當前位置: 首頁>>代碼示例>>Python>>正文

Python kerberos.authGSSClientStep方法代碼示例

本文整理匯總了Python中kerberos.authGSSClientStep方法的典型用法代碼示例。如果您正苦於以下問題:Python kerberos.authGSSClientStep方法的具體用法?Python kerberos.authGSSClientStep怎麽用?Python kerberos.authGSSClientStep使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在kerberos的用法示例。


在下文中一共展示了kerberos.authGSSClientStep方法的12個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: challenge

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def challenge(self, challenge):
        if self.step == 0:
            ret = kerberos.authGSSClientStep(self._gss,
                                                base64.b64encode(challenge))
            if ret != kerberos.AUTH_GSS_CONTINUE:
                self.step = 1
        elif self.step == 1:
            ret = kerberos.authGSSClientUnwrap(self._gss,
                                                base64.b64encode(challenge))
            response = kerberos.authGSSClientResponse(self._gss)
            ret = kerberos.authGSSClientWrap(self._gss, response, self.username)
        response = kerberos.authGSSClientResponse(self._gss)
        if response is None:
            return Response("")
        else:
            return Response(base64.b64decode(response))
開發者ID:kuri65536,項目名稱:python-for-android,代碼行數:18,代碼來源:gssapi.py

示例2: process

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def process(self, challenge=b''):
            b64_challenge = b64encode(challenge)
            try:
                if self.step == 0:
                    result = kerberos.authGSSClientStep(self.gss, b64_challenge)
                    if result != kerberos.AUTH_GSS_CONTINUE:
                        self.step = 1
                elif not challenge:
                    kerberos.authGSSClientClean(self.gss)
                    return b''
                elif self.step == 1:
                    username = self.credentials['username']

                    kerberos.authGSSClientUnwrap(self.gss, b64_challenge)
                    resp = kerberos.authGSSClientResponse(self.gss)
                    kerberos.authGSSClientWrap(self.gss, resp, username)

                resp = kerberos.authGSSClientResponse(self.gss)
            except kerberos.GSSError as e:
                raise SASLCancelled('Kerberos error: %s' % e)
            if not resp:
                return b''
            else:
                return b64decode(resp)
開發者ID:haynieresearch,項目名稱:jarvis,代碼行數:26,代碼來源:mechanisms.py

示例3: refresh_auth

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def refresh_auth(self):
        service = "HTTP@" + self.hostname
        flags = kerberos.GSS_C_MUTUAL_FLAG | kerberos.GSS_C_SEQUENCE_FLAG
        try:
            (_, vc) = kerberos.authGSSClientInit(service, flags)
        except kerberos.GSSError as e:
            LOG.error(_LE("caught kerberos exception %r") % e)
            raise IPAAuthError(str(e))
        try:
            kerberos.authGSSClientStep(vc, "")
        except kerberos.GSSError as e:
            LOG.error(_LE("caught kerberos exception %r") % e)
            raise IPAAuthError(str(e))
        self.token = kerberos.authGSSClientResponse(vc)
開發者ID:openstack,項目名稱:designate,代碼行數:16,代碼來源:auth.py

示例4: get_auth_header

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def get_auth_header(self):
        if self.ctx:
            raise RuntimeError("Context has already been initialized")
        __, self.ctx = kerberos.authGSSClientInit(self.service, principal = self.principal)
        kerberos.authGSSClientStep(self.ctx, "")
        token = kerberos.authGSSClientResponse(self.ctx)
        return {"Authorization": "Negotiate " + token}
開發者ID:exasol,項目名稱:script-languages,代碼行數:9,代碼來源:gss.py

示例5: check_auth_header

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def check_auth_header(self, auth_header):
        if not self.ctx:
            raise RuntimeError("Invalid context: " + self.ctx)
        if not auth_header:
            raise RuntimeError("www-authenticate header is not valid: " + auth_header)
        auth_val = auth_header.split(" ", 1)
        if len(auth_val) != 2 or auth_val[0].lower() != "negotiate":
            raise RuntimeError("www-authenticate header is not valid: " + auth_header)
        kerberos.authGSSClientStep(self.ctx, auth_val[1])
        kerberos.authGSSClientClean(self.ctx)
        self.ctx = None
開發者ID:exasol,項目名稱:script-languages,代碼行數:13,代碼來源:gss.py

示例6: gssclient_token

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def gssclient_token(self):
        os.environ['KRB5_CLIENT_KTNAME'] = self.IQUOTA_KEYTAB

        service = "HTTP@" + self.IQUOTA_API_HOST

        try:
            (_, vc) = kerberos.authGSSClientInit(service)
            kerberos.authGSSClientStep(vc, "")
            return kerberos.authGSSClientResponse(vc)
        except kerberos.GSSError as e:
            raise KerberosError('error initializing GSS client')
開發者ID:ubccr,項目名稱:coldfront,代碼行數:13,代碼來源:utils.py

示例7: _create_kerberos_session

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def _create_kerberos_session(self, kerberos_service):
        try:
            import kerberos as kerb
        except ImportError as e:
            log.debug(e)
            try:
                import kerberos_sspi as kerb
            except ImportError:
                raise ImportError("No kerberos implementation available")
        __, krb_context = kerb.authGSSClientInit(kerberos_service)
        kerb.authGSSClientStep(krb_context, "")
        auth_header = ("Negotiate " + kerb.authGSSClientResponse(krb_context))
        self._update_header("Authorization", auth_header)
        response = self._session.get(self.url, verify=self.verify_ssl)
        response.raise_for_status()
開發者ID:atlassian-api,項目名稱:atlassian-python-api,代碼行數:17,代碼來源:rest_client.py

示例8: _negotiate_get_svctk

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def _negotiate_get_svctk(self, spn, authdata):
    if authdata is None:
      return None

    result, self.context = kerberos.authGSSClientInit(spn)
    if result < kerberos.AUTH_GSS_COMPLETE:
      return None

    result = kerberos.authGSSClientStep(self.context, authdata)
    if result < kerberos.AUTH_GSS_CONTINUE:
      return None

    response = kerberos.authGSSClientResponse(self.context)
    return "Negotiate %s" % response
開發者ID:GerritCodeReview,項目名稱:git-repo,代碼行數:16,代碼來源:main.py

示例9: _validate_response

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def _validate_response(self, authdata):
    if authdata is None:
      return None
    result = kerberos.authGSSClientStep(self.context, authdata)
    if result == kerberos.AUTH_GSS_COMPLETE:
      return True
    return None
開發者ID:GerritCodeReview,項目名稱:git-repo,代碼行數:9,代碼來源:main.py

示例10: pre_request

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def pre_request(self, resp):
        # TODO: convert errors to some common error class
        import kerberos

        _, context = kerberos.authGSSClientInit(
            "HTTP@%s" % resp.url.host,
            gssflags=kerberos.GSS_C_MUTUAL_FLAG | kerberos.GSS_C_SEQUENCE_FLAG,
        )
        kerberos.authGSSClientStep(context, "")
        response = kerberos.authGSSClientResponse(context)
        headers = {"Authorization": "Negotiate " + response}
        return headers, context
開發者ID:dask,項目名稱:dask-gateway,代碼行數:14,代碼來源:auth.py

示例11: post_response

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def post_response(self, resp, context):
        import kerberos

        www_auth = resp.headers.get("www-authenticate", None)
        token = None
        if www_auth:
            match = self.auth_regex.search(www_auth)
            if match:
                token = match.group(1)
        if not token:
            raise Exception("Kerberos negotiation failed")
        kerberos.authGSSClientStep(context, token)
開發者ID:dask,項目名稱:dask-gateway,代碼行數:14,代碼來源:auth.py

示例12: _get_bearer_saml_assertion_lin

# 需要導入模塊: import kerberos [as 別名]
# 或者: from kerberos import authGSSClientStep [as 別名]
def _get_bearer_saml_assertion_lin(self,
                                       request_duration=60,
                                       token_duration=600,
                                       delegatable=False,
                                       renewable=False):
        '''
        Extracts the assertion from the Bearer Token received from the Security
        Token Service using kerberos.

        @type  request_duration: C{long}
        @param request_duration: The duration for which the request is valid. If
                                 the STS receives this request after this
                                 duration, it is assumed to have expired. The
                                 duration is in seconds and the default is 60s.
        @type    token_duration: C{long}
        @param   token_duration: The duration for which the SAML token is issued
                                 for. The duration is specified in seconds and
                                 the default is 600s.
        @type       delegatable: C{boolean}
        @param      delegatable: Whether the generated token is delegatable or not
                                 The default value is False
        @type         renewable: C{boolean}
        @param        renewable: Whether the generated token is renewable or not
                                 The default value is False
        @rtype: C{str}
        @return: The SAML assertion in Unicode.
        '''
        import kerberos
        import platform
        service = 'host@%s' % platform.node()
        _, context = kerberos.authGSSClientInit(service, 0)
        challenge = ''
        # The following will keep running unless we receive a saml token or an error
        while True:
            # Call GSS step
            result = kerberos.authGSSClientStep(context, challenge)
            if result < 0:
                break
            sectoken = kerberos.authGSSClientResponse(context)
            soap_response = self._get_gss_soap_response(sectoken,
                                request_duration, token_duration, delegatable,
                                renewable)
            et = etree.fromstring(soap_response)
            try:
                # Check if we have received a challenge token from the server
                element = _extract_element(et,
                        'BinaryExchange',
                        {'ns': "http://docs.oasis-open.org/ws-sx/ws-trust/200512"})
                negotiate_token = element.text
                challenge = negotiate_token
            except KeyError:
                # Response does not contain the negotiate token.
                # It should contain SAML token then.
                saml_token = etree.tostring(
                    _extract_element(
                        et,
                        'Assertion',
                        {'saml2': "urn:oasis:names:tc:SAML:2.0:assertion"}),
                    pretty_print=False).decode(UTF_8)
                break
        return saml_token
開發者ID:vmware,項目名稱:vsphere-automation-sdk-python,代碼行數:63,代碼來源:sso.py


注:本文中的kerberos.authGSSClientStep方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。