Mercurial Mercurial > pyams > pyams_security / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/pyams_security/plugin/http.py
changeset 0 f04e1d0a0723 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pyams_security/plugin/http.py	Thu Feb 19 10:53:29 2015 +0100
@@ -0,0 +1,65 @@
+#
+# Copyright (c) 2008-2015 Thierry Florac <tflorac AT ulthar.net>
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+
+__docformat__ = 'restructuredtext'
+
+
+# import standard library
+import base64
+
+# import interfaces
+from pyams_security.interfaces import ICredentialsPlugin
+
+# import packages
+from pyams_security.credential import Credentials
+from pyams_utils.registry import utility_config
+from pyams_utils.wsgi import wsgi_environ_cache
+
+from pyams_security import _
+
+
+ENVKEY_PARSED_CREDENTIALS = "pyams_security.http.basic.credentials"
+
+
+@utility_config(name='http', provides=ICredentialsPlugin)
+class HttpBasicCredentialsPlugin(object):
+    """HTTP basic credentials plug-in
+
+    This credential plug-in is mainly used by automation processes using
+    XML-RPC or JSON-RPC requests launched from batch scripts.
+
+    Copied from pyramid_httpauth package.
+    """
+
+    prefix = 'http'
+    title = _("HTTP Basic credentials")
+    enabled = True
+
+    @wsgi_environ_cache(ENVKEY_PARSED_CREDENTIALS)
+    def extract_credentials(self, request, **kwargs):
+        """Extract login/password credentials from given request"""
+        auth = request.headers.get('Authorization')
+        if not auth:
+            return None
+        try:
+            scheme, params = auth.split(' ', 1)
+            if scheme.lower() != 'basic':
+                return None
+            token_bytes = base64.b64decode(params.strip())
+            try:
+                token = token_bytes.decode('utf-8')
+            except UnicodeDecodeError:
+                token = token_bytes.decode('latin-1')
+            login, password = token.split(':', 1)
+            return Credentials(self.prefix, login, login=login, password=password)
+        except (ValueError, TypeError):
+            return None
pyams/pyams_security