Change authenticators to return a result

Authenticators will not signal anymore validity by adding a request attributes. Instead they can return on of three values: - True, indicates positive authentication - False, indicate explicit failure - None, inicates neither success nor failure, not applicable
author: Simo Sorce <simo@redhat.com> 2015-04-07 22:23:47 -0400
committer: Simo Sorce <simo@redhat.com> 2015-04-07 22:57:49 -0400
commit: 0c8c416289514889ec095c203880a8ce1e4c23d4 (patch)
tree: 204aa7dde9538b7bc4acda4808507270b28e93a3 /custodia/httpd/authenticators.py
parent: 50abe3fd6ec1ed43a14fad94ad1fe2081f6e9cee (diff)
download: custodia-0c8c416289514889ec095c203880a8ce1e4c23d4.tar.gz
custodia-0c8c416289514889ec095c203880a8ce1e4c23d4.tar.xz
custodia-0c8c416289514889ec095c203880a8ce1e4c23d4.zip
1 files changed, 10 insertions, 7 deletions
diff --git a/custodia/httpd/authenticators.py b/custodia/httpd/authenticators.py
index 1b76287..cf8402f 100644
--- a/custodia/httpd/authenticators.py
+++ b/custodia/httpd/authenticators.py
@@ -28,7 +28,9 @@ class SimpleCredsAuth(HTTPAuthenticator):
         uid = int(request['creds']['gid'])
         gid = int(request['creds']['uid'])
         if self._gid == gid or self._uid == uid:
-            request['valid_auth'] = True
+            return True
+        else:
+            return False
 
 
 class SimpleHeaderAuth(HTTPAuthenticator):
@@ -44,22 +46,22 @@ class SimpleHeaderAuth(HTTPAuthenticator):
 
     def handle(self, request):
         if self.name not in request['headers']:
-            return
+            return False
         value = request['headers'][self.name]
         if self.value is None:
             # Any value is accepted
             pass
         elif isinstance(self.value, str):
             if value != self.value:
-                return
+                return False
         elif isinstance(self.value, list):
             if value not in self.value:
-                return
+                return False
         else:
-            return
+            return False
 
-        request['valid_auth'] = True
         request['remote_user'] = value
+        return True
 
 
 class SimpleNULLAuth(HTTPAuthenticator):
@@ -74,8 +76,9 @@ class SimpleNULLAuth(HTTPAuthenticator):
         path = request.get('path', '')
         while path != '':
             if path in self.paths:
-                request['valid_auth'] = True
+                return True
             if path == '/':
                 path = ''
             else:
                 path, _ = os.path.split(path)
+        return None
author	Simo Sorce <simo@redhat.com>	2015-04-07 22:23:47 -0400
committer	Simo Sorce <simo@redhat.com>	2015-04-07 22:57:49 -0400
commit	0c8c416289514889ec095c203880a8ce1e4c23d4 (patch)
tree	204aa7dde9538b7bc4acda4808507270b28e93a3 /custodia/httpd/authenticators.py
parent	50abe3fd6ec1ed43a14fad94ad1fe2081f6e9cee (diff)
download	custodia-0c8c416289514889ec095c203880a8ce1e4c23d4.tar.gz custodia-0c8c416289514889ec095c203880a8ce1e4c23d4.tar.xz custodia-0c8c416289514889ec095c203880a8ce1e4c23d4.zip