本文整理汇总了Python中gssapi.SecurityContext方法的典型用法代码示例。如果您正苦于以下问题:Python gssapi.SecurityContext方法的具体用法?Python gssapi.SecurityContext怎么用?Python gssapi.SecurityContext使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类gssapi的用法示例。
在下文中一共展示了gssapi.SecurityContext方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: authenticator_gssapi
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def authenticator_gssapi(self):
name = gssapi.Name(self._principal,
name_type=gssapi.NameType.hostbased_service)
cname = name.canonicalize(gssapi.MechType.kerberos)
client_ctx = gssapi.SecurityContext(name=cname, usage='initiate')
server_token = None
while not client_ctx.complete:
client_token = client_ctx.step(server_token)
client_token = client_token or b''
server_token = yield client_token, True
msg = client_ctx.unwrap(server_token).message
qop = struct.pack('b', SASL_QOP_AUTH & msg[0])
msg = qop + msg[1:]
msg = client_ctx.wrap(msg + self._principal.encode(), False).message
yield (msg, False) 示例2: get
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def get(self, path):
""" Perform a GET request with GSSAPI authentication """
# Generate token
service_name = gssapi.Name('HTTP@{0}'.format(self.url.netloc),
gssapi.NameType.hostbased_service)
ctx = gssapi.SecurityContext(usage="initiate", name=service_name)
data = b64encode(ctx.step()).decode()
# Make the connection
connection = http.client.HTTPSConnection(self.url.netloc, 443)
log.debug("GET {0}".format(path))
connection.putrequest("GET", path)
connection.putheader("Authorization", "Negotiate {0}".format(data))
connection.putheader("Referer", self.url_string)
connection.endheaders()
# Perform the request, convert response into lines
response = connection.getresponse()
if response.status != 200:
raise ReportError(
"Failed to fetch tickets: {0}".format(response.status))
lines = response.read().decode("utf8").strip().split("\n")[1:]
log.debug("Tickets fetched:")
log.debug(pretty(lines))
return lines 示例3: test_authenticate_server
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_authenticate_server(self):
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fake_resp):
response_ok = requests.Response()
response_ok.url = "http://www.example.org/"
response_ok.status_code = 200
response_ok.headers = {
'www-authenticate': b64_negotiate_server,
'authorization': b64_negotiate_response}
auth = requests_gssapi.HTTPKerberosAuth()
auth.context = {"www.example.org": gssapi.SecurityContext}
result = auth.authenticate_server(response_ok)
self.assertTrue(result)
fake_resp.assert_called_with(b"servertoken") 示例4: test_handle_other
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_handle_other(self):
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fake_resp):
response_ok = requests.Response()
response_ok.url = "http://www.example.org/"
response_ok.status_code = 200
response_ok.headers = {
'www-authenticate': b64_negotiate_server,
'authorization': b64_negotiate_response}
auth = requests_gssapi.HTTPKerberosAuth(
mutual_authentication=REQUIRED)
auth.context = {"www.example.org": gssapi.SecurityContext}
r = auth.handle_other(response_ok)
self.assertEqual(r, response_ok)
fake_resp.assert_called_with(b"servertoken") 示例5: test_handle_response_200
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_handle_response_200(self):
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fake_resp):
response_ok = requests.Response()
response_ok.url = "http://www.example.org/"
response_ok.status_code = 200
response_ok.headers = {
'www-authenticate': b64_negotiate_server,
'authorization': b64_negotiate_response}
auth = requests_gssapi.HTTPKerberosAuth(
mutual_authentication=REQUIRED)
auth.context = {"www.example.org": gssapi.SecurityContext}
r = auth.handle_response(response_ok)
self.assertEqual(r, response_ok)
fake_resp.assert_called_with(b"servertoken") 示例6: test_handle_response_200_mutual_auth_required_failure
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_handle_response_200_mutual_auth_required_failure(self):
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fake_resp):
response_ok = requests.Response()
response_ok.url = "http://www.example.org/"
response_ok.status_code = 200
response_ok.headers = {}
auth = requests_gssapi.HTTPKerberosAuth(
mutual_authentication=REQUIRED)
auth.context = {"www.example.org": "CTX"}
self.assertRaises(requests_gssapi.MutualAuthenticationError,
auth.handle_response, response_ok)
self.assertFalse(fake_resp.called) 示例7: test_handle_response_200_mutual_auth_optional_hard_failure
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_handle_response_200_mutual_auth_optional_hard_failure(self):
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fail_resp):
response_ok = requests.Response()
response_ok.url = "http://www.example.org/"
response_ok.status_code = 200
response_ok.headers = {
'www-authenticate': b64_negotiate_server,
'authorization': b64_negotiate_response}
auth = requests_gssapi.HTTPKerberosAuth(
requests_gssapi.OPTIONAL)
auth.context = {"www.example.org": gssapi.SecurityContext}
self.assertRaises(requests_gssapi.MutualAuthenticationError,
auth.handle_response, response_ok)
fail_resp.assert_called_with(b"servertoken") 示例8: test_handle_response_200_mutual_auth_optional_soft_failure
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_handle_response_200_mutual_auth_optional_soft_failure(self):
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fake_resp):
response_ok = requests.Response()
response_ok.url = "http://www.example.org/"
response_ok.status_code = 200
auth = requests_gssapi.HTTPKerberosAuth(
requests_gssapi.OPTIONAL)
auth.context = {"www.example.org": gssapi.SecurityContext}
r = auth.handle_response(response_ok)
self.assertEqual(r, response_ok)
self.assertFalse(fake_resp.called) 示例9: test_handle_response_500_mutual_auth_optional_failure
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_handle_response_500_mutual_auth_optional_failure(self):
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fail_resp):
response_500 = requests.Response()
response_500.url = "http://www.example.org/"
response_500.status_code = 500
response_500.headers = {}
response_500.request = "REQUEST"
response_500.connection = "CONNECTION"
response_500._content = "CONTENT"
response_500.encoding = "ENCODING"
response_500.raw = "RAW"
response_500.cookies = "COOKIES"
auth = requests_gssapi.HTTPKerberosAuth(
requests_gssapi.OPTIONAL)
auth.context = {"www.example.org": "CTX"}
r = auth.handle_response(response_500)
self.assertEqual(r, response_500)
self.assertFalse(fail_resp.called) 示例10: test_principal_override
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_principal_override(self):
with patch.multiple("gssapi.Credentials", __new__=fake_creds), \
patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fake_resp):
response = requests.Response()
response.url = "http://www.example.org/"
response.headers = {'www-authenticate': b64_negotiate_token}
host = urlparse(response.url).hostname
auth = requests_gssapi.HTTPKerberosAuth(principal="user@REALM")
auth.generate_request_header(response, host)
fake_creds.assert_called_with(gssapi.creds.Credentials,
usage="initiate",
name=gssapi_name("user@REALM"))
fake_init.assert_called_with(
name=gssapi_name("HTTP@www.example.org"),
usage="initiate", flags=gssflags,
creds=b"fake creds", mech=None) 示例11: test_explicit_mech
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_explicit_mech(self):
with patch.multiple("gssapi.Credentials", __new__=fake_creds), \
patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fake_resp):
response = requests.Response()
response.url = "http://www.example.org/"
response.headers = {'www-authenticate': b64_negotiate_token}
host = urlparse(response.url).hostname
fake_mech = b'fake mech'
auth = requests_gssapi.HTTPSPNEGOAuth(mech=fake_mech)
auth.generate_request_header(response, host)
fake_init.assert_called_with(
name=gssapi_name("HTTP@www.example.org"),
usage="initiate", flags=gssflags,
creds=None, mech=b'fake mech')
fake_resp.assert_called_with(b"token") 示例12: __init__
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def __init__(self, username, password, server):
log.info("Setting up GSSAPI Security Context for Kerberos auth")
self.creds = self._acquire_creds(username, password)
server_spn = "cifs@%s" % server
log.debug("GSSAPI Server SPN Target: %s" % server_spn)
server_name = gssapi.Name(base=server_spn,
name_type=gssapi.NameType.hostbased_service)
self.context = gssapi.SecurityContext(name=server_name,
creds=self.creds,
usage='initiate') 示例13: negotiate
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def negotiate(self):
self.client_ctx = gssapi.SecurityContext(name=self.server_name, usage='initiate',
flags=self.flags)
token = b''
while not self.client_ctx.complete:
log.debug('Doing step')
token = self.client_ctx.step(token)
self._inner.write(token)
if not self.client_ctx.complete:
token = self._inner.read()
else:
log.debug('GSSAPI Handshake done') 示例14: test_force_preemptive
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_force_preemptive(self):
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fake_resp):
auth = requests_gssapi.HTTPKerberosAuth(force_preemptive=True)
request = requests.Request(url="http://www.example.org")
auth.__call__(request)
self.assertTrue('Authorization' in request.headers)
self.assertEqual(request.headers.get('Authorization'),
b64_negotiate_response) 示例15: test_no_force_preemptive
# 需要导入模块: import gssapi [as 别名]
# 或者: from gssapi import SecurityContext [as 别名]
def test_no_force_preemptive(self):
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
step=fake_resp):
auth = requests_gssapi.HTTPKerberosAuth()
request = requests.Request(url="http://www.example.org")
auth.__call__(request)
self.assertTrue('Authorization' not in request.headers)