本文整理汇总了Python中puresasl.client.SASLClient.process方法的典型用法代码示例。如果您正苦于以下问题:Python SASLClient.process方法的具体用法?Python SASLClient.process怎么用?Python SASLClient.process使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类puresasl.client.SASLClient的用法示例。
在下文中一共展示了SASLClient.process方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: authenticate_xmpp
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
def authenticate_xmpp(self):
"""Authenticate the user to the XMPP server via the BOSH connection."""
self.request_sid()
self.log.debug('Prepare the XMPP authentication')
# Instantiate a sasl object
sasl = SASLClient(
host=self.to,
service='xmpp',
username=self.jid,
password=self.password
)
# Choose an auth mechanism
sasl.choose_mechanism(self.server_auth, allow_anonymous=False)
# Request challenge
challenge = self.get_challenge(sasl.mechanism)
# Process challenge and generate response
response = sasl.process(base64.b64decode(challenge))
# Send response
resp_root = self.send_challenge_response(response)
success = self.check_authenticate_success(resp_root)
if success is None and\
resp_root.find('{{{0}}}challenge'.format(XMPP_SASL_NS)) is not None:
resp_root = self.send_challenge_response('')
return self.check_authenticate_success(resp_root)
return success示例2: authenticate_xmpp
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
def authenticate_xmpp(self):
"""Authenticate the user to the XMPP server via the BOSH connection."""
self.request_sid()
self.log.debug('Prepare the XMPP authentication')
# Instantiate a sasl object
sasl = SASLClient(host=self.to,
service='xmpp',
username=self.jid,
password=self.password)
# Choose an auth mechanism
sasl.choose_mechanism(self.server_auth, allow_anonymous=False)
# Request challenge
challenge = self.get_challenge(sasl.mechanism)
# Process challenge and generate response
response = sasl.process(base64.b64decode(challenge))
# Send response
success = self.send_challenge_response(response)
if not success:
return False
self.request_restart()
self.bind_resource()
return True示例3: sasl_bind
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
def sasl_bind(client, host):
sasl_client = SASLClient(host, service='ldap', mechanism='GSSAPI')
sasl_credentials = SaslCredentials()
sasl_credentials.setComponentByName("mechanism", LDAPString("gssapi"))
sasl_credentials.setComponentByName("credentials", sasl_client.process(None))
authentication_choice = AuthenticationChoice()
authentication_choice.setComponentByName('sasl', sasl_credentials)
bind_request = BindRequest()
bind_request.setComponentByName('version', Version(3))
bind_request.setComponentByName('name', LDAPDN(''))
bind_request.setComponentByName('authentication', authentication_choice)
protocol_op = ProtocolOp()
protocol_op.setComponentByName("bindRequest", bind_request)
ber_encode(authentication_choice)
ber_encode(sasl_credentials)
print(bind_request.prettyPrint())
ber_encode(bind_request)
ber_encode(protocol_op)
response = yield from client.request(protocol_op)
print(response)示例4: GSSAPIAuthenticator
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
class GSSAPIAuthenticator(BaseDSEAuthenticator):
def __init__(self, host, service, qops, properties):
properties = properties or {}
self.sasl = SASLClient(host, service, 'GSSAPI', qops=qops, **properties)
def get_mechanism(self):
return "GSSAPI"
def get_initial_challenge(self):
return "GSSAPI-START"
def evaluate_challenge(self, challenge):
if challenge == 'GSSAPI-START':
return self.sasl.process()
else:
return self.sasl.process(challenge)示例5: SaslAuthenticator
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
class SaslAuthenticator(Authenticator):
"""
An :class:`~.Authenticator` that works with DSE's KerberosAuthenticator.
.. versionadded:: 2.1.3-post
"""
def __init__(self, host, service, mechanism='GSSAPI', **sasl_kwargs):
if SASLClient is None:
raise ImportError('The puresasl library has not been installed')
self.sasl = SASLClient(host, service, mechanism, **sasl_kwargs)
def initial_response(self):
return self.sasl.process()
def evaluate_challenge(self, challenge):
return self.sasl.process(challenge)示例6: SaslAuthenticator
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
class SaslAuthenticator(Authenticator):
"""
A pass-through :class:`~.Authenticator` using the third party package
'pure-sasl' for authentication
.. versionadded:: 2.1.4
"""
def __init__(self, host, service, mechanism='GSSAPI', **sasl_kwargs):
if SASLClient is None:
raise ImportError('The puresasl library has not been installed')
self.sasl = SASLClient(host, service, mechanism, **sasl_kwargs)
def initial_response(self):
return self.sasl.process()
def evaluate_challenge(self, challenge):
return self.sasl.process(challenge)示例7: TSaslClientTransport
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
class TSaslClientTransport(TTransportBase, CReadableTransport):
"""
SASL transport
"""
START = 1
OK = 2
BAD = 3
ERROR = 4
COMPLETE = 5
def __init__(self, transport, host, service, mechanism='GSSAPI',
**sasl_kwargs):
"""
transport: an underlying transport to use, typically just a TSocket
host: the name of the server, from a SASL perspective
service: the name of the server's service, from a SASL perspective
mechanism: the name of the preferred mechanism to use
All other kwargs will be passed to the puresasl.client.SASLClient
constructor.
"""
from puresasl.client import SASLClient
self.transport = transport
self.sasl = SASLClient(host, service, mechanism, **sasl_kwargs)
self.__wbuf = StringIO()
self.__rbuf = StringIO()
def open(self):
if not self.transport.isOpen():
self.transport.open()
self.send_sasl_msg(self.START, self.sasl.mechanism)
self.send_sasl_msg(self.OK, self.sasl.process())
while True:
status, challenge = self.recv_sasl_msg()
if status == self.OK:
self.send_sasl_msg(self.OK, self.sasl.process(challenge))
elif status == self.COMPLETE:
if not self.sasl.complete:
raise TTransportException("The server erroneously indicated "
"that SASL negotiation was complete")
else:
break
else:
raise TTransportException("Bad SASL negotiation status: %d (%s)"
% (status, challenge))
def send_sasl_msg(self, status, body):
header = pack(">BI", status, len(body))
self.transport.write(header + body)
self.transport.flush()
def recv_sasl_msg(self):
header = self.transport.readAll(5)
status, length = unpack(">BI", header)
if length > 0:
payload = self.transport.readAll(length)
else:
payload = ""
return status, payload
def write(self, data):
self.__wbuf.write(data)
def flush(self):
data = self.__wbuf.getvalue()
encoded = self.sasl.wrap(data)
self.transport.write(''.join((pack("!i", len(encoded)), encoded)))
self.transport.flush()
self.__wbuf = StringIO()
def read(self, sz):
ret = self.__rbuf.read(sz)
if len(ret) != 0:
return ret
self._read_frame()
return self.__rbuf.read(sz)
def _read_frame(self):
header = self.transport.readAll(4)
length, = unpack('!i', header)
encoded = self.transport.readAll(length)
self.__rbuf = StringIO(self.sasl.unwrap(encoded))
def close(self):
self.sasl.dispose()
self.transport.close()
# based on TFramedTransport
@property
def cstringio_buf(self):
return self.__rbuf
def cstringio_refill(self, prefix, reqlen):
#.........这里部分代码省略.........
示例8: TSaslClientTransport
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
class TSaslClientTransport(TTransportBase, CReadableTransport):
START = 1
OK = 2
BAD = 3
ERROR = 4
COMPLETE = 5
def __init__(self, transport, host, service,
mechanism='GSSAPI', **sasl_kwargs):
from puresasl.client import SASLClient
self.transport = transport
self.sasl = SASLClient(host, service, mechanism, **sasl_kwargs)
self.__wbuf = StringIO()
self.__rbuf = StringIO()
def open(self):
if not self.transport.isOpen():
self.transport.open()
self.send_sasl_msg(self.START, self.sasl.mechanism)
self.send_sasl_msg(self.OK, self.sasl.process())
while True:
status, challenge = self.recv_sasl_msg()
if status == self.OK:
self.send_sasl_msg(self.OK, self.sasl.process(challenge))
elif status == self.COMPLETE:
if not self.sasl.complete:
raise TTransportException("The server erroneously indicated "
"that SASL negotiation was complete")
else:
break
else:
raise TTransportException("Bad SASL negotiation status: %d (%s)"
% (status, challenge))
def send_sasl_msg(self, status, body):
header = struct.pack(">BI", status, len(body))
self.transport.write(header + body)
self.transport.flush()
def recv_sasl_msg(self):
header = self.transport.readAll(5)
status, length = struct.unpack(">BI", header)
if length > 0:
payload = self.transport.readAll(length)
else:
payload = ""
return status, payload
def write(self, data):
self.__wbuf.write(data)
def flush(self):
data = self.__wbuf.getvalue()
encoded = self.sasl.wrap(data)
# Note stolen from TFramedTransport:
# N.B.: Doing this string concatenation is WAY cheaper than making
# two separate calls to the underlying socket object. Socket writes in
# Python turn out to be REALLY expensive, but it seems to do a pretty
# good job of managing string buffer operations without excessive copies
self.transport.write(''.join((struct.pack("!i", len(encoded)), encoded)))
self.transport.flush()
self.__wbuf = StringIO()
def read(self, sz):
ret = self.__rbuf.read(sz)
if len(ret) != 0:
return ret
self._read_frame()
return self.__rbuf.read(sz)
def _read_frame(self):
header = self.transport.readAll(4)
length, = struct.unpack('!i', header)
encoded = self.transport.readAll(length)
self.__rbuf = StringIO(self.sasl.unwrap(encoded))
def close(self):
self.sasl.dispose()
self.transport.close()
# Implement the CReadableTransport interface.
# Stolen shamelessly from TFramedTransport
@property
def cstringio_buf(self):
return self.__rbuf
def cstringio_refill(self, prefix, reqlen):
# self.__rbuf will already be empty here because fastbinary doesn't
# ask for a refill until the previous buffer is empty. Therefore,
# we can start reading new frames immediately.
while len(prefix) < reqlen:
self._read_frame()
prefix += self.__rbuf.getvalue()
#.........这里部分代码省略.........
示例9: TSaslClientTransport
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
class TSaslClientTransport(TTransportBase, CReadableTransport):
"""
A SASL transport based on the pure-sasl library:
https://github.com/thobbs/pure-sasl
"""
START = 1
OK = 2
BAD = 3
ERROR = 4
COMPLETE = 5
def __init__(self, transport, host, service, mechanism="GSSAPI", **sasl_kwargs):
"""
transport: an underlying transport to use, typically just a TSocket
host: the name of the server, from a SASL perspective
service: the name of the server's service, from a SASL perspective
mechanism: the name of the preferred mechanism to use
All other kwargs will be passed to the puresasl.client.SASLClient
constructor.
"""
self.transport = transport
self.sasl = SASLClient(host, service, mechanism, **sasl_kwargs)
self.__wbuf = StringIO()
self.__rbuf = StringIO()
# extremely awful hack, but you've got to do what you've got to do.
# essentially "wrap" and "unwrap" are defined for the base Mechanism class and raise a NotImplementedError by
# default, and PlainMechanism doesn't implement its own versions (lol).
# self.sasl._chosen_mech.wrap = lambda x: x
# self.sasl._chosen_mech.unwrap = lambda x: x
def open(self):
if not self.transport.isOpen():
self.transport.open()
self.send_sasl_msg(self.START, self.sasl.mechanism)
self.send_sasl_msg(self.OK, self.sasl.process() or "")
while True:
status, challenge = self.recv_sasl_msg()
if status == self.OK:
self.send_sasl_msg(self.OK, self.sasl.process(challenge) or "")
elif status == self.COMPLETE:
# self.sasl.complete is not set for PLAIN authentication (trollface.jpg) so we have to skip this check
# break
if not self.sasl.complete:
raise TTransportException("The server erroneously indicated " "that SASL negotiation was complete")
else:
break
else:
raise TTransportException("Bad SASL negotiation status: %d (%s)" % (status, challenge))
def send_sasl_msg(self, status, body):
if body is None:
body = ""
header = pack(">BI", status, len(body))
body = body if isinstance(body, bytes) else body.encode("utf-8")
self.transport.write(header + body)
self.transport.flush()
def recv_sasl_msg(self):
header = self.transport.readAll(5)
status, length = unpack(">BI", header)
if length > 0:
payload = self.transport.readAll(length)
else:
payload = ""
return status, payload
def write(self, data):
self.__wbuf.write(data)
def flush(self):
data = self.__wbuf.getvalue()
encoded = self.sasl.wrap(data)
self.transport.write("".join((pack("!i", len(encoded)), encoded)))
self.transport.flush()
self.__wbuf = StringIO()
def read(self, sz):
ret = self.__rbuf.read(sz)
if len(ret) != 0:
return ret
self._read_frame()
return self.__rbuf.read(sz)
def _read_frame(self):
header = self.transport.readAll(4)
length, = unpack("!i", header)
encoded = self.transport.readAll(length)
self.__rbuf = StringIO(self.sasl.unwrap(encoded))
def close(self):
self.sasl.dispose()
self.transport.close()
#.........这里部分代码省略.........
示例10: SocketRpcChannel
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
#.........这里部分代码省略.........
len(header_bytes)
+ len(sasl_bytes)
+ encoder._VarintSize(len(header_bytes))
+ encoder._VarintSize(len(sasl_bytes))
)
# Sends negotiate request
self.write(struct.pack("!I", total_length))
self.write_delimited(header_bytes)
self.write_delimited(sasl_bytes)
# Gets negotiate response
bytes = self.recv_rpc_message()
resp = self.parse_response(bytes, RpcSaslProto)
chosen_auth = None
for auth in resp.auths:
if auth.method == "TOKEN" and auth.mechanism == "DIGEST-MD5":
chosen_auth = auth
if chosen_auth is None:
raise IOError("Token digest-MD5 authentication not supported by server")
# Prepares initiate request
self.sasl = SASLClient(
chosen_auth.serverId,
chosen_auth.protocol,
mechanism=chosen_auth.mechanism,
username=base64.b64encode(token["identifier"]),
password=base64.b64encode(token["password"]),
)
challenge_resp = self.sasl.process(chosen_auth.challenge)
auth = RpcSaslProto.SaslAuth()
auth.method = chosen_auth.method
auth.mechanism = chosen_auth.mechanism
auth.protocol = chosen_auth.protocol
auth.serverId = chosen_auth.serverId
initiate_request = RpcSaslProto()
initiate_request.state = RpcSaslProto.INITIATE
initiate_request.version = 0
initiate_request.auths.extend([auth])
initiate_request.token = challenge_resp
sasl_bytes = initiate_request.SerializeToString()
total_length = (
len(header_bytes)
+ len(sasl_bytes)
+ encoder._VarintSize(len(header_bytes))
+ encoder._VarintSize(len(sasl_bytes))
)
# Sends initiate request
self.write(struct.pack("!I", total_length))
self.write_delimited(header_bytes)
self.write_delimited(sasl_bytes)
bytes = self.recv_rpc_message()
resp = self.parse_response(bytes, RpcSaslProto)
# If desired, server can be authenticated using the rspauth in the response
def send_rpc_message(self, method, request):示例11: LDAPSocket
# 需要导入模块: from puresasl.client import SASLClient [as 别名]
# 或者: from puresasl.client.SASLClient import process [as 别名]
#.........这里部分代码省略.........
break
if not valid:
raise LDAPConnectionError('Server identity "{0}" does not match any cert names: {1}'.format(
self.host, ', '.join(tried)))
def sasl_init(self, mechs, **props):
"""Initialize a :class:`.puresasl.client.SASLClient`"""
self._sasl_client = SASLClient(self.host, 'ldap', **props)
self._sasl_client.choose_mechanism(mechs)
def _has_sasl_client(self):
return self._sasl_client is not None
def _require_sasl_client(self):
if not self._has_sasl_client():
raise LDAPSASLError('SASL init not complete')
@property
def sasl_qop(self):
"""Obtain the chosen quality of protection"""
self._require_sasl_client()
return self._sasl_client.qop
@property
def sasl_mech(self):
"""Obtain the chosen mechanism"""
self._require_sasl_client()
mech = self._sasl_client.mechanism
if mech is None:
raise LDAPSASLError('SASL init not complete - no mech chosen')
else:
return mech
def sasl_process_auth_challenge(self, challenge):
"""Process an auth challenge and return the correct response"""
self._require_sasl_client()
return self._sasl_client.process(challenge)
def _prep_message(self, op, obj, controls=None):
"""Prepare a message for transmission"""
mid = self._next_message_id
self._next_message_id += 1
lm = pack(mid, op, obj, controls)
raw = ber_encode(lm)
if self._has_sasl_client():
raw = self._sasl_client.wrap(raw)
return mid, raw
def send_message(self, op, obj, controls=None):
"""Create and send an LDAPMessage given an operation name and a corresponding object.
Operation names must be defined as component names in laurelin.ldap.rfc4511.ProtocolOp and
the object must be of the corresponding type.
:param str op: The protocol operation name
:param object obj: The associated protocol object (see :class:`.rfc4511.ProtocolOp` for mapping.
:param controls: Any request controls for the message
:type controls: rfc4511.Controls or None
:return: The message ID for this message
:rtype: int
"""
mid, raw = self._prep_message(op, obj, controls)
self._sock.sendall(raw)
return mid
def recv_one(self, want_message_id):