##// END OF EJS Templates
vcs: Pass registry to vcs for user authentication....
Martin Bornhold -
r591:bc63cba1 default
parent child Browse files
Show More
@@ -509,7 +509,7 b' def get_auth_cache_manager(custom_ttl=No'
509
509
510
510
511 def authenticate(username, password, environ=None, auth_type=None,
511 def authenticate(username, password, environ=None, auth_type=None,
512 skip_missing=False):
512 skip_missing=False, registry=None):
513 """
513 """
514 Authentication function used for access control,
514 Authentication function used for access control,
515 It tries to authenticate based on enabled authentication modules.
515 It tries to authenticate based on enabled authentication modules.
@@ -526,7 +526,7 b' def authenticate(username, password, env'
526 % auth_type)
526 % auth_type)
527 headers_only = environ and not (username and password)
527 headers_only = environ and not (username and password)
528
528
529 authn_registry = get_authn_registry()
529 authn_registry = get_authn_registry(registry)
530 for plugin in authn_registry.get_plugins_for_authentication():
530 for plugin in authn_registry.get_plugins_for_authentication():
531 plugin.set_auth_type(auth_type)
531 plugin.set_auth_type(auth_type)
532 user = plugin.get_user(username)
532 user = plugin.get_user(username)
@@ -205,11 +205,12 b' def vcs_operation_context('
205
205
206 class BasicAuth(AuthBasicAuthenticator):
206 class BasicAuth(AuthBasicAuthenticator):
207
207
208 def __init__(self, realm, authfunc, auth_http_code=None,
208 def __init__(self, realm, authfunc, registry, auth_http_code=None,
209 initial_call_detection=False):
209 initial_call_detection=False):
210 self.realm = realm
210 self.realm = realm
211 self.initial_call = initial_call_detection
211 self.initial_call = initial_call_detection
212 self.authfunc = authfunc
212 self.authfunc = authfunc
213 self.registry = registry
213 self._rc_auth_http_code = auth_http_code
214 self._rc_auth_http_code = auth_http_code
214
215
215 def _get_response_from_code(self, http_code):
216 def _get_response_from_code(self, http_code):
@@ -242,7 +243,8 b' class BasicAuth(AuthBasicAuthenticator):'
242 if len(_parts) == 2:
243 if len(_parts) == 2:
243 username, password = _parts
244 username, password = _parts
244 if self.authfunc(
245 if self.authfunc(
245 username, password, environ, VCS_TYPE):
246 username, password, environ, VCS_TYPE,
247 registry=self.registry):
246 return username
248 return username
247 if username and password:
249 if username and password:
248 # we mark that we actually executed authentication once, at
250 # we mark that we actually executed authentication once, at
@@ -82,7 +82,8 b' class SimpleVCS(object):'
82
82
83 SCM = 'unknown'
83 SCM = 'unknown'
84
84
85 def __init__(self, application, config):
85 def __init__(self, application, config, registry):
86 self.registry = registry
86 self.application = application
87 self.application = application
87 self.config = config
88 self.config = config
88 # base path of repo locations
89 # base path of repo locations
@@ -90,8 +91,8 b' class SimpleVCS(object):'
90 # authenticate this VCS request using authfunc
91 # authenticate this VCS request using authfunc
91 auth_ret_code_detection = \
92 auth_ret_code_detection = \
92 str2bool(self.config.get('auth_ret_code_detection', False))
93 str2bool(self.config.get('auth_ret_code_detection', False))
93 self.authenticate = BasicAuth('', authenticate,
94 self.authenticate = BasicAuth(
94 config.get('auth_ret_code'),
95 '', authenticate, registry, config.get('auth_ret_code'),
95 auth_ret_code_detection)
96 auth_ret_code_detection)
96 self.ip_addr = '0.0.0.0'
97 self.ip_addr = '0.0.0.0'
97
98
@@ -284,7 +285,8 b' class SimpleVCS(object):'
284
285
285 # try to auth based on environ, container auth methods
286 # try to auth based on environ, container auth methods
286 log.debug('Running PRE-AUTH for container based authentication')
287 log.debug('Running PRE-AUTH for container based authentication')
287 pre_auth = authenticate('', '', environ,VCS_TYPE)
288 pre_auth = authenticate(
289 '', '', environ, VCS_TYPE, registry=self.registry)
288 if pre_auth and pre_auth.get('username'):
290 if pre_auth and pre_auth.get('username'):
289 username = pre_auth['username']
291 username = pre_auth['username']
290 log.debug('PRE-AUTH got %s as username', username)
292 log.debug('PRE-AUTH got %s as username', username)
@@ -126,23 +126,24 b' class GunzipMiddleware(object):'
126
126
127 class VCSMiddleware(object):
127 class VCSMiddleware(object):
128
128
129 def __init__(self, app, config, appenlight_client):
129 def __init__(self, app, config, appenlight_client, registry):
130 self.application = app
130 self.application = app
131 self.config = config
131 self.config = config
132 self.appenlight_client = appenlight_client
132 self.appenlight_client = appenlight_client
133 self.registry = registry
133
134
134 def _get_handler_app(self, environ):
135 def _get_handler_app(self, environ):
135 app = None
136 app = None
136 if is_hg(environ):
137 if is_hg(environ):
137 app = SimpleHg(self.application, self.config)
138 app = SimpleHg(self.application, self.config, self.registry)
138
139
139 if is_git(environ):
140 if is_git(environ):
140 app = SimpleGit(self.application, self.config)
141 app = SimpleGit(self.application, self.config, self.registry)
141
142
142 proxy_svn = rhodecode.CONFIG.get(
143 proxy_svn = rhodecode.CONFIG.get(
143 'rhodecode_proxy_subversion_http_requests', False)
144 'rhodecode_proxy_subversion_http_requests', False)
144 if proxy_svn and is_svn(environ):
145 if proxy_svn and is_svn(environ):
145 app = SimpleSvn(self.application, self.config)
146 app = SimpleSvn(self.application, self.config, self.registry)
146
147
147 if app:
148 if app:
148 app = GunzipMiddleware(app)
149 app = GunzipMiddleware(app)
General Comments 0
You need to be logged in to leave comments. Login now