Python twisted.cred.portal.Portal() Examples
The following are 30
code examples of twisted.cred.portal.Portal().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
twisted.cred.portal
, or try the search function
.
.
Example #1
| Source File: test_httpauth.py From learn_python3_spider with MIT License | 6 votes |
|
def setUp(self):
"""
Create a realm, portal, and L{HTTPAuthSessionWrapper} to use in the tests.
"""
self.username = b'foo bar'
self.password = b'bar baz'
self.avatarContent = b"contents of the avatar resource itself"
self.childName = b"foo-child"
self.childContent = b"contents of the foo child of the avatar"
self.checker = InMemoryUsernamePasswordDatabaseDontUse()
self.checker.addUser(self.username, self.password)
self.avatar = Data(self.avatarContent, 'text/plain')
self.avatar.putChild(
self.childName, Data(self.childContent, 'text/plain'))
self.avatars = {self.username: self.avatar}
self.realm = Realm(self.avatars.get)
self.portal = portal.Portal(self.realm, [self.checker])
self.credentialFactories = []
self.wrapper = HTTPAuthSessionWrapper(
self.portal, self.credentialFactories)
Example #2
| Source File: test_httpauth.py From python-for-android with Apache License 2.0 | 6 votes |
|
def test_anonymousAccess(self):
"""
Anonymous requests are allowed if a L{Portal} has an anonymous checker
registered.
"""
unprotectedContents = "contents of the unprotected child resource"
self.avatars[ANONYMOUS] = Resource()
self.avatars[ANONYMOUS].putChild(
self.childName, Data(unprotectedContents, 'text/plain'))
self.portal.registerChecker(AllowAnonymousAccess())
self.credentialFactories.append(BasicCredentialFactory('example.com'))
request = self.makeRequest([self.childName])
child = getChildForRequest(self.wrapper, request)
d = request.notifyFinish()
def cbFinished(ignored):
self.assertEquals(request.written, [unprotectedContents])
d.addCallback(cbFinished)
request.render(child)
return d
Example #3
| Source File: tap.py From python-for-android with Apache License 2.0 | 6 votes |
|
def makeService(config):
credCheckers = config.get('credCheckers', [])
wordsRealm = service.InMemoryWordsRealm(config['hostname'])
wordsPortal = portal.Portal(wordsRealm, credCheckers)
msvc = MultiService()
# XXX Attribute lookup on config is kind of bad - hrm.
for plgName in config.interfacePlugins:
port = config.get(plgName + '-port')
if port is not None:
factory = config.interfacePlugins[plgName].getFactory(wordsRealm, wordsPortal)
svc = strports.service(port, factory)
svc.setServiceParent(msvc)
# This is bogus. createGroup is async. makeService must be
# allowed to return a Deferred or some crap.
for g in config['groups']:
wordsRealm.createGroup(g)
return msvc
Example #4
| Source File: tap.py From learn_python3_spider with MIT License | 6 votes |
|
def makeService(config):
credCheckers = config.get('credCheckers', [])
wordsRealm = service.InMemoryWordsRealm(config['hostname'])
wordsPortal = portal.Portal(wordsRealm, credCheckers)
msvc = MultiService()
# XXX Attribute lookup on config is kind of bad - hrm.
for plgName in config.interfacePlugins:
port = config.get(plgName + '-port')
if port is not None:
factory = config.interfacePlugins[plgName].getFactory(wordsRealm, wordsPortal)
svc = strports.service(port, factory)
svc.setServiceParent(msvc)
# This is bogus. createGroup is async. makeService must be
# allowed to return a Deferred or some crap.
for g in config['groups']:
wordsRealm.createGroup(g)
return msvc
Example #5
| Source File: test_endpoints.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
|
def setupKeyChecker(self, portal, users):
"""
Create an L{ISSHPrivateKey} checker which recognizes C{users} and add it
to C{portal}.
@param portal: A L{Portal} to which to add the checker.
@type portal: L{Portal}
@param users: The users and their keys the checker will recognize. Keys
are byte strings giving user names. Values are byte strings giving
OpenSSH-formatted private keys.
@type users: L{dict}
"""
mapping = dict([(k,[Key.fromString(v).public()])
for k, v in iteritems(users)])
checker = SSHPublicKeyChecker(InMemorySSHKeyDB(mapping))
portal.registerChecker(checker)
Example #6
| Source File: test_endpoints.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
|
def setUp(self):
self.hostname = b"ssh.example.com"
self.port = 42022
self.user = b"user"
self.password = b"password"
self.reactor = MemoryReactorClock()
self.realm = TrivialRealm()
self.portal = Portal(self.realm)
self.passwdDB = InMemoryUsernamePasswordDatabaseDontUse()
self.passwdDB.addUser(self.user, self.password)
self.portal.registerChecker(self.passwdDB)
self.factory = CommandFactory()
self.factory.reactor = self.reactor
self.factory.portal = self.portal
self.factory.doStart()
self.addCleanup(self.factory.doStop)
self.clientAddress = IPv4Address("TCP", "10.0.0.1", 12345)
self.serverAddress = IPv4Address("TCP", "192.168.100.200", 54321)
Example #7
| Source File: test_httpauth.py From python-for-android with Apache License 2.0 | 6 votes |
|
def test_unexpectedLoginError(self):
"""
Any unexpected failure from L{Portal.login} results in a 500 response
code and causes the failure to be logged.
"""
class UnexpectedException(Exception):
pass
class BrokenChecker(object):
credentialInterfaces = (IUsernamePassword,)
def requestAvatarId(self, credentials):
raise UnexpectedException()
self.portal.registerChecker(BrokenChecker())
self.credentialFactories.append(BasicCredentialFactory('example.com'))
request = self.makeRequest([self.childName])
child = self._authorizedBasicLogin(request)
request.render(child)
self.assertEqual(request.responseCode, 500)
self.assertEqual(len(self.flushLoggedErrors(UnexpectedException)), 1)
Example #8
| Source File: tap.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
|
def makeService(config):
"""
Construct a service for operating a SSH server.
@param config: An L{Options} instance specifying server options, including
where server keys are stored and what authentication methods to use.
@return: A L{twisted.application.service.IService} provider which contains
the requested SSH server.
"""
t = factory.OpenSSHFactory()
r = unix.UnixSSHRealm()
t.portal = portal.Portal(r, config.get('credCheckers', []))
t.dataRoot = config['data']
t.moduliRoot = config['moduli'] or config['data']
port = config['port']
if config['interface']:
# Add warning here
port += ':interface=' + config['interface']
return strports.service(port, t)
Example #9
| Source File: ftp.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
|
def makeService(config):
f = ftp.FTPFactory()
r = ftp.FTPRealm(config['root'])
p = portal.Portal(r, config.get('credCheckers', []))
f.tld = config['root']
f.userAnonymous = config['userAnonymous']
f.portal = p
f.protocol = ftp.FTP
try:
portno = int(config['port'])
except KeyError:
portno = 2121
return internet.TCPServer(portno, f)
Example #10
| Source File: ftp.py From python-for-android with Apache License 2.0 | 6 votes |
|
def makeService(config):
f = ftp.FTPFactory()
r = ftp.FTPRealm(config['root'])
p = portal.Portal(r)
p.registerChecker(checkers.AllowAnonymousAccess(), credentials.IAnonymous)
if config['password-file'] is not None:
p.registerChecker(checkers.FilePasswordDB(config['password-file'], cache=True))
f.tld = config['root']
f.userAnonymous = config['userAnonymous']
f.portal = p
f.protocol = ftp.FTP
try:
portno = int(config['port'])
except KeyError:
portno = 2121
return internet.TCPServer(portno, f)
Example #11
| Source File: test_httpauth.py From python-for-android with Apache License 2.0 | 6 votes |
|
def setUp(self):
"""
Create a realm, portal, and L{HTTPAuthSessionWrapper} to use in the tests.
"""
self.username = 'foo bar'
self.password = 'bar baz'
self.avatarContent = "contents of the avatar resource itself"
self.childName = "foo-child"
self.childContent = "contents of the foo child of the avatar"
self.checker = InMemoryUsernamePasswordDatabaseDontUse()
self.checker.addUser(self.username, self.password)
self.avatar = Data(self.avatarContent, 'text/plain')
self.avatar.putChild(
self.childName, Data(self.childContent, 'text/plain'))
self.avatars = {self.username: self.avatar}
self.realm = Realm(self.avatars.get)
self.portal = portal.Portal(self.realm, [self.checker])
self.credentialFactories = []
self.wrapper = HTTPAuthSessionWrapper(
self.portal, self.credentialFactories)
Example #12
| Source File: mail.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
|
def addDomain(self, name, domain):
"""
Add a domain for which the service will accept email.
@type name: L{bytes}
@param name: A domain name.
@type domain: L{IDomain} provider
@param domain: A domain object.
"""
portal = Portal(domain)
map(portal.registerChecker, domain.getCredentialsCheckers())
self.domains[name] = domain
self.portals[name] = portal
if self.aliases and IAliasableDomain.providedBy(domain):
domain.setAliasGroup(self.aliases)
Example #13
| Source File: test_httpauth.py From learn_python3_spider with MIT License | 6 votes |
|
def test_anonymousAccess(self):
"""
Anonymous requests are allowed if a L{Portal} has an anonymous checker
registered.
"""
unprotectedContents = b"contents of the unprotected child resource"
self.avatars[ANONYMOUS] = Resource()
self.avatars[ANONYMOUS].putChild(
self.childName, Data(unprotectedContents, 'text/plain'))
self.portal.registerChecker(AllowAnonymousAccess())
self.credentialFactories.append(BasicCredentialFactory('example.com'))
request = self.makeRequest([self.childName])
child = getChildForRequest(self.wrapper, request)
d = request.notifyFinish()
def cbFinished(ignored):
self.assertEqual(request.written, [unprotectedContents])
d.addCallback(cbFinished)
request.render(child)
return d
Example #14
| Source File: ftp.py From learn_python3_spider with MIT License | 6 votes |
|
def makeService(config):
f = ftp.FTPFactory()
r = ftp.FTPRealm(config['root'])
p = portal.Portal(r, config.get('credCheckers', []))
f.tld = config['root']
f.userAnonymous = config['userAnonymous']
f.portal = p
f.protocol = ftp.FTP
try:
portno = int(config['port'])
except KeyError:
portno = 2121
return internet.TCPServer(portno, f)
Example #15
| Source File: test_endpoints.py From learn_python3_spider with MIT License | 6 votes |
|
def setupKeyChecker(self, portal, users):
"""
Create an L{ISSHPrivateKey} checker which recognizes C{users} and add it
to C{portal}.
@param portal: A L{Portal} to which to add the checker.
@type portal: L{Portal}
@param users: The users and their keys the checker will recognize. Keys
are byte strings giving user names. Values are byte strings giving
OpenSSH-formatted private keys.
@type users: L{dict}
"""
mapping = dict([(k,[Key.fromString(v).public()])
for k, v in iteritems(users)])
checker = SSHPublicKeyChecker(InMemorySSHKeyDB(mapping))
portal.registerChecker(checker)
Example #16
| Source File: test_pb.py From python-for-android with Apache License 2.0 | 6 votes |
|
def connectedServerAndClient():
"""
Returns a 3-tuple: (client, server, pump).
"""
clientBroker = pb.Broker()
checker = checkers.InMemoryUsernamePasswordDatabaseDontUse(guest='guest')
factory = pb.PBServerFactory(portal.Portal(DummyRealm(), [checker]))
serverBroker = factory.buildProtocol(('127.0.0.1',))
clientTransport = StringIO()
serverTransport = StringIO()
clientBroker.makeConnection(protocol.FileWrapper(clientTransport))
serverBroker.makeConnection(protocol.FileWrapper(serverTransport))
pump = IOPump(clientBroker, serverBroker, clientTransport, serverTransport)
# Challenge-response authentication:
pump.flush()
return clientBroker, serverBroker, pump
Example #17
| Source File: test_endpoints.py From learn_python3_spider with MIT License | 6 votes |
|
def setUp(self):
self.hostname = b"ssh.example.com"
self.port = 42022
self.user = b"user"
self.password = b"password"
self.reactor = MemoryReactorClock()
self.realm = TrivialRealm()
self.portal = Portal(self.realm)
self.passwdDB = InMemoryUsernamePasswordDatabaseDontUse()
self.passwdDB.addUser(self.user, self.password)
self.portal.registerChecker(self.passwdDB)
self.factory = CommandFactory()
self.factory.reactor = self.reactor
self.factory.portal = self.portal
self.factory.doStart()
self.addCleanup(self.factory.doStop)
self.clientAddress = IPv4Address("TCP", "10.0.0.1", 12345)
self.serverAddress = IPv4Address("TCP", "192.168.100.200", 54321)
Example #18
| Source File: test_httpauth.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
|
def setUp(self):
"""
Create a realm, portal, and L{HTTPAuthSessionWrapper} to use in the tests.
"""
self.username = b'foo bar'
self.password = b'bar baz'
self.avatarContent = b"contents of the avatar resource itself"
self.childName = b"foo-child"
self.childContent = b"contents of the foo child of the avatar"
self.checker = InMemoryUsernamePasswordDatabaseDontUse()
self.checker.addUser(self.username, self.password)
self.avatar = Data(self.avatarContent, 'text/plain')
self.avatar.putChild(
self.childName, Data(self.childContent, 'text/plain'))
self.avatars = {self.username: self.avatar}
self.realm = Realm(self.avatars.get)
self.portal = portal.Portal(self.realm, [self.checker])
self.credentialFactories = []
self.wrapper = HTTPAuthSessionWrapper(
self.portal, self.credentialFactories)
Example #19
| Source File: test_httpauth.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
|
def test_unexpectedLoginError(self):
"""
Any unexpected failure from L{Portal.login} results in a 500 response
code and causes the failure to be logged.
"""
class UnexpectedException(Exception):
pass
class BrokenChecker(object):
credentialInterfaces = (IUsernamePassword,)
def requestAvatarId(self, credentials):
raise UnexpectedException()
self.portal.registerChecker(BrokenChecker())
self.credentialFactories.append(BasicCredentialFactory('example.com'))
request = self.makeRequest([self.childName])
child = self._authorizedBasicLogin(request)
request.render(child)
self.assertEqual(request.responseCode, 500)
self.assertEqual(len(self.flushLoggedErrors(UnexpectedException)), 1)
Example #20
| Source File: test_httpauth.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
|
def test_anonymousAccess(self):
"""
Anonymous requests are allowed if a L{Portal} has an anonymous checker
registered.
"""
unprotectedContents = b"contents of the unprotected child resource"
self.avatars[ANONYMOUS] = Resource()
self.avatars[ANONYMOUS].putChild(
self.childName, Data(unprotectedContents, 'text/plain'))
self.portal.registerChecker(AllowAnonymousAccess())
self.credentialFactories.append(BasicCredentialFactory('example.com'))
request = self.makeRequest([self.childName])
child = getChildForRequest(self.wrapper, request)
d = request.notifyFinish()
def cbFinished(ignored):
self.assertEqual(request.written, [unprotectedContents])
d.addCallback(cbFinished)
request.render(child)
return d
Example #21
| Source File: tap.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
|
def makeService(config):
credCheckers = config.get('credCheckers', [])
wordsRealm = service.InMemoryWordsRealm(config['hostname'])
wordsPortal = portal.Portal(wordsRealm, credCheckers)
msvc = MultiService()
# XXX Attribute lookup on config is kind of bad - hrm.
for plgName in config.interfacePlugins:
port = config.get(plgName + '-port')
if port is not None:
factory = config.interfacePlugins[plgName].getFactory(wordsRealm, wordsPortal)
svc = strports.service(port, factory)
svc.setServiceParent(msvc)
# This is bogus. createGroup is async. makeService must be
# allowed to return a Deferred or some crap.
for g in config['groups']:
wordsRealm.createGroup(g)
return msvc
Example #22
| Source File: test_userauth.py From python-for-android with Apache License 2.0 | 6 votes |
|
def test_ignoreUnknownCredInterfaces(self):
"""
L{SSHUserAuthServer} sets up
C{SSHUserAuthServer.supportedAuthentications} by checking the portal's
credentials interfaces and mapping them to SSH authentication method
strings. If the Portal advertises an interface that
L{SSHUserAuthServer} can't map, it should be ignored. This is a white
box test.
"""
server = userauth.SSHUserAuthServer()
server.transport = FakeTransport(self.portal)
self.portal.registerChecker(AnonymousChecker())
server.serviceStarted()
server.serviceStopped()
server.supportedAuthentications.sort() # give a consistent order
self.assertEquals(server.supportedAuthentications,
['keyboard-interactive', 'password', 'publickey'])
Example #23
| Source File: tap.py From learn_python3_spider with MIT License | 6 votes |
|
def makeService(config):
"""
Construct a service for operating a SSH server.
@param config: An L{Options} instance specifying server options, including
where server keys are stored and what authentication methods to use.
@return: A L{twisted.application.service.IService} provider which contains
the requested SSH server.
"""
t = factory.OpenSSHFactory()
r = unix.UnixSSHRealm()
t.portal = portal.Portal(r, config.get('credCheckers', []))
t.dataRoot = config['data']
t.moduliRoot = config['moduli'] or config['data']
port = config['port']
if config['interface']:
# Add warning here
port += ':interface=' + config['interface']
return strports.service(port, t)
Example #24
| Source File: test_httpauth.py From ccs-calendarserver with Apache License 2.0 | 6 votes |
|
def setUp(self):
"""
Create a portal and add an in memory checker to it.
Then set up a protectedResource that will be wrapped in each test.
"""
self.portal = portal.Portal(TestAuthRealm())
c = checkers.InMemoryUsernamePasswordDatabaseDontUse()
c.addUser('username', 'password')
self.portal.registerChecker(c)
self.credFactory = basic.BasicCredentialFactory('test realm')
self.protectedResource = ProtectedResource()
self.protectedResource.responseText = "You shouldn't see me."
Example #25
| Source File: ssh.py From opencanary with BSD 3-Clause "New" or "Revised" License | 5 votes |
|
def getService(self):
factory = HoneyPotSSHFactory(version=self.version, logger=self.logger)
factory.canaryservice = self
factory.portal = portal.Portal(HoneyPotRealm())
rsa_pubKeyString, rsa_privKeyString = getRSAKeys()
dsa_pubKeyString, dsa_privKeyString = getDSAKeys()
factory.portal.registerChecker(HoneypotPasswordChecker(logger=factory.logger))
factory.portal.registerChecker(CanaryPublicKeyChecker(logger=factory.logger))
factory.publicKeys = {b'ssh-rsa': keys.Key.fromString(data=rsa_pubKeyString),
b'ssh-dss': keys.Key.fromString(data=dsa_pubKeyString)}
factory.privateKeys = {b'ssh-rsa': keys.Key.fromString(data=rsa_privKeyString),
b'ssh-dss': keys.Key.fromString(data=dsa_privKeyString)}
return internet.TCPServer(self.port, factory, interface=self.listen_addr)
Example #26
| Source File: test_pb.py From learn_python3_spider with MIT License | 5 votes |
|
def connectedServerAndClient(test, realm=None):
"""
Connect a client and server L{Broker} together with an L{IOPump}
@param realm: realm to use, defaulting to a L{DummyRealm}
@returns: a 3-tuple (client, server, pump).
"""
realm = realm or DummyRealm()
checker = checkers.InMemoryUsernamePasswordDatabaseDontUse(guest=b'guest')
serverFactory = pb.PBServerFactory(portal.Portal(realm, [checker]))
clientFactory = pb.PBClientFactory()
return connectServerAndClient(test, clientFactory, serverFactory)
Example #27
| Source File: test_cftp.py From learn_python3_spider with MIT License | 5 votes |
|
def startServer(self):
realm = FileTransferTestRealm(self.testDir)
p = portal.Portal(realm)
p.registerChecker(test_ssh.conchTestPublicKeyChecker())
fac = test_ssh.ConchTestServerFactory()
fac.portal = p
self.server = reactor.listenTCP(0, fac, interface="127.0.0.1")
Example #28
| Source File: test_userauth.py From learn_python3_spider with MIT License | 5 votes |
|
def test_unencryptedConnectionWithoutPasswords(self):
"""
If the L{SSHUserAuthServer} is not advertising passwords, then an
unencrypted connection should not cause any warnings or exceptions.
This is a white box test.
"""
# create a Portal without password authentication
portal = Portal(self.realm)
portal.registerChecker(PrivateKeyChecker())
# no encryption
clearAuthServer = userauth.SSHUserAuthServer()
clearAuthServer.transport = FakeTransport(portal)
clearAuthServer.transport.isEncrypted = lambda x: False
clearAuthServer.serviceStarted()
clearAuthServer.serviceStopped()
self.assertEqual(clearAuthServer.supportedAuthentications,
[b'publickey'])
# only encrypt incoming (the direction the password is sent)
halfAuthServer = userauth.SSHUserAuthServer()
halfAuthServer.transport = FakeTransport(portal)
halfAuthServer.transport.isEncrypted = lambda x: x == 'in'
halfAuthServer.serviceStarted()
halfAuthServer.serviceStopped()
self.assertEqual(clearAuthServer.supportedAuthentications,
[b'publickey'])
Example #29
| Source File: test_userauth.py From learn_python3_spider with MIT License | 5 votes |
|
def test_loopback(self):
"""
Test that the userauth server and client play nicely with each other.
"""
server = userauth.SSHUserAuthServer()
client = ClientUserAuth(b'foo', self.Factory.Service())
# set up transports
server.transport = transport.SSHTransportBase()
server.transport.service = server
server.transport.isEncrypted = lambda x: True
client.transport = transport.SSHTransportBase()
client.transport.service = client
server.transport.sessionID = client.transport.sessionID = b''
# don't send key exchange packet
server.transport.sendKexInit = client.transport.sendKexInit = \
lambda: None
# set up server authentication
server.transport.factory = self.Factory()
server.passwordDelay = 0 # remove bad password delay
realm = Realm()
portal = Portal(realm)
checker = SSHProtocolChecker()
checker.registerChecker(PasswordChecker())
checker.registerChecker(PrivateKeyChecker())
checker.areDone = lambda aId: (
len(checker.successfulCredentials[aId]) == 2)
portal.registerChecker(checker)
server.transport.factory.portal = portal
d = loopback.loopbackAsync(server.transport, client.transport)
server.transport.transport.logPrefix = lambda: '_ServerLoopback'
client.transport.transport.logPrefix = lambda: '_ClientLoopback'
server.serviceStarted()
client.serviceStarted()
def check(ignored):
self.assertEqual(server.transport.service.name, b'TestService')
return d.addCallback(check)
Example #30
| Source File: test_pb.py From learn_python3_spider with MIT License | 5 votes |
|
def setUp(self):
self.realm = TestRealm()
self.realm.perspectiveFactory = NonSubclassingPerspective
self.portal = portal.Portal(self.realm)
self.checker = checkers.InMemoryUsernamePasswordDatabaseDontUse()
self.checker.addUser(b"user", b"pass")
self.portal.registerChecker(self.checker)
self.factory = WrappingFactory(pb.PBServerFactory(self.portal))
self.port = reactor.listenTCP(0, self.factory, interface="127.0.0.1")
self.addCleanup(self.port.stopListening)
self.portno = self.port.getHost().port
