← Back to branch summary

~bzr/ubuntu/maverick/bzr-svn/bzr-ppa

« back to all changes in this revision

Viewing changes to auth.py

  • Committer: Jelmer Vernooij
  • Date: 2008-05-11 19:29:26 UTC
  • mfrom: (220.36.144 0.4)
  • Revision ID: jelmer@samba.org-20080511192926-7mh02j45r25qmzkz
Merge 0.4 branch.

Show diffs side-by-side

added added

removed removed

Lines of Context:
auth.py
17
17
 
18
18
from bzrlib.config import AuthenticationConfig
19
19
from bzrlib.ui import ui_factory
 
20
import svn.core
20
21
from svn.core import (svn_auth_cred_username_t, 
21
22
                      svn_auth_cred_simple_t,
22
23
                      svn_auth_cred_ssl_client_cert_t,
25
26
                      svn_auth_get_username_prompt_provider,
26
27
                      svn_auth_get_simple_prompt_provider,
27
28
                      svn_auth_get_ssl_server_trust_prompt_provider,
28
 
                      svn_auth_get_ssl_client_cert_pw_prompt_provider)
 
29
                      svn_auth_get_ssl_client_cert_pw_prompt_provider,
 
30
                      svn_auth_open)
 
31
import urlparse
 
32
import urllib
29
33
 
30
34
 
31
35
class SubversionAuthenticationConfig(AuthenticationConfig):
32
36
    """Simple extended version of AuthenticationConfig that can provide 
33
37
    the information Subversion requires.
34
38
    """
35
 
    def __init__(self, file=None, scheme="svn", host=None):
 
39
    def __init__(self, scheme, host, port, path, file=None):
36
40
        super(SubversionAuthenticationConfig, self).__init__(file)
37
41
        self.scheme = scheme
38
42
        self.host = host
39
 
 
 
43
        self.port = port
 
44
        self.path = path
 
45
       
40
46
    def get_svn_username(self, realm, may_save, pool=None):
41
47
        """Look up a Subversion user name in the Bazaar authentication cache.
42
48
 
43
49
        :param realm: Authentication realm (optional)
44
50
        :param may_save: Whether or not the username should be saved.
45
51
        :param pool: Allocation pool, is ignored.
 
52
        :param default: Assumed username
46
53
        """
47
54
        username_cred = svn_auth_cred_username_t()
48
55
        username_cred.username = self.get_user(self.scheme, 
49
 
                host=self.host, realm=realm)
 
56
                host=self.host, path=self.path, 
 
57
                realm=realm)
50
58
        username_cred.may_save = False
51
59
        return username_cred
52
60
 
60
68
        :param pool: Allocation pool, is ignored.
61
69
        """
62
70
        simple_cred = svn_auth_cred_simple_t()
63
 
        simple_cred.username = username or self.get_username(realm, may_save, 
64
 
                                             pool, prompt="%s password" % realm)
 
71
        simple_cred.username = self.get_user(self.scheme, 
 
72
                host=self.host, path=self.path, realm=realm) or username
65
73
        simple_cred.password = self.get_password(self.scheme, host=self.host, 
66
 
                                    user=simple_cred.username, realm=realm,
67
 
                                    prompt="%s password" % realm)
 
74
            path=self.path, user=simple_cred.username, 
 
75
            realm=realm, prompt="%s %s password" % (realm, simple_cred.username))
68
76
        simple_cred.may_save = False
69
77
        return simple_cred
70
78
 
71
79
    def get_svn_ssl_server_trust(self, realm, failures, cert_info, may_save, 
72
 
                                 pool):
 
80
                                     pool):
73
81
        """Return a Subversion auth provider that verifies SSL server trust.
74
82
 
75
83
        :param realm: Realm name (optional)
113
121
    def get_svn_ssl_server_trust_prompt_provider(self):
114
122
        """Return a Subversion auth provider for checking 
115
123
        whether a SSL server is trusted."""
116
 
        return svn_auth_get_ssl_server_trust_prompt_provider(
117
 
                    self.get_svn_ssl_server_trust)
 
124
        return svn_auth_get_ssl_server_trust_prompt_provider(self.get_svn_ssl_server_trust)
118
125
 
119
126
    def get_svn_auth_providers(self):
120
127
        """Return a list of auth providers for this authentication file.
123
130
                self.get_svn_simple_prompt_provider(1),
124
131
                self.get_svn_ssl_server_trust_prompt_provider()]
125
132
 
126
 
 
127
133
def get_ssl_client_cert_pw(realm, may_save, pool):
128
134
    """Simple SSL client certificate password prompter.
129
135
 
141
147
    return svn_auth_get_ssl_client_cert_pw_prompt_provider(
142
148
                get_ssl_client_cert_pw, tries)
143
149
 
 
150
 
 
151
def get_stock_svn_providers():
 
152
    providers = [svn.client.get_simple_provider(),
 
153
            svn.client.get_username_provider(),
 
154
            svn.client.get_ssl_client_cert_file_provider(),
 
155
            svn.client.get_ssl_client_cert_pw_file_provider(),
 
156
            svn.client.get_ssl_server_trust_file_provider(),
 
157
            ]
 
158
 
 
159
    if hasattr(svn.client, 'get_windows_simple_provider'):
 
160
        providers.append(svn.client.get_windows_simple_provider())
 
161
 
 
162
    if hasattr(svn.client, 'get_keychain_simple_provider'):
 
163
        providers.append(svn.client.get_keychain_simple_provider())
 
164
 
 
165
    if hasattr(svn.client, 'get_windows_ssl_server_trust_provider'):
 
166
        providers.append(svn.client.get_windows_ssl_server_trust_provider())
 
167
 
 
168
    return providers
 
169
 
 
170
 
 
171
def create_auth_baton(url):
 
172
    """Create an authentication baton for the specified URL."""
 
173
    assert isinstance(url, str)
 
174
    (scheme, netloc, path, _, _) = urlparse.urlsplit(url)
 
175
    (creds, host) = urllib.splituser(netloc)
 
176
    (host, port) = urllib.splitport(host)
 
177
 
 
178
    auth_config = SubversionAuthenticationConfig(scheme, host, port, path)
 
179
 
 
180
    # Specify Subversion providers first, because they use file data
 
181
    # rather than prompting the user.
 
182
    providers = get_stock_svn_providers()
 
183
 
 
184
    if svn.core.SVN_VER_MAJOR == 1 and svn.core.SVN_VER_MINOR >= 5:
 
185
        providers += auth_config.get_svn_auth_providers()
 
186
        providers += [get_ssl_client_cert_pw_provider(1)]
 
187
 
 
188
    auth_baton = svn.core.svn_auth_open(providers)
 
189
    if creds is not None:
 
190
        (auth_baton.user, auth_baton.password) = urllib.splitpasswd(creds)
 
191
        if auth_baton.user is not None:
 
192
            svn.core.svn_auth_set_parameter(auth_baton, 
 
193
                svn.core.SVN_AUTH_PARAM_DEFAULT_USERNAME, auth_baton.user)
 
194
        if auth_baton.password is not None:
 
195
            svn.core.svn_auth_set_parameter(auth_baton, 
 
196
                svn.core.SVN_AUTH_PARAM_DEFAULT_PASSWORD, auth_baton.password)
 
197
    return auth_baton