userid = None
+
         if credentials:
             userid = self.authenticate(environ, credentials, classification)
 
         if self.add_credentials:
-            credentials['userid'] = userid
             environ['repoze.pam.credentials'] = credentials
 
         if userid:
@@ -75,7 +76,7 @@
     def _match_classifier(self, plugins, classifier):
         result = []
         for plugin in plugins:
-            plugin_classifiers = getattr(plugin, 'classifiers', set())
+            plugin_classifiers = getattr(plugin, 'classifiers', None)
             if not plugin_classifiers: # good for any
                 result.append(plugin)
                 continue
@@ -96,12 +97,13 @@
     basicauth = BasicAuthPlugin('repoze.pam')
     basicauth.classifiers = set() # good for any
     from StringIO import StringIO
+    from repoze.pam.plugins.htpasswd import crypt_check
     io = StringIO('chrism:aajfMKNH1hTm2\n')
-    htpasswd = HTPasswdPlugin(io)
+    htpasswd = HTPasswdPlugin(io, crypt_check)
     htpasswd.classifiers = set() # good for any
-    registry = make_registry((htpasswd,), (basicauth,), (basicauth,))
+    registry = make_registry((basicauth,), (htpasswd,), (basicauth,))
     class DummyClassifier:
-        def classify(self, *arg, **kw):
+        def __call__(self, *arg, **kw):
             return None
     classifier = DummyClassifier()
     middleware = PluggableAuthenticationMiddleware(app, registry,

Modified: repoze.pam/trunk/repoze/pam/plugins/htpasswd.py
==============================================================================
--- repoze.pam/trunk/repoze/pam/plugins/htpasswd.py	(original)
+++ repoze.pam/trunk/repoze/pam/plugins/htpasswd.py	Sun Feb 24 01:37:09 2008
@@ -38,7 +38,7 @@
                 return self.check(password, hashed)
         return False
 
-def check_crypted(password, hashed):
+def crypt_check(password, hashed):
     from crypt import crypt
     salt = hashed[:2]
     return hashed == crypt(password, salt)

Modified: repoze.pam/trunk/repoze/pam/tests.py
==============================================================================
--- repoze.pam/trunk/repoze/pam/tests.py	(original)
+++ repoze.pam/trunk/repoze/pam/tests.py	Sun Feb 24 01:37:09 2008
@@ -197,7 +197,7 @@
         self.assertEqual(classification, 'browser')
         self.assertEqual(environ['REMOTE_USER'], 'chris')
         self.assertEqual(environ['repoze.pam.credentials'],
-                     {'login':'chris','password':'password','userid':'chris'})
+                         {'login':'chris','password':'password'})
         
     def test_on_ingress_success_noaddcredentials(self):
         environ = self._makeEnviron()
@@ -208,6 +208,17 @@
         self.assertEqual(environ['REMOTE_USER'], 'chris')
         self.failIf(environ.has_key('repoze.pam.credentials'))
 
+    def test_on_ingress_nocredentials(self):
+        environ = self._makeEnviron()
+        from repoze.pam.interfaces import IExtractorPlugin
+        registry = {
+            IExtractorPlugin:[DummyNoResultsExtractor()],
+            }
+        mw = self._makeOne(registry=registry)
+        classification = mw.on_ingress(environ)
+        self.assertEqual(classification, 'browser')
+        self.assertEqual(environ.get('REMOTE_USER'), None)
+        self.assertEqual(environ['repoze.pam.credentials'], {})
 
 class TestBasicAuthPlugin(Base):
     def _getTargetClass(self):
@@ -350,21 +361,21 @@
         result = plugin.authenticate(environ, creds)
         self.assertEqual(result, True)
 
-    def test_check_crypted(self):
+    def test_crypt_check(self):
         from crypt import crypt
         salt = '123'
         hashed = crypt('password', salt)
-        from repoze.pam.plugins.htpasswd import check_crypted
-        self.assertEqual(check_crypted('password', hashed), True)
-        self.assertEqual(check_crypted('notpassword', hashed), False)
+        from repoze.pam.plugins.htpasswd import crypt_check
+        self.assertEqual(crypt_check('password', hashed), True)
+        self.assertEqual(crypt_check('notpassword', hashed), False)
 
     def test_factory(self):
         from repoze.pam.plugins.htpasswd import make_plugin
-        from repoze.pam.plugins.htpasswd import check_crypted
+        from repoze.pam.plugins.htpasswd import crypt_check
         plugin = make_plugin({}, 'foo',
-                             'repoze.pam.plugins.htpasswd:check_crypted')
+                             'repoze.pam.plugins.htpasswd:crypt_check')
         self.assertEqual(plugin.filename, 'foo')
-        self.assertEqual(plugin.check, check_crypted)
+        self.assertEqual(plugin.check, crypt_check)
         
 
 class TestDefaultRequestClassifier(Base):

Modified: repoze.pam/trunk/setup.py
==============================================================================
--- repoze.pam/trunk/setup.py	(original)
+++ repoze.pam/trunk/setup.py	Sun Feb 24 01:37:09 2008
@@ -56,6 +56,7 @@
       entry_points = """\
       [paste.filter_app_factory]
       pam = repoze.pam.middleware:make_middleware
+      test = repoze.pam.middleware:make_test_middleware
       """
       )

More information about the Repoze-checkins mailing list