diff options
Diffstat (limited to 'ipsilon/login')
-rwxr-xr-x | ipsilon/login/authfas.py | 63 | ||||
-rwxr-xr-x | ipsilon/login/authform.py | 34 | ||||
-rwxr-xr-x | ipsilon/login/authkrb.py | 1 | ||||
-rwxr-xr-x | ipsilon/login/authldap.py | 74 | ||||
-rwxr-xr-x | ipsilon/login/authpam.py | 44 | ||||
-rwxr-xr-x | ipsilon/login/authtest.py | 36 | ||||
-rwxr-xr-x | ipsilon/login/common.py | 11 |
7 files changed, 123 insertions, 140 deletions
diff --git a/ipsilon/login/authfas.py b/ipsilon/login/authfas.py index c2d8fff..71db372 100755 --- a/ipsilon/login/authfas.py +++ b/ipsilon/login/authfas.py @@ -7,6 +7,7 @@ from ipsilon.info.common import InfoMapping from ipsilon.login.common import LoginFormBase, LoginManagerBase from ipsilon.login.common import FACILITY from ipsilon.util.plugin import PluginObject +from ipsilon.util import config as pconfig import cherrypy from fedora.client.fasproxy import FasProxyClient @@ -112,41 +113,33 @@ class LoginManager(LoginManagerBase): self.description = """ Form based login Manager that uses the Fedora Authentication Server """ - self._options = { - 'help text': [ - """ The text shown to guide the user at login time. """, - 'string', - 'Login wth your FAS credentials' - ], - 'username text': [ - """ The text shown to ask for the username in the form. """, - 'string', - 'FAS Username' - ], - 'password text': [ - """ The text shown to ask for the password in the form. """, - 'string', - 'Password' - ], - 'FAS url': [ - """ The FAS Url. """, - 'string', - 'https://admin.fedoraproject.org/accounts/' - ], - 'FAS Proxy client user Agent': [ - """ The User Agent presented to the FAS Server. """, - 'string', - 'Ipsilon v1.0' - ], - 'FAS Insecure Auth': [ - """ If 'YES' skips FAS server cert verification. """, - 'string', - '' - ], - } - self.conf_opt_order = ['FAS url', 'FAS Proxy client user Agent', - 'FAS Insecure Auth', 'username text', - 'password text', 'help text'] + self.new_config( + self.name, + pconfig.String( + 'FAS url', + 'The FAS Url.', + 'https://admin.fedoraproject.org/accounts/'), + pconfig.String( + 'FAS Proxy client user Agent', + 'The User Agent presented to the FAS Server.', + 'Ipsilon v1.0'), + pconfig.Condition( + 'FAS Insecure Auth', + 'If checked skips FAS server cert verification.', + False), + pconfig.String( + 'username text', + 'Text used to ask for the username at login time.', + 'FAS Username'), + pconfig.String( + 'password text', + 'Text used to ask for the password at login time.', + 'Password'), + pconfig.String( + 'help text', + 'Text used to guide the user at login time.', + 'Login with your FAS credentials') + ) @property def help_text(self): diff --git a/ipsilon/login/authform.py b/ipsilon/login/authform.py index 418a5e5..4e9f5c1 100755 --- a/ipsilon/login/authform.py +++ b/ipsilon/login/authform.py @@ -21,6 +21,7 @@ from ipsilon.login.common import LoginFormBase, LoginManagerBase from ipsilon.login.common import FACILITY from ipsilon.util.plugin import PluginObject from ipsilon.util.user import UserSession +from ipsilon.util import config as pconfig from string import Template import cherrypy import subprocess @@ -54,24 +55,21 @@ class LoginManager(LoginManagerBase): self.description = """ Form based login Manager. Relies on mod_intercept_form_submit plugin for actual authentication. """ - self._options = { - 'help text': [ - """ The text shown to guide the user at login time. """, - 'string', - 'Insert your Username and Password and then submit.' - ], - 'username text': [ - """ The text shown to ask for the username in the form. """, - 'string', - 'Username' - ], - 'password text': [ - """ The text shown to ask for the password in the form. """, - 'string', - 'Password' - ], - } - self.conf_opt_order = ['username text', 'password text', 'help text'] + self.new_config( + self.name, + pconfig.String( + 'username text', + 'Text used to ask for the username at login time.', + 'Username'), + pconfig.String( + 'password text', + 'Text used to ask for the password at login time.', + 'Password'), + pconfig.String( + 'help text', + 'Text used to guide the user at login time.', + 'Insert your Username and Password and then submit.') + ) @property def help_text(self): diff --git a/ipsilon/login/authkrb.py b/ipsilon/login/authkrb.py index 6c561ac..f2af0a0 100755 --- a/ipsilon/login/authkrb.py +++ b/ipsilon/login/authkrb.py @@ -84,6 +84,7 @@ class LoginManager(LoginManagerBase): self.description = """ Kereros Negotiate authentication plugin. Relies on the mod_auth_kerb apache plugin for actual authentication. """ + self.new_config(self.name) def get_tree(self, site): self.page = Krb(site, self) diff --git a/ipsilon/login/authldap.py b/ipsilon/login/authldap.py index ed75e91..f51f375 100755 --- a/ipsilon/login/authldap.py +++ b/ipsilon/login/authldap.py @@ -6,6 +6,7 @@ from ipsilon.login.common import LoginFormBase, LoginManagerBase from ipsilon.login.common import FACILITY from ipsilon.util.plugin import PluginObject from ipsilon.util.log import Log +from ipsilon.util import config as pconfig from ipsilon.info.infoldap import InfoProvider as LDAPInfo import ldap @@ -107,47 +108,38 @@ class LoginManager(LoginManagerBase): self.description = """ Form based login Manager that uses a simple bind LDAP operation to perform authentication. """ - self._options = { - 'help text': [ - """ The text shown to guide the user at login time. """, - 'string', - 'Insert your Username and Password and then submit.' - ], - 'username text': [ - """ The text shown to ask for the username in the form. """, - 'string', - 'Username' - ], - 'password text': [ - """ The text shown to ask for the password in the form. """, - 'string', - 'Password' - ], - 'server url': [ - """ The LDAP server url """, - 'string', - 'ldap://example.com' - ], - 'tls': [ - " What TLS level show be required " + - "(Demand, Allow, Try, Never, NoTLS) ", - 'string', - 'Demand' - ], - 'bind dn template': [ - """ Template to turn username into DN. """, - 'string', - 'uid=%(username)s,ou=People,dc=example,dc=com' - ], - 'get user info': [ - """ Get user info via ldap directly after auth (Yes/No) """, - 'string', - 'Yes' - ], - } - self.conf_opt_order = ['server url', 'bind dn template', - 'get user info', 'tls', 'username text', - 'password text', 'help text'] + self.new_config( + self.name, + pconfig.String( + 'server url', + 'The LDAP server url.', + 'ldap://example.com'), + pconfig.Template( + 'bind dn template', + 'Template to turn username into DN.', + 'uid=%(username)s,ou=People,dc=example,dc=com'), + pconfig.Condition( + 'get user info', + 'Get user info via ldap using user credentials', + True), + pconfig.Pick( + 'tls', + 'What TLS level show be required', + ['Demand', 'Allow', 'Try', 'Never', 'NoTLS'], + 'Demand'), + pconfig.String( + 'username text', + 'Text used to ask for the username at login time.', + 'Username'), + pconfig.String( + 'password text', + 'Text used to ask for the password at login time.', + 'Password'), + pconfig.String( + 'help text', + 'Text used to guide the user at login time.', + 'Provide your Username and Password') + ) @property def help_text(self): diff --git a/ipsilon/login/authpam.py b/ipsilon/login/authpam.py index 10b550e..c7cb9a0 100755 --- a/ipsilon/login/authpam.py +++ b/ipsilon/login/authpam.py @@ -20,6 +20,7 @@ from ipsilon.login.common import LoginFormBase, LoginManagerBase from ipsilon.login.common import FACILITY from ipsilon.util.plugin import PluginObject +from ipsilon.util import config as pconfig import pam import subprocess @@ -76,30 +77,25 @@ class LoginManager(LoginManagerBase): self.description = """ Form based login Manager that uses the system's PAM infrastructure for authentication. """ - self._options = { - 'service name': [ - """ The name of the PAM service used to authenticate. """, - 'string', - 'remote' - ], - 'help text': [ - """ The text shown to guide the user at login time. """, - 'string', - 'Insert your Username and Password and then submit.' - ], - 'username text': [ - """ The text shown to ask for the username in the form. """, - 'string', - 'Username' - ], - 'password text': [ - """ The text shown to ask for the password in the form. """, - 'string', - 'Password' - ], - } - self.conf_opt_order = ['service name', 'username text', - 'password text', 'help text'] + self.new_config( + self.name, + pconfig.String( + 'service name', + 'The name of the PAM service used to authenticate.', + 'remote'), + pconfig.String( + 'username text', + 'Text used to ask for the username at login time.', + 'Username'), + pconfig.String( + 'password text', + 'Text used to ask for the password at login time.', + 'Password'), + pconfig.String( + 'help text', + 'Text used to guide the user at login time.', + 'Provide your Username and Password') + ) @property def service_name(self): diff --git a/ipsilon/login/authtest.py b/ipsilon/login/authtest.py index 6288826..e3f8eff 100755 --- a/ipsilon/login/authtest.py +++ b/ipsilon/login/authtest.py @@ -20,6 +20,7 @@ from ipsilon.login.common import LoginFormBase, LoginManagerBase from ipsilon.login.common import FACILITY from ipsilon.util.plugin import PluginObject +from ipsilon.util import config as pconfig import cherrypy @@ -63,23 +64,24 @@ class LoginManager(LoginManagerBase): self.page = None self.description = """ Form based TEST login Manager, DO NOT EVER ACTIVATE IN PRODUCTION """ - self._options = { - 'help text': [ - """ The text shown to guide the user at login time. """, - 'string', - 'Insert your Username and Password and then submit.' - ], - 'username text': [ - """ The text shown to ask for the username in the form. """, - 'string', - 'Username' - ], - 'password text': [ - """ The text shown to ask for the password in the form. """, - 'string', - 'Password' - ], - } + self.new_config( + self.name, + pconfig.String( + 'username text', + 'Text used to ask for the username at login time.', + 'Username'), + pconfig.String( + 'password text', + 'Text used to ask for the password at login time.', + 'Password'), + pconfig.String( + 'help text', + 'Text used to guide the user at login time.', + 'DISABLE IN PRODUCTION, USE ONLY FOR TEST ' + + 'Use any username they are all valid, "admin" gives ' + + 'administrative powers. ' + + 'Use the fixed password "ipsilon" for any user') + ) @property def help_text(self): diff --git a/ipsilon/login/common.py b/ipsilon/login/common.py index 028b754..ad09ce1 100755 --- a/ipsilon/login/common.py +++ b/ipsilon/login/common.py @@ -19,8 +19,8 @@ from ipsilon.util.page import Page from ipsilon.util.user import UserSession -from ipsilon.util.plugin import PluginLoader, PluginObject -from ipsilon.util.plugin import PluginInstaller +from ipsilon.util.plugin import PluginInstaller, PluginLoader +from ipsilon.util.plugin import PluginObject, PluginConfig from ipsilon.info.common import Info from ipsilon.util.cookies import SecureCookie import cherrypy @@ -29,10 +29,11 @@ import cherrypy USERNAME_COOKIE = 'ipsilon_default_username' -class LoginManagerBase(PluginObject): +class LoginManagerBase(PluginConfig, PluginObject): def __init__(self): - super(LoginManagerBase, self).__init__() + PluginConfig.__init__(self) + PluginObject.__init__(self) self._site = None self.path = '/' self.next_login = None @@ -126,7 +127,7 @@ class LoginManagerBase(PluginObject): # configure self if self.name in plugins['config']: - self.set_config(plugins['config'][self.name]) + self.import_config(plugins['config'][self.name]) # and add self to the root root = plugins['root'] |