Changeset 10478 for main/waeup.cas/trunk


Ignore:
Timestamp:
12 Aug 2013, 08:52:26 (11 years ago)
Author:
uli
Message:

Kofa authenticator now really contacts Kofa instances for authentication.

Location:
main/waeup.cas/trunk/waeup/cas
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.cas/trunk/waeup/cas/authenticators.py

    r10475 r10478  
    33import re
    44from pkg_resources import iter_entry_points
     5try:
     6    import xmlrpclib                     # Python 2.x
     7except ImportError:                      # pragma: no cover
     8    import xmlrpc.client as xmlrpclib    # Python 3.x
    59
    610
     
    112116
    113117
     118#: Regular expression matching a starting university marker like
     119#: the string 'MA-' in 'MA-M121212' or 'MA-' in 'MA-APP-13123'
     120RE_SCHOOL_MARKER = re.compile('^[^\-]+-')
     121
     122
    114123class KofaAuthenticator(Authenticator):
    115124    """Authenticate against a running Kofa instance.
     
    148157        """Do the real check.
    149158        """
    150         return False, 'Not implemented.'
     159        for backend_name, backend in self.backends.items():
     160            if not re.match(backend['marker'], username):
     161                continue
     162            # remove school marker
     163            username = RE_SCHOOL_MARKER.sub('', username)
     164            proxy = xmlrpclib.ServerProxy(
     165                backend['url'], allow_none=True)
     166            valid = proxy.check_credentials(username, password)
     167            if valid is not None:
     168                return (True, '')
     169        return (False, 'Invalid username or password.')
  • main/waeup.cas/trunk/waeup/cas/tests/test_authenticators.py

    r10476 r10478  
     1# Tests for waeup.cas.authentictors
    12import os
     3import threading
    24import unittest
    35from paste.deploy import loadapp
     6try:
     7    from SimpleXMLRPCServer import SimpleXMLRPCServer  # Python 2.x
     8except ImportError:
     9    from xmlrpc.server import SimpleXMLRPCServer       # Python 3.x
     10try:
     11    import xmlrpclib                     # Python 2.x
     12except ImportError:
     13    import xmlrpc.client as xmlrpclib    # Python 3.x
    414from waeup.cas.authenticators import (
    515    get_all_authenticators, get_authenticator, filter_auth_opts,
     
    5969
    6070
    61 BACKENDS = dict(
     71BACKENDS1 = dict(
    6272    inst1=dict(
    6373        url='http://localhost:6666/app',
    64         marker='^M[0-9]+$',
     74        marker='^MA-',
     75        )
     76    )
     77
     78BACKENDS2 = dict(
     79    inst1=dict(
     80        url='http://localhost:6666/',
     81        marker='^SCHOOL1-',
    6582        )
    6683    )
     
    8198    def test_options(self):
    8299        # we can pass options
    83         auth = KofaAuthenticator(auth_backends=str(BACKENDS))
    84         assert auth.backends == BACKENDS
     100        auth = KofaAuthenticator(auth_backends=str(BACKENDS1))
     101        assert auth.backends == BACKENDS1
    85102        auth = KofaAuthenticator(auth_backends='{"foo": {"url": "bar"}}')
    86103        assert auth.backends['foo']['marker'] == '.+'
     
    108125        assert isinstance(app.auth, KofaAuthenticator)
    109126
    110     def DIStest_check_credentials(self):
     127
     128class FakeKofaServer(SimpleXMLRPCServer):
     129    # A fake Kofa server that provides only XMLRPC methods
     130
     131    allow_reuse_address = True
     132
     133    def __init__(self, *args, **kw):
     134        kw.update(allow_none=True)
     135        SimpleXMLRPCServer.__init__(self, *args, **kw)
     136        self.register_function(self._check_credentials, 'check_credentials')
     137
     138    def _check_credentials(self, username, password):
     139        # fake waeup.kofa check_credentials method.
     140        #
     141        # This method is supposed to mimic the behaviour of an
     142        # original waeup.kofa check_credentials method. It returns a
     143        # positive result for the credentials `bird`/`bebop`.
     144        if username == 'bird' and password == 'bebop':
     145            return {'id': 'bird', 'email': 'bird@gods.net',
     146                    'description': 'Mr. Charles Parker'}
     147        return None
     148
     149
     150class XMLRPCFakeKofaTestCase(unittest.TestCase):
     151    # A test case where a fake Kofa server is started before tests (and
     152    # shut down afterwards).
     153
     154    server = None
     155    th = None
     156
     157    @classmethod
     158    def setUpClass(cls):
     159        cls.server = FakeKofaServer(('localhost', 6666))
     160        cls.th = threading.Thread(target=cls.server.serve_forever)
     161        cls.th.daemon = True
     162        cls.th.start()
     163
     164    @classmethod
     165    def tearDownClass(cls):
     166        cls.server.shutdown()
     167        cls.server.server_close()
     168
     169
     170class MyCase(XMLRPCFakeKofaTestCase):
     171
     172    def test_fake_kofa_works(self):
     173        # make sure the local fake kofa works
     174        proxy = xmlrpclib.ServerProxy("http://localhost:6666", allow_none=True)
     175        result = proxy.check_credentials('bird', 'bebop')
     176        assert result == {
     177            'description': 'Mr. Charles Parker',
     178            'email': 'bird@gods.net',
     179            'id': 'bird'}
     180        return
     181
     182    def test_check_credentials(self):
    111183        # we get real responses when querying Kofa instances
    112         auth = KofaAuthenticator()
    113         result1 = auth.check_credentials('bird', 'bebop')
     184        auth = KofaAuthenticator(auth_backends=str(BACKENDS2))
     185        result1 = auth.check_credentials('SCHOOL1-bird', 'bebop')
    114186        assert result1 == (True, '')
    115         result2 = auth.check_credentials('foo', 'bar')
     187        result2 = auth.check_credentials('SCHOOL1-foo', 'bar')
    116188        assert result2 == (False, 'Invalid username or password.')
     189        result3 = auth.check_credentials('SCHOOL2-bar', 'baz')
     190        assert result3 == (False, 'Invalid username or password.')
Note: See TracChangeset for help on using the changeset viewer.