authenticators.py :  » Web-Services » RPyC » rpyc-3.0.7 » rpyc » utils » Python Open Source

Home
Python Open Source
1.3.1.2 Python
2.Ajax
3.Aspect Oriented
4.Blog
5.Build
6.Business Application
7.Chart Report
8.Content Management Systems
9.Cryptographic
10.Database
11.Development
12.Editor
13.Email
14.ERP
15.Game 2D 3D
16.GIS
17.GUI
18.IDE
19.Installer
20.IRC
21.Issue Tracker
22.Language Interface
23.Log
24.Math
25.Media Sound Audio
26.Mobile
27.Network
28.Parser
29.PDF
30.Project Management
31.RSS
32.Search
33.Security
34.Template Engines
35.Test
36.UML
37.USB Serial
38.Web Frameworks
39.Web Server
40.Web Services
41.Web Unit
42.Wiki
43.Windows
44.XML
Python Open Source » Web Services » RPyC 
RPyC » rpyc 3.0.7 » rpyc » utils » authenticators.py
"""
authenticators: the server instance accepts an authenticator object,
which is basically any callable (i.e., a function) that takes the newly
connected socket and "authenticates" it. 

the authenticator should return a socket-like object with its associated 
credentials (a tuple), or raise AuthenticationError if it fails.

a very trivial authenticator might be

    def magic_word_authenticator(sock):
        if sock.recv(5) != "Ma6ik":
            raise AuthenticationError("wrong magic word")
        return sock, None
    
    s = ThreadedServer(...., authenticator = magic_word_authenticator)

your authenticator can return any socket-like object. for instance, it may 
authenticate the client and return a TLS/SSL-wrapped socket object that 
encrypts the transport.

the credentials returned alongside with the new socket can be any object.
it will be stored in the rpyc connection configruation under the key
"credentials", and may be used later by the service logic. if no credentials
are applicable, just return None as in the example above.

rpyc includes integration with tlslite, a TLS/SSL library:
the VdbAuthenticator class authenticates clients based on username-password 
pairs.
"""
import os
import anydbm
from rpyc.utils.lib import safe_import
tlsapi = safe_import("tlslite.api")


class AuthenticationError(Exception):
    pass


def _load_vdb_with_mode(vdb, mode):
    """taken from tlslite/BaseDB.py -- patched for file mode""" 
    # {{
    db = anydbm.open(vdb.filename, mode)
    try:
        if db["--Reserved--type"] != vdb.type:
            raise ValueError("Not a %s database" % (vdb.type,))
    except KeyError:
        raise ValueError("Not a recognized database")
    vdb.db = db
    # }}

class VdbAuthenticator(object):
    __slots__ = ["vdb"]
    BITS = 2048
    
    def __init__(self, vdb):
        self.vdb = vdb
    
    @classmethod
    def from_dict(cls, users): 
        inst = cls(tlsapi.VerifierDB())
        for username, password in users.iteritems():
            inst.set_user(username, password)
        return inst
    
    @classmethod
    def from_file(cls, filename, mode = "w"):
        vdb = tlsapi.VerifierDB(filename)
        if os.path.exists(filename):
            _load_vdb_with_mode(vdb, mode)
        else:
            if mode not in "ncw":
                raise ValueError("%s does not exist but mode does not allow "
                    "writing (%r)" % (filename, mode))
            vdb.create()
        return cls(vdb)
    
    def sync(self):
        self.vdb.db.sync()
    
    def set_user(self, username, password):
        self.vdb[username] = self.vdb.makeVerifier(username, password, self.BITS)
    
    def del_user(self, username):
        del self.vdb[username]
    
    def list_users(self):
        return self.vdb.keys()
    
    def __call__(self, sock):
        sock2 = tlsapi.TLSConnection(sock)
        sock2.fileno = lambda fd=sock.fileno(): fd    # tlslite omitted fileno
        try:
            sock2.handshakeServer(verifierDB = self.vdb)
        except Exception, ex:
            raise AuthenticationError(str(ex))
        return sock2, sock2.allegedSrpUsername



www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.