Commit 3e74735d authored by Julien Muchembled's avatar Julien Muchembled

Remove trailing spaces

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@39199 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent bd3ec4cc
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
############################################################################## ##############################################################################
# #
# Copyright (c) 2002 Nexedi SARL and Contributors. All Rights Reserved. # Copyright (c) 2002 Nexedi SARL and Contributors. All Rights Reserved.
# Francois-Xavier Algrain <fxalgrain@tiolive.com> # Francois-Xavier Algrain <fxalgrain@tiolive.com>
# #
# WARNING: This program as such is intended to be used by professional # WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsability of assessing all potential # programmers who take the whole responsability of assessing all potential
# consequences resulting from its eventual inadequacies and bugs # consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial # End users who are looking for a ready-to-use solution with commercial
# garantees and support are strongly adviced to contract a Free Software # garantees and support are strongly adviced to contract a Free Software
# Service Company # Service Company
# #
# This program is Free Software; you can redistribute it and/or # This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License # modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2 # as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version. # of the License, or (at your option) any later version.
# #
# This program is distributed in the hope that it will be useful, # This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of # but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details. # GNU General Public License for more details.
# #
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software # along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# #
############################################################################## ##############################################################################
from base64 import encodestring, decodestring from base64 import encodestring, decodestring
from urllib import quote, unquote from urllib import quote, unquote
...@@ -66,7 +66,7 @@ class ILoginEncryptionPlugin(Interface): ...@@ -66,7 +66,7 @@ class ILoginEncryptionPlugin(Interface):
#Form for new plugin in ZMI #Form for new plugin in ZMI
manage_addERP5KeyAuthPluginForm = PageTemplateFile( manage_addERP5KeyAuthPluginForm = PageTemplateFile(
'www/ERP5Security_addERP5KeyAuthPlugin', globals(), 'www/ERP5Security_addERP5KeyAuthPlugin', globals(),
__name__='manage_addERP5KeyAuthPluginForm') __name__='manage_addERP5KeyAuthPluginForm')
...@@ -92,17 +92,17 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -92,17 +92,17 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
<ERP5_Root>/web_page_module/1/view?__ac_key=207221200213146153166 <ERP5_Root>/web_page_module/1/view?__ac_key=207221200213146153166
where value of __ac_key contains (encrypted): where value of __ac_key contains (encrypted):
- proxied (i.e. granting user) username - proxied (i.e. granting user) username
- PAS plugin encryption key - PAS plugin encryption key
XXX: improve encrypt & decrypt part to use PAS encryption_key with a true XXX: improve encrypt & decrypt part to use PAS encryption_key with a true
python encryption library (reuse of public / private key architecture)! python encryption library (reuse of public / private key architecture)!
""" """
meta_type = "ERP5 Key Authentication" meta_type = "ERP5 Key Authentication"
login_path = 'login_form' login_path = 'login_form'
security = ClassSecurityInfo() security = ClassSecurityInfo()
block_length = 3 block_length = 3
cookie_name = "__ac_key" cookie_name = "__ac_key"
default_cookie_name = "__ac" default_cookie_name = "__ac"
...@@ -130,7 +130,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -130,7 +130,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
def __init__(self, id, title=None, encryption_key='', cookie_name='', default_cookie_name=''): def __init__(self, id, title=None, encryption_key='', cookie_name='', default_cookie_name=''):
#Check parameters #Check parameters
if cookie_name is None or cookie_name == '': if cookie_name is None or cookie_name == '':
cookie_name = id cookie_name = id
if encryption_key is None or encryption_key == '': if encryption_key is None or encryption_key == '':
encryption_key = id encryption_key = id
if "__ac_key" in [cookie_name, default_cookie_name]: if "__ac_key" in [cookie_name, default_cookie_name]:
...@@ -171,7 +171,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -171,7 +171,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
crypted_login += crypted_letter crypted_login += crypted_letter
return crypted_login return crypted_login
security.declarePrivate('decrypt') security.declarePrivate('decrypt')
def decrypt(self, crypted_login): def decrypt(self, crypted_login):
"""Decrypt string and return the login""" """Decrypt string and return the login"""
...@@ -187,7 +187,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -187,7 +187,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
for block in range(0, clogin_length, self.block_length): for block in range(0, clogin_length, self.block_length):
delta = position % key_length delta = position % key_length
crypted_letter = crypted_login[block:block + self.block_length] crypted_letter = crypted_login[block:block + self.block_length]
crypted_letter = int(crypted_letter) - self.encrypted_key[delta] crypted_letter = int(crypted_letter) - self.encrypted_key[delta]
letter = chr(crypted_letter) letter = chr(crypted_letter)
login += letter login += letter
position += 1 position += 1
...@@ -203,12 +203,12 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -203,12 +203,12 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
creds = {} creds = {}
#Search __ac_key #Search __ac_key
key = request.get('__ac_key', None) key = request.get('__ac_key', None)
if key is not None: if key is not None:
creds['key'] = key creds['key'] = key
#Save this in cookie #Save this in cookie
self.updateCredentials(request,request["RESPONSE"],None,None) self.updateCredentials(request,request["RESPONSE"],None,None)
else: else:
# Look in the request for the names coming from the login form # Look in the request for the names coming from the login form
#It's default method #It's default method
login_pw = request._authUserPW() login_pw = request._authUserPW()
...@@ -220,13 +220,13 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -220,13 +220,13 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
self.updateCredentials(request,request["RESPONSE"],name,password) self.updateCredentials(request,request["RESPONSE"],name,password)
else: else:
#search in cookies #search in cookies
cookie = request.get(self.cookie_name, None) cookie = request.get(self.cookie_name, None)
if cookie is not None: if cookie is not None:
#Cookie is found #Cookie is found
cookie_val = unquote(cookie) cookie_val = unquote(cookie)
creds['key'] = cookie_val creds['key'] = cookie_val
else: else:
#Default cookie if needed #Default cookie if needed
default_cookie = request.get(self.default_cookie_name, None) default_cookie = request.get(self.default_cookie_name, None)
if default_cookie is not None: if default_cookie is not None:
...@@ -249,7 +249,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -249,7 +249,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
LOG('ERP5KeyAuthPlugin.extractCredentials', PROBLEM, str(e)) LOG('ERP5KeyAuthPlugin.extractCredentials', PROBLEM, str(e))
return creds return creds
################################ ################################
# ICredentialsUpdatePlugin # # ICredentialsUpdatePlugin #
################################ ################################
...@@ -278,7 +278,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -278,7 +278,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
security.declarePrivate('resetCredentials') security.declarePrivate('resetCredentials')
def resetCredentials(self, request, response): def resetCredentials(self, request, response):
"""Expire cookies of authentification """ """Expire cookies of authentification """
response.expireCookie(self.cookie_name, path='/') response.expireCookie(self.cookie_name, path='/')
response.expireCookie(self.default_cookie_name, path='/') response.expireCookie(self.default_cookie_name, path='/')
...@@ -294,7 +294,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -294,7 +294,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
# Forbidden the usage of the super user. # Forbidden the usage of the super user.
if login == SUPER_USER: if login == SUPER_USER:
return None return None
#Function to allow cache #Function to allow cache
def _authenticateCredentials(login): def _authenticateCredentials(login):
if not login: if not login:
...@@ -327,12 +327,12 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -327,12 +327,12 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
continue continue
valid_assignment_list.append(assignment) valid_assignment_list.append(assignment)
# validate # validate
if len(valid_assignment_list) > 0: if len(valid_assignment_list) > 0:
return (login,login) return (login,login)
finally: finally:
setSecurityManager(sm) setSecurityManager(sm)
raise _AuthenticationFailure() raise _AuthenticationFailure()
#Cache Method for best performance #Cache Method for best performance
...@@ -342,8 +342,8 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -342,8 +342,8 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
try: try:
return _authenticateCredentials( return _authenticateCredentials(
login=login) login=login)
except _AuthenticationFailure: except _AuthenticationFailure:
return None return None
except StandardError,e: except StandardError,e:
#Log standard error #Log standard error
LOG('ERP5KeyAuthPlugin.authenticateCredentials', PROBLEM, str(e)) LOG('ERP5KeyAuthPlugin.authenticateCredentials', PROBLEM, str(e))
...@@ -354,16 +354,16 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -354,16 +354,16 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
################################ ################################
#'Edit' option form #'Edit' option form
manage_editERP5KeyAuthPluginForm = PageTemplateFile( manage_editERP5KeyAuthPluginForm = PageTemplateFile(
'www/ERP5Security_editERP5KeyAuthPlugin', 'www/ERP5Security_editERP5KeyAuthPlugin',
globals(), globals(),
__name__='manage_editERP5KeyAuthPluginForm' ) __name__='manage_editERP5KeyAuthPluginForm' )
security.declareProtected( ManageUsers, 'manage_editKeyAuthPlugin' ) security.declareProtected( ManageUsers, 'manage_editKeyAuthPlugin' )
def manage_editKeyAuthPlugin(self, encryption_key,cookie_name,default_cookie_name, RESPONSE=None): def manage_editKeyAuthPlugin(self, encryption_key,cookie_name,default_cookie_name, RESPONSE=None):
"""Edit the object""" """Edit the object"""
error_message = '' error_message = ''
#Test paramaeters #Test paramaeters
if "__ac_key" in [cookie_name, default_cookie_name]: if "__ac_key" in [cookie_name, default_cookie_name]:
raise ValueError, "Cookie name must be different of __ac_key" raise ValueError, "Cookie name must be different of __ac_key"
...@@ -374,7 +374,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper): ...@@ -374,7 +374,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
else: else:
self.encryption_key = encryption_key self.encryption_key = encryption_key
self.encrypted_key = self.transformKey(self.encryption_key); self.encrypted_key = self.transformKey(self.encryption_key);
#Save cookie name #Save cookie name
if cookie_name == '' or cookie_name is None: if cookie_name == '' or cookie_name is None:
error_message += 'Invalid cookie name ' error_message += 'Invalid cookie name '
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment