[Repoze-checkins] r1066 - in whoplugins/repoze.whoplugins.ipauth: . branches tags trunk trunk/repoze trunk/repoze/whoplugins trunk/repoze/whoplugins/ipauth
Chris McDonough
chrism at agendaless.com
Sun Jun 8 20:12:09 EDT 2008
Author: Chris McDonough <chrism at agendaless.com>
Date: Sun Jun 8 20:12:09 2008
New Revision: 1066
Log:
IP range authentication for repoze.who.
Added:
whoplugins/repoze.whoplugins.ipauth/
whoplugins/repoze.whoplugins.ipauth/branches/
whoplugins/repoze.whoplugins.ipauth/tags/
whoplugins/repoze.whoplugins.ipauth/trunk/
whoplugins/repoze.whoplugins.ipauth/trunk/CHANGES.txt (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/COPYRIGHT.txt (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/LICENSE.txt (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/README.txt (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/TODO.txt (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/ez_setup.py (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/repoze/
whoplugins/repoze.whoplugins.ipauth/trunk/repoze/__init__.py (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/
whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/__init__.py (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/ipauth/
whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/ipauth/__init__.py (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/ipauth/iprangeauth.py (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/ipauth/tests.py (contents, props changed)
whoplugins/repoze.whoplugins.ipauth/trunk/setup.py (contents, props changed)
Added: whoplugins/repoze.whoplugins.ipauth/trunk/CHANGES.txt
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/CHANGES.txt Sun Jun 8 20:12:09 2008
@@ -0,0 +1,4 @@
+0.1
+
+ Initial release.
+
Added: whoplugins/repoze.whoplugins.ipauth/trunk/COPYRIGHT.txt
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/COPYRIGHT.txt Sun Jun 8 20:12:09 2008
@@ -0,0 +1,3 @@
+Copyright (c) 2007 Agendaless Consulting and Contributors.
+(http://www.agendaless.com), All Rights Reserved
+
Added: whoplugins/repoze.whoplugins.ipauth/trunk/LICENSE.txt
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/LICENSE.txt Sun Jun 8 20:12:09 2008
@@ -0,0 +1,41 @@
+License
+
+ A copyright notice accompanies this license document that identifies
+ the copyright holders.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+
+ 1. Redistributions in source code must retain the accompanying
+ copyright notice, this list of conditions, and the following
+ disclaimer.
+
+ 2. Redistributions in binary form must reproduce the accompanying
+ copyright notice, this list of conditions, and the following
+ disclaimer in the documentation and/or other materials provided
+ with the distribution.
+
+ 3. Names of the copyright holders must not be used to endorse or
+ promote products derived from this software without prior
+ written permission from the copyright holders.
+
+ 4. If any files are modified, you must cause the modified files to
+ carry prominent notices stating that you changed the files and
+ the date of any change.
+
+ Disclaimer
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ``AS IS'' AND
+ ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+ THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+
Added: whoplugins/repoze.whoplugins.ipauth/trunk/README.txt
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/README.txt Sun Jun 8 20:12:09 2008
@@ -0,0 +1,35 @@
+------------------------
+repoze.whoplugins.ipauth
+------------------------
+
+A repoze.who plugin to authenticate a userid based on whether his/her
+IP address is within a series of IP ranges.
+
+Using a who config file:
+
+ [plugin:iprange]
+ use = repoze.whoplugins.ipauth.iprangeauth:make_plugin
+ userid = phred
+ trusted_proxies = 10.0.0.1
+ 10.0.0.2
+ ipranges = 137.45.26.0/24
+ 127.0.0.1
+ 129.45.25.1/32
+
+ [identifiers]
+ # this is an identifier that shortcuts any authenticator plugin
+ # because it sets repoze.who.userid in environ directly
+ plugins = iprange
+
+Using without a who config file:
+
+ from IPy import IP
+ from repoze.whoplugins.ipauth import IPRangeAuthenticatorPlugin
+ ipranges = [ IP(x) for x in ['137.45.26.0/24', '127.0.0.1', '129.45.25.1/32' ]
+ trusted_proxies = ('10.0.0.1', '10.0.0.2')
+ plugin = IPRangeAuthenticatorPlugin('phred', ipranges, trusted_proxies)
+ ... then use plugin in a imperatively-configured repoze.who middleware setup..
+
+If REMOTE_ADDR is a proxy and that proxy is one of trusted_proxies, if
+HTTP_X_FORWARDED_FOR is set, the value of HTTP_X_FORWARDED_FOR will
+become the REMOTE_ADDR and will be used to do the comparison.
Added: whoplugins/repoze.whoplugins.ipauth/trunk/TODO.txt
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/TODO.txt Sun Jun 8 20:12:09 2008
@@ -0,0 +1 @@
+List todo items here.
Added: whoplugins/repoze.whoplugins.ipauth/trunk/ez_setup.py
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/ez_setup.py Sun Jun 8 20:12:09 2008
@@ -0,0 +1,272 @@
+#!python
+"""Bootstrap setuptools installation
+
+If you want to use setuptools in your package's setup.py, just include this
+file in the same directory with it, and add this to the top of your setup.py::
+
+ from ez_setup import use_setuptools
+ use_setuptools()
+
+If you want to require a specific version of setuptools, set a download
+mirror, or use an alternate download directory, you can do so by supplying
+the appropriate options to ``use_setuptools()``.
+
+This file can also be run as a script to install or upgrade setuptools.
+"""
+import sys
+DEFAULT_VERSION = "0.6c8"
+DEFAULT_URL = "http://pypi.python.org/packages/%s/s/setuptools/" % sys.version[:3]
+
+md5_data = {
+ 'setuptools-0.6b1-py2.3.egg': '8822caf901250d848b996b7f25c6e6ca',
+ 'setuptools-0.6b1-py2.4.egg': 'b79a8a403e4502fbb85ee3f1941735cb',
+ 'setuptools-0.6b2-py2.3.egg': '5657759d8a6d8fc44070a9d07272d99b',
+ 'setuptools-0.6b2-py2.4.egg': '4996a8d169d2be661fa32a6e52e4f82a',
+ 'setuptools-0.6b3-py2.3.egg': 'bb31c0fc7399a63579975cad9f5a0618',
+ 'setuptools-0.6b3-py2.4.egg': '38a8c6b3d6ecd22247f179f7da669fac',
+ 'setuptools-0.6b4-py2.3.egg': '62045a24ed4e1ebc77fe039aa4e6f7e5',
+ 'setuptools-0.6b4-py2.4.egg': '4cb2a185d228dacffb2d17f103b3b1c4',
+ 'setuptools-0.6c1-py2.3.egg': 'b3f2b5539d65cb7f74ad79127f1a908c',
+ 'setuptools-0.6c1-py2.4.egg': 'b45adeda0667d2d2ffe14009364f2a4b',
+ 'setuptools-0.6c2-py2.3.egg': 'f0064bf6aa2b7d0f3ba0b43f20817c27',
+ 'setuptools-0.6c2-py2.4.egg': '616192eec35f47e8ea16cd6a122b7277',
+ 'setuptools-0.6c3-py2.3.egg': 'f181fa125dfe85a259c9cd6f1d7b78fa',
+ 'setuptools-0.6c3-py2.4.egg': 'e0ed74682c998bfb73bf803a50e7b71e',
+ 'setuptools-0.6c3-py2.5.egg': 'abef16fdd61955514841c7c6bd98965e',
+ 'setuptools-0.6c4-py2.3.egg': 'b0b9131acab32022bfac7f44c5d7971f',
+ 'setuptools-0.6c4-py2.4.egg': '2a1f9656d4fbf3c97bf946c0a124e6e2',
+ 'setuptools-0.6c4-py2.5.egg': '8f5a052e32cdb9c72bcf4b5526f28afc',
+ 'setuptools-0.6c5-py2.3.egg': 'ee9fd80965da04f2f3e6b3576e9d8167',
+ 'setuptools-0.6c5-py2.4.egg': 'afe2adf1c01701ee841761f5bcd8aa64',
+ 'setuptools-0.6c5-py2.5.egg': 'a8d3f61494ccaa8714dfed37bccd3d5d',
+ 'setuptools-0.6c6-py2.3.egg': '35686b78116a668847237b69d549ec20',
+ 'setuptools-0.6c6-py2.4.egg': '3c56af57be3225019260a644430065ab',
+ 'setuptools-0.6c6-py2.5.egg': 'b2f8a7520709a5b34f80946de5f02f53',
+ 'setuptools-0.6c7-py2.3.egg': '209fdf9adc3a615e5115b725658e13e2',
+ 'setuptools-0.6c7-py2.4.egg': '5a8f954807d46a0fb67cf1f26c55a82e',
+ 'setuptools-0.6c7-py2.5.egg': '45d2ad28f9750e7434111fde831e8372',
+ 'setuptools-0.6c8-py2.3.egg': '50759d29b349db8cfd807ba8303f1902',
+ 'setuptools-0.6c8-py2.4.egg': 'cba38d74f7d483c06e9daa6070cce6de',
+ 'setuptools-0.6c8-py2.5.egg': '1721747ee329dc150590a58b3e1ac95b',
+}
+
+import sys, os
+
+def _validate_md5(egg_name, data):
+ if egg_name in md5_data:
+ from md5 import md5
+ digest = md5(data).hexdigest()
+ if digest != md5_data[egg_name]:
+ print >>sys.stderr, (
+ "md5 validation of %s failed! (Possible download problem?)"
+ % egg_name
+ )
+ sys.exit(2)
+ return data
+
+
+def use_setuptools(
+ version=DEFAULT_VERSION, download_base=DEFAULT_URL, to_dir=os.curdir,
+ download_delay=15
+):
+ """Automatically find/download setuptools and make it available on sys.path
+
+ `version` should be a valid setuptools version number that is available
+ as an egg for download under the `download_base` URL (which should end with
+ a '/'). `to_dir` is the directory where setuptools will be downloaded, if
+ it is not already available. If `download_delay` is specified, it should
+ be the number of seconds that will be paused before initiating a download,
+ should one be required. If an older version of setuptools is installed,
+ this routine will print a message to ``sys.stderr`` and raise SystemExit in
+ an attempt to abort the calling script.
+ """
+ was_imported = 'pkg_resources' in sys.modules or 'setuptools' in sys.modules
+ def do_download():
+ egg = download_setuptools(version, download_base, to_dir, download_delay)
+ sys.path.insert(0, egg)
+ import setuptools; setuptools.bootstrap_install_from = egg
+ try:
+ import pkg_resources
+ except ImportError:
+ return do_download()
+ try:
+ pkg_resources.require("setuptools>="+version); return
+ except pkg_resources.VersionConflict, e:
+ if was_imported:
+ print >>sys.stderr, (
+ "The required version of setuptools (>=%s) is not available, and\n"
+ "can't be installed while this script is running. Please install\n"
+ " a more recent version first, using 'easy_install -U setuptools'."
+ "\n\n(Currently using %r)"
+ ) % (version, e.args[0])
+ sys.exit(2)
+ else:
+ del pkg_resources, sys.modules['pkg_resources'] # reload ok
+ return do_download()
+ except pkg_resources.DistributionNotFound:
+ return do_download()
+
+def download_setuptools(
+ version=DEFAULT_VERSION, download_base=DEFAULT_URL, to_dir=os.curdir,
+ delay = 15
+):
+ """Download setuptools from a specified location and return its filename
+
+ `version` should be a valid setuptools version number that is available
+ as an egg for download under the `download_base` URL (which should end
+ with a '/'). `to_dir` is the directory where the egg will be downloaded.
+ `delay` is the number of seconds to pause before an actual download attempt.
+ """
+ import urllib2, shutil
+ egg_name = "setuptools-%s-py%s.egg" % (version,sys.version[:3])
+ url = download_base + egg_name
+ saveto = os.path.join(to_dir, egg_name)
+ src = dst = None
+ if not os.path.exists(saveto): # Avoid repeated downloads
+ try:
+ from distutils import log
+ if delay:
+ log.warn("""
+---------------------------------------------------------------------------
+This script requires setuptools version %s to run (even to display
+help). I will attempt to download it for you (from
+%s), but
+you may need to enable firewall access for this script first.
+I will start the download in %d seconds.
+
+(Note: if this machine does not have network access, please obtain the file
+
+ %s
+
+and place it in this directory before rerunning this script.)
+---------------------------------------------------------------------------""",
+ version, download_base, delay, url
+ ); from time import sleep; sleep(delay)
+ log.warn("Downloading %s", url)
+ src = urllib2.urlopen(url)
+ # Read/write all in one block, so we don't create a corrupt file
+ # if the download is interrupted.
+ data = _validate_md5(egg_name, src.read())
+ dst = open(saveto,"wb"); dst.write(data)
+ finally:
+ if src: src.close()
+ if dst: dst.close()
+ return os.path.realpath(saveto)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+def main(argv, version=DEFAULT_VERSION):
+ """Install or upgrade setuptools and EasyInstall"""
+ try:
+ import setuptools
+ except ImportError:
+ egg = None
+ try:
+ egg = download_setuptools(version, delay=0)
+ sys.path.insert(0,egg)
+ from setuptools.command.easy_install import main
+ return main(list(argv)+[egg]) # we're done here
+ finally:
+ if egg and os.path.exists(egg):
+ os.unlink(egg)
+ else:
+ if setuptools.__version__ == '0.0.1':
+ print >>sys.stderr, (
+ "You have an obsolete version of setuptools installed. Please\n"
+ "remove it from your system entirely before rerunning this script."
+ )
+ sys.exit(2)
+
+ req = "setuptools>="+version
+ import pkg_resources
+ try:
+ pkg_resources.require(req)
+ except pkg_resources.VersionConflict:
+ try:
+ from setuptools.command.easy_install import main
+ except ImportError:
+ from easy_install import main
+ main(list(argv)+[download_setuptools(delay=0)])
+ sys.exit(0) # try to force an exit
+ else:
+ if argv:
+ from setuptools.command.easy_install import main
+ main(argv)
+ else:
+ print "Setuptools version",version,"or greater has been installed."
+ print '(Run "ez_setup.py -U setuptools" to reinstall or upgrade.)'
+
+def update_md5(filenames):
+ """Update our built-in md5 registry"""
+
+ import re
+ from md5 import md5
+
+ for name in filenames:
+ base = os.path.basename(name)
+ f = open(name,'rb')
+ md5_data[base] = md5(f.read()).hexdigest()
+ f.close()
+
+ data = [" %r: %r,\n" % it for it in md5_data.items()]
+ data.sort()
+ repl = "".join(data)
+
+ import inspect
+ srcfile = inspect.getsourcefile(sys.modules[__name__])
+ f = open(srcfile, 'rb'); src = f.read(); f.close()
+
+ match = re.search("\nmd5_data = {\n([^}]+)}", src)
+ if not match:
+ print >>sys.stderr, "Internal error!"
+ sys.exit(2)
+
+ src = src[:match.start(1)] + repl + src[match.end(1):]
+ f = open(srcfile,'w')
+ f.write(src)
+ f.close()
+
+
+if __name__=='__main__':
+ if len(sys.argv)>2 and sys.argv[1]=='--md5update':
+ update_md5(sys.argv[2:])
+ else:
+ main(sys.argv[1:])
+
+
+
+
+
Added: whoplugins/repoze.whoplugins.ipauth/trunk/repoze/__init__.py
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/repoze/__init__.py Sun Jun 8 20:12:09 2008
@@ -0,0 +1,2 @@
+# repoze package
+__import__('pkg_resources').declare_namespace(__name__)
Added: whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/__init__.py
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/__init__.py Sun Jun 8 20:12:09 2008
@@ -0,0 +1,2 @@
+# repoze package
+__import__('pkg_resources').declare_namespace(__name__)
Added: whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/ipauth/__init__.py
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/ipauth/__init__.py Sun Jun 8 20:12:09 2008
@@ -0,0 +1 @@
+# a package
Added: whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/ipauth/iprangeauth.py
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/ipauth/iprangeauth.py Sun Jun 8 20:12:09 2008
@@ -0,0 +1,85 @@
+from IPy import IP
+
+class IPRangeAuthenticatorPlugin(object):
+
+ def __init__(self, userid, ipranges, trusted_proxies=()):
+ self.userid = userid
+ self.ipranges = ipranges
+ self.trusted_proxies = trusted_proxies
+
+ # IIdentifier
+ def identify(self, environ):
+ identity = {}
+
+ remote_address = self._get_client_addr(environ)
+
+ if not remote_address:
+ return identity
+
+ if self._match(remote_address):
+ identity['remote_address'] = remote_address
+ identity['repoze.who.userid'] = self.userid
+
+ return identity
+
+ # IIdentifier
+ def forget(self, environ, identity):
+ pass
+
+ # IIdentifier
+ def remember(self, environ, identity):
+ pass
+
+ def _get_client_addr(self, environ):
+ if environ.has_key('REMOTE_ADDR'):
+ client_addr = environ['REMOTE_ADDR']
+ if ( environ.has_key('HTTP_X_FORWARDED_FOR') and
+ client_addr in self.trusted_proxies):
+ # REMOTE_ADDR is one of our trusted local proxies. Not
+ # really very remote at all. The proxy can tell us
+ # the IP of the real remote client in the
+ # forwarded-for header Skip the proxy-address itself
+ # though
+ forwarded_for = [
+ e.strip()
+ for e in environ['HTTP_X_FORWARDED_FOR'].split(',')]
+ forwarded_for.reverse()
+ for entry in forwarded_for:
+ if entry not in self.trusted_proxies:
+ client_addr = entry
+ break
+ return client_addr
+ else:
+ return ''
+
+ def _match(self, r_address):
+ """ Find an IP range match """
+
+ try:
+ ip = IP(r_address)
+ except ValueError:
+ return False
+
+ for iprange in self.ipranges:
+ if ip in iprange:
+ return True
+
+ return False
+
+ def __repr__(self):
+ return '<%s %s>' % (self.__class__.__name__, id(self))
+
+def make_plugin(userid=None,
+ ipranges=None,
+ trusted_proxies=None):
+ if userid is None:
+ raise ValueError('userid required')
+ if ipranges is None:
+ raise ValueError('ipranges required')
+ if trusted_proxies is None:
+ trusted_proxies = ''
+ trusted_proxies = trusted_proxies.split()
+ ipranges = [ IP(x) for x in ipranges.split() ]
+ plugin = IPRangeAuthenticatorPlugin(userid, ipranges, trusted_proxies)
+ return plugin
+
Added: whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/ipauth/tests.py
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/repoze/whoplugins/ipauth/tests.py Sun Jun 8 20:12:09 2008
@@ -0,0 +1,106 @@
+##############################################################################
+#
+# Copyright (c) 2006 Zope Corporation and Contributors. All Rights
+# Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this
+# distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+import unittest
+
+class IPRangeAuthenticatorPluginTests( unittest.TestCase):
+
+ def _getTargetClass( self ):
+ from repoze.whoplugins.ipauth import iprangeauth
+ return iprangeauth.IPRangeAuthenticatorPlugin
+
+ def _makeOne( self, *args, **kw ):
+ return self._getTargetClass()(*args, **kw )
+
+ def _makeIPs(self, *ips):
+ from IPy import IP
+ return [ IP(x) for x in ips ]
+
+ def _makeSimple(self):
+ ipranges = self._makeIPs('127.0.0.1')
+ return self._makeOne('userid', ipranges)
+
+ def test_implements(self):
+ from zope.interface.verify import verifyClass
+ from repoze.who.interfaces import IIdentifier
+ klass = self._getTargetClass()
+ verifyClass(IIdentifier, klass, tentative=True)
+
+ def test_identify_blankenv( self ):
+ plugin = self._makeSimple()
+ environ = {}
+ result = plugin.identify(environ)
+ self.assertEqual(result, {})
+
+ def test_identify_with_bad_remote_addr( self ):
+ plugin = self._makeSimple()
+ environ = dict(REMOTE_ADDR='unfoo')
+ result = plugin.identify(environ)
+ self.assertEqual(result, {})
+
+ def test_identify_nomatch( self ):
+ plugin = self._makeSimple()
+ environ = dict(REMOTE_ADDR='127.0.0.2')
+ result = plugin.identify(environ)
+ self.assertEqual(result, {})
+
+ def test_identify_match_no_xforwarded_for( self ):
+ plugin = self._makeSimple()
+ environ = dict(REMOTE_ADDR='127.0.0.1')
+ result = plugin.identify(environ)
+ self.assertEqual(result['repoze.who.userid'], 'userid')
+ self.assertEqual(result['remote_address'], '127.0.0.1')
+
+ def test_identify_match_xforwarded_for( self ):
+ ipranges = self._makeIPs('10.0.0.0/24')
+ trusted_proxies = ['127.0.0.2']
+ plugin = self._makeOne('userid', ipranges, trusted_proxies)
+ environ = dict(
+ REMOTE_ADDR='127.0.0.2',
+ HTTP_X_FORWARDED_FOR='10.0.0.1,10.0.0.2'
+ )
+ result = plugin.identify(environ)
+ self.assertEqual(result['repoze.who.userid'], 'userid')
+ self.assertEqual(result['remote_address'], '10.0.0.2')
+
+
+class MakePluginTests(unittest.TestCase):
+ def _getFUT(self):
+ from repoze.whoplugins.ipauth import iprangeauth
+ return iprangeauth.make_plugin
+
+ def test_userid_None(self):
+ f = self._getFUT()
+ self.assertRaises(ValueError, f, None)
+
+ def test_ipranges_None(self):
+ f = self._getFUT()
+ self.assertRaises(ValueError, f, 'userid', None)
+
+ def test_trusted_proxies_None(self):
+ f = self._getFUT()
+ result = f('userid', '127.0.0.0/24 127.0.0.1/32', None)
+ self.assertEqual(result.trusted_proxies, [])
+
+ def test_allargs(self):
+ from IPy import IP
+ f = self._getFUT()
+ result = f('userid', '127.0.0.0/24 127.0.0.1/32', '10.0.0.1 10.0.0.2')
+ self.assertEqual(result.trusted_proxies, ['10.0.0.1', '10.0.0.2'])
+ self.assertEqual(result.userid, 'userid')
+ self.assertEqual(len(result.ipranges), 2)
+ self.assertEqual(result.ipranges[0], IP('127.0.0.0/24'))
+ self.assertEqual(result.ipranges[1], IP('127.0.0.1/32'))
+
+
Added: whoplugins/repoze.whoplugins.ipauth/trunk/setup.py
==============================================================================
--- (empty file)
+++ whoplugins/repoze.whoplugins.ipauth/trunk/setup.py Sun Jun 8 20:12:09 2008
@@ -0,0 +1,55 @@
+##############################################################################
+#
+# Copyright (c) 2007 Agendaless Consulting and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the BSD-like license at
+# http://www.repoze.org/LICENSE.txt. A copy of the license should accompany
+# this distribution. THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL
+# EXPRESS OR IMPLIED WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO,
+# THE IMPLIED WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND
+# FITNESS FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+
+__version__ = '0.1'
+
+import os
+
+from ez_setup import use_setuptools
+use_setuptools()
+
+from setuptools import setup, find_packages
+
+here = os.path.abspath(os.path.dirname(__file__))
+README = open(os.path.join(here, 'README.txt')).read()
+
+setup(name='repoze.whoplugins.ipauth',
+ version=__version__,
+ description='IP authentication for repoze.who',
+ long_description=README,
+ classifiers=[
+ "Development Status :: 1 - Planning",
+ "Intended Audience :: Developers",
+ "Programming Language :: Python",
+ "Topic :: Internet :: WWW/HTTP",
+ "Topic :: Internet :: WWW/HTTP :: Dynamic Content",
+ "Topic :: Internet :: WWW/HTTP :: WSGI",
+ "Topic :: Internet :: WWW/HTTP :: WSGI :: Application",
+ ],
+ keywords='web application server wsgi zope',
+ author="Agendaless Consulting",
+ author_email="repoze-dev at lists.repoze.org",
+ url="http://www.repoze.org",
+ license="BSD-derived (http://www.repoze.org/LICENSE.txt)",
+ packages=find_packages(),
+ include_package_data=True,
+ namespace_packages=['repoze', 'repoze.whoplugins'],
+ zip_safe=False,
+ tests_require = ['IPy', 'zope.interface'],
+ install_requires=['IPy'],
+ test_suite="repoze.whoplugins.ipauth.tests",
+ entry_points = """\
+ """
+ )
+
More information about the Repoze-checkins
mailing list