當前位置: 首頁>>代碼示例>>Python>>正文


Python gssapi.Credentials方法代碼示例

本文整理匯總了Python中gssapi.Credentials方法的典型用法代碼示例。如果您正苦於以下問題:Python gssapi.Credentials方法的具體用法?Python gssapi.Credentials怎麽用?Python gssapi.Credentials使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在gssapi的用法示例。


在下文中一共展示了gssapi.Credentials方法的7個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: test_principal_override

# 需要導入模塊: import gssapi [as 別名]
# 或者: from gssapi import Credentials [as 別名]
def test_principal_override(self):
        with patch.multiple("gssapi.Credentials", __new__=fake_creds), \
             patch.multiple("gssapi.SecurityContext", __init__=fake_init,
                            step=fake_resp):
            response = requests.Response()
            response.url = "http://www.example.org/"
            response.headers = {'www-authenticate': b64_negotiate_token}
            host = urlparse(response.url).hostname
            auth = requests_gssapi.HTTPKerberosAuth(principal="user@REALM")
            auth.generate_request_header(response, host)
            fake_creds.assert_called_with(gssapi.creds.Credentials,
                                          usage="initiate",
                                          name=gssapi_name("user@REALM"))
            fake_init.assert_called_with(
                name=gssapi_name("HTTP@www.example.org"),
                usage="initiate", flags=gssflags,
                creds=b"fake creds", mech=None) 
開發者ID:pythongssapi,項目名稱:requests-gssapi,代碼行數:19,代碼來源:test_requests_gssapi.py

示例2: test_explicit_creds

# 需要導入模塊: import gssapi [as 別名]
# 或者: from gssapi import Credentials [as 別名]
def test_explicit_creds(self):
        with patch.multiple("gssapi.Credentials", __new__=fake_creds), \
             patch.multiple("gssapi.SecurityContext", __init__=fake_init,
                            step=fake_resp):
            response = requests.Response()
            response.url = "http://www.example.org/"
            response.headers = {'www-authenticate': b64_negotiate_token}
            host = urlparse(response.url).hostname
            creds = gssapi.Credentials()
            auth = requests_gssapi.HTTPSPNEGOAuth(creds=creds)
            auth.generate_request_header(response, host)
            fake_init.assert_called_with(
                name=gssapi_name("HTTP@www.example.org"),
                usage="initiate", flags=gssflags,
                creds=b"fake creds", mech=None)
            fake_resp.assert_called_with(b"token") 
開發者ID:pythongssapi,項目名稱:requests-gssapi,代碼行數:18,代碼來源:test_requests_gssapi.py

示例3: test_explicit_mech

# 需要導入模塊: import gssapi [as 別名]
# 或者: from gssapi import Credentials [as 別名]
def test_explicit_mech(self):
        with patch.multiple("gssapi.Credentials", __new__=fake_creds), \
             patch.multiple("gssapi.SecurityContext", __init__=fake_init,
                            step=fake_resp):
            response = requests.Response()
            response.url = "http://www.example.org/"
            response.headers = {'www-authenticate': b64_negotiate_token}
            host = urlparse(response.url).hostname
            fake_mech = b'fake mech'
            auth = requests_gssapi.HTTPSPNEGOAuth(mech=fake_mech)
            auth.generate_request_header(response, host)
            fake_init.assert_called_with(
                name=gssapi_name("HTTP@www.example.org"),
                usage="initiate", flags=gssflags,
                creds=None, mech=b'fake mech')
            fake_resp.assert_called_with(b"token") 
開發者ID:pythongssapi,項目名稱:requests-gssapi,代碼行數:18,代碼來源:test_requests_gssapi.py

示例4: _get_kerberos_principal

# 需要導入模塊: import gssapi [as 別名]
# 或者: from gssapi import Credentials [as 別名]
def _get_kerberos_principal():
    """
    Use gssapi to get the current kerberos principal.
    This will be used as the requester for some tools when creating tickets.
    :return: The kerberos principal.
    """
    try:
        return str(gssapi.Credentials(usage='initiate').name).lower()
    except gssapi.raw.misc.GSSError:
        return None 
開發者ID:dmranck,項目名稱:ticketutil,代碼行數:12,代碼來源:ticket.py

示例5: generate_request_header

# 需要導入模塊: import gssapi [as 別名]
# 或者: from gssapi import Credentials [as 別名]
def generate_request_header(self, response, host, is_preemptive=False):
        # This method needs to be shimmed because `host` isn't exposed to
        # __init__() and we need to derive things from it.  Also, __init__()
        # can't fail, in the strictest compatability sense.
        try:
            if self.principal is not None:
                gss_stage = "acquiring credentials"
                name = gssapi.Name(
                    self.principal, gssapi.NameType.hostbased_service)
                self.creds = gssapi.Credentials(name=name, usage="initiate")

            # contexts still need to be stored by host, but hostname_override
            # allows use of an arbitrary hostname for the GSSAPI exchange (eg,
            # in cases of aliased hosts, internal vs external, CNAMEs w/
            # name-based HTTP hosting)
            if self.service is not None:
                gss_stage = "initiating context"
                kerb_host = host
                if self.hostname_override:
                    kerb_host = self.hostname_override

                kerb_spn = "{0}@{1}".format(self.service, kerb_host)
                self.target_name = gssapi.Name(
                    kerb_spn, gssapi.NameType.hostbased_service)

            return HTTPSPNEGOAuth.generate_request_header(self, response,
                                                          host, is_preemptive)
        except gssapi.exceptions.GSSError as error:
            msg = error.gen_message()
            log.exception(
                "generate_request_header(): {0} failed:".format(gss_stage))
            log.exception(msg)
            raise SPNEGOExchangeError("%s failed: %s" % (gss_stage, msg)) 
開發者ID:pythongssapi,項目名稱:requests-gssapi,代碼行數:35,代碼來源:compat.py

示例6: _acquire_creds

# 需要導入模塊: import gssapi [as 別名]
# 或者: from gssapi import Credentials [as 別名]
def _acquire_creds(self, username, password):
        # 3 use cases with Kerberos Auth
        #   1. Both the user and pass is supplied so we want to create a new
        #      ticket with the pass
        #   2. Only the user is supplied so we will attempt to get the cred
        #      from the existing store
        #   3. The user is not supplied so we will attempt to get the default
        #      cred from the existing store
        log.info("GSSAPI: Acquiring credentials handle")
        if username and password:
            log.debug("GSSAPI: Acquiring credentials handle for user %s with "
                      "password" % username)
            user = gssapi.Name(base=username,
                               name_type=gssapi.NameType.user)
            bpass = password.encode('utf-8')
            try:
                creds = gssapi.raw.acquire_cred_with_password(user, bpass,
                                                              usage='initiate')
            except AttributeError:
                raise SMBAuthenticationError("Cannot get GSSAPI credential "
                                             "with password as the necessary "
                                             "GSSAPI extensions are not "
                                             "available")
            except gssapi.exceptions.GSSError as er:
                raise SMBAuthenticationError("Failed to acquire GSSAPI "
                                             "credential with password: %s"
                                             % str(er))
            # acquire_cred_with_password returns a wrapper, we want the creds
            # object inside this wrapper
            creds = creds.creds
        elif username:
            log.debug("GSSAPI: Acquiring credentials handle for user %s from "
                      "existing cache" % username)
            user = gssapi.Name(base=username,
                               name_type=gssapi.NameType.user)

            try:
                creds = gssapi.Credentials(name=user, usage='initiate')
            except gssapi.exceptions.MissingCredentialsError as er:
                raise SMBAuthenticationError("Failed to acquire GSSAPI "
                                             "credential for user %s from the "
                                             "exisiting cache: %s"
                                             % (str(user), str(er)))
        else:
            log.debug("GSSAPI: Acquiring credentials handle for default user "
                      "in cache")
            try:
                creds = gssapi.Credentials(name=None, usage='initiate')
            except gssapi.exceptions.GSSError as er:
                raise SMBAuthenticationError("Failed to acquire default "
                                             "GSSAPI credential from the "
                                             "existing cache: %s" % str(er))
            user = creds.name

        log.info("GSSAPI: Acquired credentials for user %s" % str(user))
        return creds 
開發者ID:jborean93,項目名稱:smbprotocol,代碼行數:58,代碼來源:session.py

示例7: _get_security_context

# 需要導入模塊: import gssapi [as 別名]
# 或者: from gssapi import Credentials [as 別名]
def _get_security_context(name_type, mech, spn, username, password,
                              delegate, wrap_required, channel_bindings=None):
        if username is not None:
            username = gssapi.Name(base=username, name_type=name_type)

        server_name = gssapi.Name(spn,
                                  name_type=gssapi.NameType.hostbased_service)

        # first try and get the cred from the existing cache, if that fails
        # then get a new ticket with the password (if specified). The cache
        # can only be used for Kerberos, NTLM/SPNEGO must have acquire the
        # cred with a pass
        cred = None
        kerb_oid = GSSAPIContext._AUTH_PROVIDERS['kerberos']
        kerb_mech = gssapi.OID.from_int_seq(kerb_oid)
        if mech == kerb_mech:
            try:
                cred = gssapi.Credentials(name=username, usage='initiate',
                                          mechs=[mech])
                # raises ExpiredCredentialsError if it has expired
                cred.lifetime
            except gssapi.raw.GSSError:
                # we can't acquire the cred if no password was supplied
                if password is None:
                    raise
                cred = None
        elif username is None or password is None:
            raise ValueError("Can only use implicit credentials with kerberos "
                             "authentication")

        if cred is None:
            # error when trying to access the existing cache, get our own
            # credentials with the password specified
            b_password = to_bytes(password)
            cred = gssapi.raw.acquire_cred_with_password(username, b_password,
                                                         usage='initiate',
                                                         mechs=[mech])
            cred = cred.creds

        flags = gssapi.RequirementFlag.mutual_authentication | \
            gssapi.RequirementFlag.out_of_sequence_detection
        if delegate:
            flags |= gssapi.RequirementFlag.delegate_to_peer
        if wrap_required:
            flags |= gssapi.RequirementFlag.confidentiality

        context = gssapi.SecurityContext(name=server_name,
                                         creds=cred,
                                         usage='initiate',
                                         mech=mech,
                                         flags=flags,
                                         channel_bindings=channel_bindings)

        return context 
開發者ID:jborean93,項目名稱:pypsrp,代碼行數:56,代碼來源:spnego.py


注:本文中的gssapi.Credentials方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。