本文整理汇总了Python中kerberos.AUTH_GSS_CONTINUE属性的典型用法代码示例。如果您正苦于以下问题:Python kerberos.AUTH_GSS_CONTINUE属性的具体用法?Python kerberos.AUTH_GSS_CONTINUE怎么用?Python kerberos.AUTH_GSS_CONTINUE使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类kerberos的用法示例。
在下文中一共展示了kerberos.AUTH_GSS_CONTINUE属性的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _gssapi_authenticate
# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import AUTH_GSS_CONTINUE [as 别名]
def _gssapi_authenticate(token):
state = None
ctx = stack.top
try:
return_code, state = kerberos.authGSSServerInit(_KERBEROS_SERVICE.service_name)
if return_code != kerberos.AUTH_GSS_COMPLETE:
return None
return_code = kerberos.authGSSServerStep(state, token)
if return_code == kerberos.AUTH_GSS_COMPLETE:
ctx.kerberos_token = kerberos.authGSSServerResponse(state)
ctx.kerberos_user = kerberos.authGSSServerUserName(state)
return return_code
if return_code == kerberos.AUTH_GSS_CONTINUE:
return kerberos.AUTH_GSS_CONTINUE
return None
except kerberos.GSSError:
return None
finally:
if state:
kerberos.authGSSServerClean(state) 示例2: requires_authentication
# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import AUTH_GSS_CONTINUE [as 别名]
def requires_authentication(function):
"""Decorator for functions that require authentication with Kerberos"""
@wraps(function)
def decorated(*args, **kwargs):
header = request.headers.get("Authorization")
if header:
ctx = stack.top
token = ''.join(header.split()[1:])
return_code = _gssapi_authenticate(token)
if return_code == kerberos.AUTH_GSS_COMPLETE:
g.user = ctx.kerberos_user
response = function(*args, **kwargs)
response = make_response(response)
if ctx.kerberos_token is not None:
response.headers['WWW-Authenticate'] = ' '.join(['negotiate',
ctx.kerberos_token])
return response
if return_code != kerberos.AUTH_GSS_CONTINUE:
return _forbidden()
return _unauthorized()
return decorated 示例3: challenge
# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import AUTH_GSS_CONTINUE [as 别名]
def challenge(self, challenge):
if self.step == 0:
ret = kerberos.authGSSClientStep(self._gss,
base64.b64encode(challenge))
if ret != kerberos.AUTH_GSS_CONTINUE:
self.step = 1
elif self.step == 1:
ret = kerberos.authGSSClientUnwrap(self._gss,
base64.b64encode(challenge))
response = kerberos.authGSSClientResponse(self._gss)
ret = kerberos.authGSSClientWrap(self._gss, response, self.username)
response = kerberos.authGSSClientResponse(self._gss)
if response is None:
return Response("")
else:
return Response(base64.b64decode(response)) 示例4: process
# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import AUTH_GSS_CONTINUE [as 别名]
def process(self, challenge=b''):
b64_challenge = b64encode(challenge)
try:
if self.step == 0:
result = kerberos.authGSSClientStep(self.gss, b64_challenge)
if result != kerberos.AUTH_GSS_CONTINUE:
self.step = 1
elif not challenge:
kerberos.authGSSClientClean(self.gss)
return b''
elif self.step == 1:
username = self.credentials['username']
kerberos.authGSSClientUnwrap(self.gss, b64_challenge)
resp = kerberos.authGSSClientResponse(self.gss)
kerberos.authGSSClientWrap(self.gss, resp, username)
resp = kerberos.authGSSClientResponse(self.gss)
except kerberos.GSSError as e:
raise SASLCancelled('Kerberos error: %s' % e)
if not resp:
return b''
else:
return b64decode(resp) 示例5: authenticate
# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import AUTH_GSS_CONTINUE [as 别名]
def authenticate(self, handler, data):
'''
Performs GSSAPI Negotiate Authentication
@param token: GSSAPI Authentication Token
@type token: str
@returns gssapi return code or None on failure
@rtype: int or None
'''
state = None
try:
rc, state = kerberos.authGSSServerInit(self.service_name)
self.log.info("kerberos.authGSSServerInit")
if rc != kerberos.AUTH_GSS_COMPLETE:
return None
rc = kerberos.authGSSServerStep(state, data)
self.log.info("kerberos.authGSSServerStep")
if rc == kerberos.AUTH_GSS_COMPLETE:
user = kerberos.authGSSServerUserName(state)
self.log.info("Extracted User = " + user)
return "kerberos.AUTH_GSS_COMPLETE:" + user
elif rc == kerberos.AUTH_GSS_CONTINUE:
return "kerberos.AUTH_GSS_CONTINUE"
else:
self.log.info("return None")
return None
except kerberos.GSSError as err:
self.log.info("kerberos.GSSError: {0}".format(err))
return None
finally:
if state:
kerberos.authGSSServerClean(state) 示例6: _negotiate_get_svctk
# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import AUTH_GSS_CONTINUE [as 别名]
def _negotiate_get_svctk(self, spn, authdata):
if authdata is None:
return None
result, self.context = kerberos.authGSSClientInit(spn)
if result < kerberos.AUTH_GSS_COMPLETE:
return None
result = kerberos.authGSSClientStep(self.context, authdata)
if result < kerberos.AUTH_GSS_CONTINUE:
return None
response = kerberos.authGSSClientResponse(self.context)
return "Negotiate %s" % response 示例7: get
# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import AUTH_GSS_CONTINUE [as 别名]
def get(self):
header = self.request.headers.get("Authorization")
if header:
token = ''.join(header.split()[1:])
result = yield self.authenticator.get_authenticated_user(self, token)
username = None
rc = None
if ":" in result:
rc, username = result.split(':')
elif result != None:
rc = result
if rc.upper() == "KERBEROS.AUTH_GSS_COMPLETE":
self.log.info("kerberos.AUTH_GSS_COMPLETE: Username= " + username)
if username:
userId = username.split("@")[0]
self.log.info("User = " + userId)
user = self.user_from_username(userId)
already_running = False
if user.spawner:
status = yield user.spawner.poll()
already_running = (status == None)
if not already_running and not user.spawner.options_form:
yield self.spawn_single_user(user)
self.set_login_cookie(user)
next_url = self.get_argument('next', default='')
if not next_url.startswith('/'):
next_url = ''
next_url = next_url or self.hub.server.base_url
self.redirect(next_url)
self.log.info("User logged in: %s", username)
else:
self._stop(username)
elif rc.upper() != "KERBEROS.AUTH_GSS_CONTINUE":
self.log.info("Request forbidden")
self._forbidden()
else:
self._unauthorized()
else:
self._unauthorized()