Show More
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -162,7 +162,7 b' class RhodeCodeAuthPluginBase(object):' | |||
|
|
162 | 162 | # TODO: johbo: Using the name here is problematic. It would be good to |
|
|
163 | 163 | # introduce either new models in the database to hold Plugin and |
|
|
164 | 164 | # PluginSetting or to use the plugin id here. |
|
|
165 |
return 'auth_{ |
|
|
|
165 | return f'auth_{self.name}_{name}' | |
|
|
166 | 166 | |
|
|
167 | 167 | def _get_setting_type(self, name): |
|
|
168 | 168 | """ |
| @@ -175,7 +175,7 b' class RhodeCodeAuthPluginBase(object):' | |||
|
|
175 | 175 | db_type = self._settings_type_map.get( |
|
|
176 | 176 | type(schema_node.typ), 'unicode') |
|
|
177 | 177 | if name in self._settings_encrypted: |
|
|
178 |
db_type = '{}.encrypted' |
|
|
|
178 | db_type = f'{db_type}.encrypted' | |
|
|
179 | 179 | return db_type |
|
|
180 | 180 | |
|
|
181 | 181 | @classmethod |
| @@ -249,7 +249,7 b' class RhodeCodeAuthPluginBase(object):' | |||
|
|
249 | 249 | """ |
|
|
250 | 250 | Returns a plugin setting by name. |
|
|
251 | 251 | """ |
|
|
252 |
full_name = 'rhodecode_{ |
|
|
|
252 | full_name = f'rhodecode_{self._get_setting_full_name(name)}' | |
|
|
253 | 253 | if plugin_cached_settings: |
|
|
254 | 254 | plugin_settings = plugin_cached_settings |
|
|
255 | 255 | else: |
| @@ -504,7 +504,7 b' class RhodeCodeExternalAuthPlugin(RhodeC' | |||
|
|
504 | 504 | |
|
|
505 | 505 | def _authenticate(self, userobj, username, passwd, settings, **kwargs): |
|
|
506 | 506 | # at this point _authenticate calls plugin's `auth()` function |
|
|
507 |
auth = super( |
|
|
|
507 | auth = super()._authenticate( | |
|
|
508 | 508 | userobj, username, passwd, settings, **kwargs) |
|
|
509 | 509 | |
|
|
510 | 510 | if auth: |
| @@ -602,14 +602,14 b' class AuthLdapBase(object):' | |||
|
|
602 | 602 | """ |
|
|
603 | 603 | host = host.strip() |
|
|
604 | 604 | if not full_resolve: |
|
|
605 |
return '{}:{}' |
|
|
|
605 | return f'{host}:{port}' | |
|
|
606 | 606 | |
|
|
607 | 607 | log.debug('LDAP: Resolving IP for LDAP host `%s`', host) |
|
|
608 | 608 | try: |
|
|
609 | 609 | ip = socket.gethostbyname(host) |
|
|
610 | 610 | log.debug('LDAP: Got LDAP host `%s` ip %s', host, ip) |
|
|
611 | 611 | except Exception: |
|
|
612 |
raise LdapConnectionError('Failed to resolve host: `{}`' |
|
|
|
612 | raise LdapConnectionError(f'Failed to resolve host: `{host}`') | |
|
|
613 | 613 | |
|
|
614 | 614 | log.debug('LDAP: Checking if IP %s is accessible', ip) |
|
|
615 | 615 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| @@ -619,9 +619,9 b' class AuthLdapBase(object):' | |||
|
|
619 | 619 | log.debug('LDAP: connection to %s successful', ip) |
|
|
620 | 620 | except Exception: |
|
|
621 | 621 | raise LdapConnectionError( |
|
|
622 |
'Failed to connect to host: `{}:{}`' |
|
|
|
622 | f'Failed to connect to host: `{host}:{port}`') | |
|
|
623 | 623 | |
|
|
624 |
return '{}:{}' |
|
|
|
624 | return f'{host}:{port}' | |
|
|
625 | 625 | |
|
|
626 | 626 | if len(ldap_server) == 1: |
|
|
627 | 627 | # in case of single server use resolver to detect potential |
| @@ -651,7 +651,7 b' class AuthLdapBase(object):' | |||
|
|
651 | 651 | def validate_username(cls, username): |
|
|
652 | 652 | if "," in username: |
|
|
653 | 653 | raise LdapUsernameError( |
|
|
654 |
"invalid character `,` in username: `{}`" |
|
|
|
654 | f"invalid character `,` in username: `{username}`") | |
|
|
655 | 655 | |
|
|
656 | 656 | @classmethod |
|
|
657 | 657 | def validate_password(cls, username, password): |
| @@ -751,7 +751,7 b' def authenticate(username, password, env' | |||
|
|
751 | 751 | user_id = user.user_id if user else 'no-user' |
|
|
752 | 752 | # don't cache for empty users |
|
|
753 | 753 | plugin_cache_active = plugin_cache_active and user_id |
|
|
754 |
cache_namespace_uid = 'cache_user_auth.{}' |
|
|
|
754 | cache_namespace_uid = f'cache_user_auth.{user_id}' | |
|
|
755 | 755 | region = rc_cache.get_or_create_region('cache_perms', cache_namespace_uid) |
|
|
756 | 756 | |
|
|
757 | 757 | @region.conditional_cache_on_arguments(namespace=cache_namespace_uid, |
| @@ -793,7 +793,7 b' def authenticate(username, password, env' | |||
|
|
793 | 793 | elapsed_time_ms = round(1000.0 * auth_time) # use ms only |
|
|
794 | 794 | statsd.incr('rhodecode_login_success_total') |
|
|
795 | 795 | statsd.timing("rhodecode_login_timing.histogram", elapsed_time_ms, |
|
|
796 |
tags=["plugin:{ |
|
|
|
796 | tags=[f"plugin:{plugin.get_id()}"], | |
|
|
797 | 797 | use_decimals=False |
|
|
798 | 798 | ) |
|
|
799 | 799 | return plugin_user |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -141,7 +139,7 b' class CrowdServer(object):' | |||
|
|
141 | 139 | _headers = {"Content-type": "application/json", |
|
|
142 | 140 | "Accept": "application/json"} |
|
|
143 | 141 | if self.user and self.passwd: |
|
|
144 |
authstring = base64.b64encode(" |
|
|
|
142 | authstring = base64.b64encode("{}:{}".format(self.user, self.passwd)) | |
|
|
145 | 143 | _headers["Authorization"] = "Basic %s" % authstring |
|
|
146 | 144 | if headers: |
|
|
147 | 145 | _headers.update(headers) |
| @@ -170,7 +168,7 b' class CrowdServer(object):' | |||
|
|
170 | 168 | if not noformat: |
|
|
171 | 169 | ret_val = {"status": False, |
|
|
172 | 170 | "body": body, |
|
|
173 |
"error": "{}\n{}" |
|
|
|
171 | "error": f"{e}\n{msg}"} | |
|
|
174 | 172 | else: |
|
|
175 | 173 | ret_val = None |
|
|
176 | 174 | return ret_val |
| @@ -224,7 +222,7 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
224 | 222 | |
|
|
225 | 223 | @hybrid_property |
|
|
226 | 224 | def name(self): |
|
|
227 |
return |
|
|
|
225 | return "crowd" | |
|
|
228 | 226 | |
|
|
229 | 227 | def use_fake_password(self): |
|
|
230 | 228 | return True |
| @@ -293,5 +291,5 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
293 | 291 | |
|
|
294 | 292 | |
|
|
295 | 293 | def includeme(config): |
|
|
296 |
plugin_id = 'egg:rhodecode-enterprise-ce#{ |
|
|
|
294 | plugin_id = f'egg:rhodecode-enterprise-ce#{RhodeCodeAuthPlugin.uid}' | |
|
|
297 | 295 | plugin_factory(plugin_id).includeme(config) |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -104,7 +102,7 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
104 | 102 | |
|
|
105 | 103 | @hybrid_property |
|
|
106 | 104 | def name(self): |
|
|
107 |
return |
|
|
|
105 | return "headers" | |
|
|
108 | 106 | |
|
|
109 | 107 | @property |
|
|
110 | 108 | def is_headers_auth(self): |
| @@ -159,7 +157,7 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
159 | 157 | settings = kwargs.get('settings') or {} |
|
|
160 | 158 | username = self._get_username(environ, settings) |
|
|
161 | 159 | # we got the username, so use default method now |
|
|
162 |
return super( |
|
|
|
160 | return super().get_user(username) | |
|
|
163 | 161 | |
|
|
164 | 162 | def auth(self, userobj, username, password, settings, **kwargs): |
|
|
165 | 163 | """ |
| @@ -229,5 +227,5 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
229 | 227 | |
|
|
230 | 228 | |
|
|
231 | 229 | def includeme(config): |
|
|
232 |
plugin_id = 'egg:rhodecode-enterprise-ce#{ |
|
|
|
230 | plugin_id = f'egg:rhodecode-enterprise-ce#{RhodeCodeAuthPlugin.uid}' | |
|
|
233 | 231 | plugin_factory(plugin_id).includeme(config) |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -96,7 +94,7 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
96 | 94 | |
|
|
97 | 95 | @hybrid_property |
|
|
98 | 96 | def name(self): |
|
|
99 |
return |
|
|
|
97 | return "jasig-cas" | |
|
|
100 | 98 | |
|
|
101 | 99 | @property |
|
|
102 | 100 | def is_headers_auth(self): |
| @@ -171,5 +169,5 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
171 | 169 | |
|
|
172 | 170 | |
|
|
173 | 171 | def includeme(config): |
|
|
174 |
plugin_id = 'egg:rhodecode-enterprise-ce#{ |
|
|
|
172 | plugin_id = f'egg:rhodecode-enterprise-ce#{RhodeCodeAuthPlugin.uid}' | |
|
|
175 | 173 | plugin_factory(plugin_id).includeme(config) |
| @@ -1,4 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | 1 |
|
|
|
3 | 2 | # |
|
|
4 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -223,7 +222,7 b' class AuthLdap(AuthLdapBase):' | |||
|
|
223 | 222 | break |
|
|
224 | 223 | else: |
|
|
225 | 224 | raise LdapPasswordError( |
|
|
226 |
'Failed to authenticate user `{}` with given password' |
|
|
|
225 | f'Failed to authenticate user `{username}` with given password') | |
|
|
227 | 226 | |
|
|
228 | 227 | except ldap.NO_SUCH_OBJECT: |
|
|
229 | 228 | log.debug("LDAP says no such user '%s' (%s), org_exc:", |
| @@ -429,7 +428,7 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
429 | 428 | |
|
|
430 | 429 | @hybrid_property |
|
|
431 | 430 | def name(self): |
|
|
432 |
return |
|
|
|
431 | return "ldap" | |
|
|
433 | 432 | |
|
|
434 | 433 | def use_fake_password(self): |
|
|
435 | 434 | return True |
| @@ -547,5 +546,5 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
547 | 546 | |
|
|
548 | 547 | |
|
|
549 | 548 | def includeme(config): |
|
|
550 |
plugin_id = 'egg:rhodecode-enterprise-ce#{ |
|
|
|
549 | plugin_id = f'egg:rhodecode-enterprise-ce#{RhodeCodeAuthPlugin.uid}' | |
|
|
551 | 550 | plugin_factory(plugin_id).includeme(config) |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -104,7 +102,7 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
104 | 102 | |
|
|
105 | 103 | @hybrid_property |
|
|
106 | 104 | def name(self): |
|
|
107 |
return |
|
|
|
105 | return "pam" | |
|
|
108 | 106 | |
|
|
109 | 107 | def get_settings_schema(self): |
|
|
110 | 108 | return PamSettingsSchema() |
| @@ -126,7 +124,7 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
126 | 124 | log.debug('Got PAM response %s', auth_result) |
|
|
127 | 125 | |
|
|
128 | 126 | # old attrs fetched from RhodeCode database |
|
|
129 |
default_email = " |
|
|
|
127 | default_email = "{}@{}".format(username, socket.gethostname()) | |
|
|
130 | 128 | admin = getattr(userobj, 'admin', False) |
|
|
131 | 129 | active = getattr(userobj, 'active', True) |
|
|
132 | 130 | email = getattr(userobj, 'email', '') or default_email |
| @@ -168,5 +166,5 b' class RhodeCodeAuthPlugin(RhodeCodeExter' | |||
|
|
168 | 166 | |
|
|
169 | 167 | |
|
|
170 | 168 | def includeme(config): |
|
|
171 |
plugin_id = 'egg:rhodecode-enterprise-ce#{ |
|
|
|
169 | plugin_id = f'egg:rhodecode-enterprise-ce#{RhodeCodeAuthPlugin.uid}' | |
|
|
172 | 170 | plugin_factory(plugin_id).includeme(config) |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -84,7 +82,7 b' class RhodeCodeAuthPlugin(RhodeCodeAuthP' | |||
|
|
84 | 82 | |
|
|
85 | 83 | @hybrid_property |
|
|
86 | 84 | def name(self): |
|
|
87 |
return |
|
|
|
85 | return "rhodecode" | |
|
|
88 | 86 | |
|
|
89 | 87 | def user_activation_state(self): |
|
|
90 | 88 | def_user_perms = User.get_default_user().AuthUser().permissions['global'] |
| @@ -98,7 +96,7 b' class RhodeCodeAuthPlugin(RhodeCodeAuthP' | |||
|
|
98 | 96 | We know that user exists in our database. |
|
|
99 | 97 | """ |
|
|
100 | 98 | allows_non_existing_user = False |
|
|
101 |
return super( |
|
|
|
99 | return super().allows_authentication_from( | |
|
|
102 | 100 | user, allows_non_existing_user=allows_non_existing_user) |
|
|
103 | 101 | |
|
|
104 | 102 | def auth(self, userobj, username, password, settings, **kwargs): |
| @@ -218,5 +216,5 b' class RhodeCodeSettingsSchema(AuthnPlugi' | |||
|
|
218 | 216 | |
|
|
219 | 217 | |
|
|
220 | 218 | def includeme(config): |
|
|
221 |
plugin_id = 'egg:rhodecode-enterprise-ce#{ |
|
|
|
219 | plugin_id = f'egg:rhodecode-enterprise-ce#{RhodeCodeAuthPlugin.uid}' | |
|
|
222 | 220 | plugin_factory(plugin_id).includeme(config) |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -82,7 +80,7 b' class RhodeCodeAuthPlugin(RhodeCodeAuthP' | |||
|
|
82 | 80 | |
|
|
83 | 81 | @hybrid_property |
|
|
84 | 82 | def name(self): |
|
|
85 |
return |
|
|
|
83 | return "authtoken" | |
|
|
86 | 84 | |
|
|
87 | 85 | def user_activation_state(self): |
|
|
88 | 86 | def_user_perms = User.get_default_user().AuthUser().permissions['global'] |
| @@ -107,7 +105,7 b' class RhodeCodeAuthPlugin(RhodeCodeAuthP' | |||
|
|
107 | 105 | # only for vcs operations |
|
|
108 | 106 | allowed_auth_sources = [VCS_TYPE] |
|
|
109 | 107 | |
|
|
110 |
return super( |
|
|
|
108 | return super().allows_authentication_from( | |
|
|
111 | 109 | user, allows_non_existing_user=False, |
|
|
112 | 110 | allowed_auth_plugins=allowed_auth_plugins, |
|
|
113 | 111 | allowed_auth_sources=allowed_auth_sources) |
| @@ -157,7 +155,7 b' class RhodeCodeAuthPlugin(RhodeCodeAuthP' | |||
|
|
157 | 155 | |
|
|
158 | 156 | |
|
|
159 | 157 | def includeme(config): |
|
|
160 |
plugin_id = 'egg:rhodecode-enterprise-ce#{ |
|
|
|
158 | plugin_id = f'egg:rhodecode-enterprise-ce#{RhodeCodeAuthPlugin.uid}' | |
|
|
161 | 159 | plugin_factory(plugin_id).includeme(config) |
|
|
162 | 160 | |
|
|
163 | 161 | |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -121,7 +119,7 b' class AuthnRootResource(AuthnResourceBas' | |||
|
|
121 | 119 | counter = 1 |
|
|
122 | 120 | current = name |
|
|
123 | 121 | while current in self._store.keys(): |
|
|
124 |
current = '{}{}' |
|
|
|
122 | current = f'{name}{counter}' | |
|
|
125 | 123 | counter += 1 |
|
|
126 | 124 | if counter > limit: |
|
|
127 | 125 | raise ConfigurationError( |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -1,5 +1,3 b'' | |||
|
|
1 | ||
|
|
2 | ||
|
|
3 | 1 |
|
|
|
4 | 2 | # |
|
|
5 | 3 | # This program is free software: you can redistribute it and/or modify |
| @@ -30,7 +28,7 b' from rhodecode.apps._base import ADMIN_P' | |||
|
|
30 | 28 | class TestAuthenticationSettings: |
|
|
31 | 29 | |
|
|
32 | 30 | def test_auth_settings_global_view_get(self, app): |
|
|
33 | url = '{prefix}/auth/'.format(prefix=ADMIN_PREFIX) | |
|
|
31 | url = f'{ADMIN_PREFIX}/auth/' | |
|
|
34 | 32 | response = app.get(url) |
|
|
35 | 33 | assert response.status_code == 200 |
|
|
36 | 34 | |
General Comments 0
You need to be logged in to leave comments.
Login now