当前位置: 首页>>代码示例>>Python>>正文


Python kerberos.authGSSClientStep方法代码示例

本文整理汇总了Python中kerberos.authGSSClientStep方法的典型用法代码示例。如果您正苦于以下问题:Python kerberos.authGSSClientStep方法的具体用法?Python kerberos.authGSSClientStep怎么用?Python kerberos.authGSSClientStep使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在kerberos的用法示例。


在下文中一共展示了kerberos.authGSSClientStep方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: challenge

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def challenge(self, challenge):
        if self.step == 0:
            ret = kerberos.authGSSClientStep(self._gss,
                                                base64.b64encode(challenge))
            if ret != kerberos.AUTH_GSS_CONTINUE:
                self.step = 1
        elif self.step == 1:
            ret = kerberos.authGSSClientUnwrap(self._gss,
                                                base64.b64encode(challenge))
            response = kerberos.authGSSClientResponse(self._gss)
            ret = kerberos.authGSSClientWrap(self._gss, response, self.username)
        response = kerberos.authGSSClientResponse(self._gss)
        if response is None:
            return Response("")
        else:
            return Response(base64.b64decode(response)) 
开发者ID:kuri65536,项目名称:python-for-android,代码行数:18,代码来源:gssapi.py

示例2: process

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def process(self, challenge=b''):
            b64_challenge = b64encode(challenge)
            try:
                if self.step == 0:
                    result = kerberos.authGSSClientStep(self.gss, b64_challenge)
                    if result != kerberos.AUTH_GSS_CONTINUE:
                        self.step = 1
                elif not challenge:
                    kerberos.authGSSClientClean(self.gss)
                    return b''
                elif self.step == 1:
                    username = self.credentials['username']

                    kerberos.authGSSClientUnwrap(self.gss, b64_challenge)
                    resp = kerberos.authGSSClientResponse(self.gss)
                    kerberos.authGSSClientWrap(self.gss, resp, username)

                resp = kerberos.authGSSClientResponse(self.gss)
            except kerberos.GSSError as e:
                raise SASLCancelled('Kerberos error: %s' % e)
            if not resp:
                return b''
            else:
                return b64decode(resp) 
开发者ID:haynieresearch,项目名称:jarvis,代码行数:26,代码来源:mechanisms.py

示例3: refresh_auth

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def refresh_auth(self):
        service = "HTTP@" + self.hostname
        flags = kerberos.GSS_C_MUTUAL_FLAG | kerberos.GSS_C_SEQUENCE_FLAG
        try:
            (_, vc) = kerberos.authGSSClientInit(service, flags)
        except kerberos.GSSError as e:
            LOG.error(_LE("caught kerberos exception %r") % e)
            raise IPAAuthError(str(e))
        try:
            kerberos.authGSSClientStep(vc, "")
        except kerberos.GSSError as e:
            LOG.error(_LE("caught kerberos exception %r") % e)
            raise IPAAuthError(str(e))
        self.token = kerberos.authGSSClientResponse(vc) 
开发者ID:openstack,项目名称:designate,代码行数:16,代码来源:auth.py

示例4: get_auth_header

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def get_auth_header(self):
        if self.ctx:
            raise RuntimeError("Context has already been initialized")
        __, self.ctx = kerberos.authGSSClientInit(self.service, principal = self.principal)
        kerberos.authGSSClientStep(self.ctx, "")
        token = kerberos.authGSSClientResponse(self.ctx)
        return {"Authorization": "Negotiate " + token} 
开发者ID:exasol,项目名称:script-languages,代码行数:9,代码来源:gss.py

示例5: check_auth_header

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def check_auth_header(self, auth_header):
        if not self.ctx:
            raise RuntimeError("Invalid context: " + self.ctx)
        if not auth_header:
            raise RuntimeError("www-authenticate header is not valid: " + auth_header)
        auth_val = auth_header.split(" ", 1)
        if len(auth_val) != 2 or auth_val[0].lower() != "negotiate":
            raise RuntimeError("www-authenticate header is not valid: " + auth_header)
        kerberos.authGSSClientStep(self.ctx, auth_val[1])
        kerberos.authGSSClientClean(self.ctx)
        self.ctx = None 
开发者ID:exasol,项目名称:script-languages,代码行数:13,代码来源:gss.py

示例6: gssclient_token

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def gssclient_token(self):
        os.environ['KRB5_CLIENT_KTNAME'] = self.IQUOTA_KEYTAB

        service = "HTTP@" + self.IQUOTA_API_HOST

        try:
            (_, vc) = kerberos.authGSSClientInit(service)
            kerberos.authGSSClientStep(vc, "")
            return kerberos.authGSSClientResponse(vc)
        except kerberos.GSSError as e:
            raise KerberosError('error initializing GSS client') 
开发者ID:ubccr,项目名称:coldfront,代码行数:13,代码来源:utils.py

示例7: _create_kerberos_session

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def _create_kerberos_session(self, kerberos_service):
        try:
            import kerberos as kerb
        except ImportError as e:
            log.debug(e)
            try:
                import kerberos_sspi as kerb
            except ImportError:
                raise ImportError("No kerberos implementation available")
        __, krb_context = kerb.authGSSClientInit(kerberos_service)
        kerb.authGSSClientStep(krb_context, "")
        auth_header = ("Negotiate " + kerb.authGSSClientResponse(krb_context))
        self._update_header("Authorization", auth_header)
        response = self._session.get(self.url, verify=self.verify_ssl)
        response.raise_for_status() 
开发者ID:atlassian-api,项目名称:atlassian-python-api,代码行数:17,代码来源:rest_client.py

示例8: _negotiate_get_svctk

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def _negotiate_get_svctk(self, spn, authdata):
    if authdata is None:
      return None

    result, self.context = kerberos.authGSSClientInit(spn)
    if result < kerberos.AUTH_GSS_COMPLETE:
      return None

    result = kerberos.authGSSClientStep(self.context, authdata)
    if result < kerberos.AUTH_GSS_CONTINUE:
      return None

    response = kerberos.authGSSClientResponse(self.context)
    return "Negotiate %s" % response 
开发者ID:GerritCodeReview,项目名称:git-repo,代码行数:16,代码来源:main.py

示例9: _validate_response

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def _validate_response(self, authdata):
    if authdata is None:
      return None
    result = kerberos.authGSSClientStep(self.context, authdata)
    if result == kerberos.AUTH_GSS_COMPLETE:
      return True
    return None 
开发者ID:GerritCodeReview,项目名称:git-repo,代码行数:9,代码来源:main.py

示例10: pre_request

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def pre_request(self, resp):
        # TODO: convert errors to some common error class
        import kerberos

        _, context = kerberos.authGSSClientInit(
            "HTTP@%s" % resp.url.host,
            gssflags=kerberos.GSS_C_MUTUAL_FLAG | kerberos.GSS_C_SEQUENCE_FLAG,
        )
        kerberos.authGSSClientStep(context, "")
        response = kerberos.authGSSClientResponse(context)
        headers = {"Authorization": "Negotiate " + response}
        return headers, context 
开发者ID:dask,项目名称:dask-gateway,代码行数:14,代码来源:auth.py

示例11: post_response

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def post_response(self, resp, context):
        import kerberos

        www_auth = resp.headers.get("www-authenticate", None)
        token = None
        if www_auth:
            match = self.auth_regex.search(www_auth)
            if match:
                token = match.group(1)
        if not token:
            raise Exception("Kerberos negotiation failed")
        kerberos.authGSSClientStep(context, token) 
开发者ID:dask,项目名称:dask-gateway,代码行数:14,代码来源:auth.py

示例12: _get_bearer_saml_assertion_lin

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSClientStep [as 别名]
def _get_bearer_saml_assertion_lin(self,
                                       request_duration=60,
                                       token_duration=600,
                                       delegatable=False,
                                       renewable=False):
        '''
        Extracts the assertion from the Bearer Token received from the Security
        Token Service using kerberos.

        @type  request_duration: C{long}
        @param request_duration: The duration for which the request is valid. If
                                 the STS receives this request after this
                                 duration, it is assumed to have expired. The
                                 duration is in seconds and the default is 60s.
        @type    token_duration: C{long}
        @param   token_duration: The duration for which the SAML token is issued
                                 for. The duration is specified in seconds and
                                 the default is 600s.
        @type       delegatable: C{boolean}
        @param      delegatable: Whether the generated token is delegatable or not
                                 The default value is False
        @type         renewable: C{boolean}
        @param        renewable: Whether the generated token is renewable or not
                                 The default value is False
        @rtype: C{str}
        @return: The SAML assertion in Unicode.
        '''
        import kerberos
        import platform
        service = 'host@%s' % platform.node()
        _, context = kerberos.authGSSClientInit(service, 0)
        challenge = ''
        # The following will keep running unless we receive a saml token or an error
        while True:
            # Call GSS step
            result = kerberos.authGSSClientStep(context, challenge)
            if result < 0:
                break
            sectoken = kerberos.authGSSClientResponse(context)
            soap_response = self._get_gss_soap_response(sectoken,
                                request_duration, token_duration, delegatable,
                                renewable)
            et = etree.fromstring(soap_response)
            try:
                # Check if we have received a challenge token from the server
                element = _extract_element(et,
                        'BinaryExchange',
                        {'ns': "http://docs.oasis-open.org/ws-sx/ws-trust/200512"})
                negotiate_token = element.text
                challenge = negotiate_token
            except KeyError:
                # Response does not contain the negotiate token.
                # It should contain SAML token then.
                saml_token = etree.tostring(
                    _extract_element(
                        et,
                        'Assertion',
                        {'saml2': "urn:oasis:names:tc:SAML:2.0:assertion"}),
                    pretty_print=False).decode(UTF_8)
                break
        return saml_token 
开发者ID:vmware,项目名称:vsphere-automation-sdk-python,代码行数:63,代码来源:sso.py


注:本文中的kerberos.authGSSClientStep方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。