Package flumotion :: Package common :: Module keycards
[hide private]

Source Code for Module flumotion.common.keycards

  1  # -*- Mode: Python; test-case-name: flumotion.test.test_keycards -*- 
  2  # vi:si:et:sw=4:sts=4:ts=4 
  3  # 
  4  # Flumotion - a streaming media server 
  5  # Copyright (C) 2004,2005,2006,2007,2008 Fluendo, S.L. (www.fluendo.com). 
  6  # All rights reserved. 
  7   
  8  # This file may be distributed and/or modified under the terms of 
  9  # the GNU General Public License version 2 as published by 
 10  # the Free Software Foundation. 
 11  # This file is distributed without any warranty; without even the implied 
 12  # warranty of merchantability or fitness for a particular purpose. 
 13  # See "LICENSE.GPL" in the source distribution for more information. 
 14   
 15  # Licensees having purchased or holding a valid Flumotion Advanced 
 16  # Streaming Server license may use this file in accordance with the 
 17  # Flumotion Advanced Streaming Server Commercial License Agreement. 
 18  # See "LICENSE.Flumotion" in the source distribution for more information. 
 19   
 20  # Headers in this file shall remain intact. 
 21   
 22  """ 
 23  serializable keycards used for authentication 
 24  """ 
 25   
 26  from twisted.cred.credentials import ICredentials 
 27  from twisted.spread import pb 
 28  from zope.interface import implements 
 29   
 30  from flumotion.twisted import credentials 
 31   
 32  __version__ = "$Rev: 6968 $" 
 33  _statesEnum = ['REFUSED', 'REQUESTING', 'AUTHENTICATED'] 
 34  # state enum values 
 35  (REFUSED, 
 36   REQUESTING, 
 37   AUTHENTICATED) = range(3) 
 38   
 39   
40 -class Keycard(pb.Copyable, pb.RemoteCopy):
41 """ 42 I am the base class for keycards which together with credentials are 43 a serializable object used in authentication inside Flumotion. 44 45 @ivar bouncerName: name of the bouncer to authenticate against; set by 46 requester 47 @type bouncerName: str 48 @ivar requesterId: avatarId of the requester 49 @type requesterId: str 50 @ivar avatarId: avatarId preferred by requester 51 @type avatarId: str 52 @ivar id: id of keycard decided by bouncer after authenticating 53 @type id: object 54 @ivar duration: duration for which the keycard is valid, or 0 for 55 unlimited 56 @type duration: int 57 @ivar domain: requester can pass a domain id to the bouncer 58 @type domain: str 59 @ivar state: state the keycard is in 60 @type state: int 61 """ 62 implements(ICredentials) 63
64 - def __init__(self):
65 self.bouncerName = None 66 self.requesterId = None 67 self.avatarId = None 68 self.id = None 69 self.duration = 0 70 self.domain = None 71 self.state = REQUESTING
72 73 # F0.8
74 - def setDomain(self, domain):
75 """ 76 Set the domain of the requester on the keycard. 77 78 @type domain: string 79 """ 80 import warnings 81 warnings.warn('Set the domain on the keycard directly.', 82 DeprecationWarning, stacklevel=2) 83 84 self.domain = domain
85
86 - def getData(self):
87 """ 88 Return a dictionary of the viewable data on the keycard that can be 89 used to identify the keycard. 90 It doesn't include sensitive information though. 91 92 Subclasses should override to add additional information. 93 """ 94 return { 95 'id': self.id, 96 'requester': self.requesterId, 97 'domain': self.domain 98 }
99
100 - def __repr__(self):
101 return "<%s for requesterId %r in state %s>" % (self.__class__.__name__, 102 self.requesterId, _statesEnum[self.state])
103
104 -class KeycardGeneric(Keycard, object):
105 pass
106 107 pb.setUnjellyableForClass(KeycardGeneric, KeycardGeneric) 108 # class KeycardUACCP: username, address, crypt password 109 # from UsernameCryptPasswordCrypt 110 111 112 UCPP = credentials.UsernameCryptPasswordPlaintext
113 -class KeycardUACPP(Keycard, UCPP):
114 """ 115 I am a keycard with a username, plaintext password and IP address. 116 I get authenticated against a crypt password. 117 """
118 - def __init__(self, username, password, address):
119 UCPP.__init__(self, username, password) 120 Keycard.__init__(self) 121 self.address = address
122
123 - def getData(self):
124 d = Keycard.getData(self) 125 d['username'] = self.username 126 d['address'] = self.address 127 return d
128
129 - def __repr__(self):
130 return "<%s %s %s@%s for requesterId %r in state %s>" % ( 131 self.__class__.__name__, self.id, self.username, self.address, 132 self.requesterId, _statesEnum[self.state])
133 134 pb.setUnjellyableForClass(KeycardUACPP, KeycardUACPP) 135 136 # username, address, crypt password 137 # from UsernameCryptPasswordCrypt 138 139 140 UCPCC = credentials.UsernameCryptPasswordCryptChallenger
141 -class KeycardUACPCC(Keycard, UCPCC):
142 """ 143 I am a keycard with a username and IP address. 144 I get authenticated through challenge/response on a crypt password. 145 """
146 - def __init__(self, username, address):
147 UCPCC.__init__(self, username) 148 Keycard.__init__(self) 149 self.address = address
150
151 - def getData(self):
152 d = Keycard.getData(self) 153 d['username'] = self.username 154 d['address'] = self.address 155 return d
156
157 - def __repr__(self):
158 return "<%s %s %s@%s for requesterId %r in state %s>" % ( 159 self.__class__.__name__, self.id, self.username, self.address, 160 self.requesterId, _statesEnum[self.state])
161 162 pb.setUnjellyableForClass(KeycardUACPCC, KeycardUACPCC) 163 164
165 -class KeycardToken(Keycard, credentials.Token):
166 """ 167 I am a keycard with a token and IP address and a path (optional). 168 I get authenticated by token and maybe IP address. 169 """ 170
171 - def __init__(self, token, address, path=None):
172 credentials.Token.__init__(self, token) 173 Keycard.__init__(self) 174 self.address = address 175 self.path = path
176
177 - def getData(self):
178 d = Keycard.getData(self) 179 d['token'] = self.token 180 d['address'] = self.address 181 d['path'] = self.path 182 return d
183
184 - def __repr__(self):
185 return "<%s %s token %s for path %s @%s for requesterId %r in state %s>" % ( 186 self.__class__.__name__, self.id, self.token, self.path, 187 self.address, self.requesterId, _statesEnum[self.state])
188 189 pb.setUnjellyableForClass(KeycardToken, KeycardToken) 190 191 192 USPCC = credentials.UsernameSha256PasswordCryptChallenger
193 -class KeycardUASPCC(Keycard, USPCC):
194 """ 195 I am a keycard with a username and IP address. 196 I get authenticated through challenge/response on a SHA-256 password. 197 """
198 - def __init__(self, username, address):
199 USPCC.__init__(self, username) 200 Keycard.__init__(self) 201 self.address = address
202
203 - def getData(self):
204 d = Keycard.getData(self) 205 d['username'] = self.username 206 d['address'] = self.address 207 return d
208
209 - def __repr__(self):
210 return "<%s %s %s@%s for requesterId %r in state %s>" % ( 211 self.__class__.__name__, self.id, self.username, self.address, 212 self.requesterId, _statesEnum[self.state])
213 214 pb.setUnjellyableForClass(KeycardUASPCC, KeycardUASPCC) 215 216
217 -class KeycardHTTPDigest(Keycard, credentials.HTTPDigestChallenger):
218 - def __init__(self, username):
221
222 - def getData(self):
223 d = Keycard.getData(self) 224 d['username'] = self.username 225 # Realm? Uri? 226 return d
227
228 - def __repr__(self):
229 return "<%s %s %s for requesterId %r in state %s>" % ( 230 self.__class__.__name__, self.id, self.username, 231 self.requesterId, _statesEnum[self.state])
232 233 pb.setUnjellyableForClass(KeycardHTTPDigest, KeycardHTTPDigest) 234 235 236 # F0.8
237 -class HTTPDigestKeycard(KeycardHTTPDigest):
238 - def __init__(self, username):
239 import warnings 240 warnings.warn('Use KeycardHTTPDigest instead.', DeprecationWarning, 241 stacklevel=2) 242 KeycardHTTPDigest.__init__(self, username)
243 244 pb.setUnjellyableForClass(HTTPDigestKeycard, HTTPDigestKeycard) 245