Skip to content

Commit c7804fa

Browse files
frozencemeteryfrozencemetery
committed
Make shim into its own wrapper subclass
Signed-off-by: Robbie Harwood <[email protected]>
1 parent 5d0e8fa commit c7804fa

File tree

3 files changed

+51
-30
lines changed

3 files changed

+51
-30
lines changed

requests_gssapi/__init__.py

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -14,15 +14,12 @@
1414
"""
1515
import logging
1616

17-
from .gssapi_ import HTTPSPNEGOAuth, REQUIRED, OPTIONAL, DISABLED
17+
from .gssapi_ import HTTPSPNEGOAuth, REQUIRED, OPTIONAL, DISABLED # noqa
1818
from .exceptions import MutualAuthenticationError
19-
from .compat import NullHandler
19+
from .compat import NullHandler, HTTPKerberosAuth
2020

2121
logging.getLogger(__name__).addHandler(NullHandler())
2222

23-
""" Deprecated compatability shim """
24-
HTTPKerberosAuth = HTTPSPNEGOAuth
25-
26-
__all__ = ('HTTPKerberosAuth', 'HTTPSNPEGOAuth', 'MutualAuthenticationError',
23+
__all__ = ('HTTPSPNEGOAuth', 'HTTPKerberosAuth', 'MutualAuthenticationError',
2724
'REQUIRED', 'OPTIONAL', 'DISABLED')
2825
__version__ = '0.11.0'

requests_gssapi/compat.py

Lines changed: 25 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,10 @@
11
"""
2-
Compatibility library for older versions of python
2+
Compatibility library for older versions of python and requests_kerberos
33
"""
44
import sys
55

6+
from .gssapi_ import REQUIRED, HTTPSPNEGOAuth # noqa
7+
68
# python 2.7 introduced a NullHandler which we want to use, but to support
79
# older versions, we implement our own if needed.
810
if sys.version_info[:2] > (2, 6):
@@ -13,3 +15,25 @@
1315
class NullHandler(Handler):
1416
def emit(self, record):
1517
pass
18+
19+
20+
class HTTPKerberosAuth(HTTPSPNEGOAuth):
21+
"""Deprecated compat shim; see HTTPSPNEGOAuth instead."""
22+
def __init__(self, mutual_authentication=REQUIRED, service="HTTP",
23+
delegate=False, force_preemptive=False, principal=None,
24+
hostname_override=None, sanitize_mutual_error_response=True):
25+
HTTPSPNEGOAuth.__init__(
26+
self,
27+
mutual_authentication=mutual_authentication,
28+
service=service,
29+
delegate=delegate,
30+
force_preemptive=force_preemptive,
31+
principal=principal,
32+
hostname_override=hostname_override,
33+
sanitize_mutual_error_response=sanitize_mutual_error_response)
34+
35+
def generate_request_header(self, response, host, is_preemptive=False):
36+
# This method needs to be shimmed because `host` isn't exposed to
37+
# __init__() and we need to derive things from it
38+
return HTTPSPNEGOAuth.generate_request_header(self, response, host,
39+
is_preemptive)

test_requests_gssapi.py

Lines changed: 23 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ def test_negotate_value_extraction_none(self):
5959
def test_force_preemptive(self):
6060
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
6161
step=fake_resp):
62-
auth = requests_gssapi.HTTPSPNEGOAuth(force_preemptive=True)
62+
auth = requests_gssapi.HTTPKerberosAuth(force_preemptive=True)
6363

6464
request = requests.Request(url="http://www.example.org")
6565

@@ -72,7 +72,7 @@ def test_force_preemptive(self):
7272
def test_no_force_preemptive(self):
7373
with patch.multiple("gssapi.SecurityContext", __init__=fake_init,
7474
step=fake_resp):
75-
auth = requests_gssapi.HTTPSPNEGOAuth()
75+
auth = requests_gssapi.HTTPKerberosAuth()
7676

7777
request = requests.Request(url="http://www.example.org")
7878

@@ -87,7 +87,7 @@ def test_generate_request_header(self):
8787
response.url = "http://www.example.org/"
8888
response.headers = {'www-authenticate': 'negotiate token'}
8989
host = urlparse(response.url).hostname
90-
auth = requests_gssapi.HTTPSPNEGOAuth()
90+
auth = requests_gssapi.HTTPKerberosAuth()
9191
self.assertEqual(
9292
auth.generate_request_header(response, host),
9393
"Negotiate GSSRESPONSE")
@@ -103,7 +103,7 @@ def test_generate_request_header_init_error(self):
103103
response.url = "http://www.example.org/"
104104
response.headers = {'www-authenticate': 'negotiate token'}
105105
host = urlparse(response.url).hostname
106-
auth = requests_gssapi.HTTPSPNEGOAuth()
106+
auth = requests_gssapi.HTTPKerberosAuth()
107107
self.assertRaises(requests_gssapi.exceptions.SPNEGOExchangeError,
108108
auth.generate_request_header, response, host)
109109
fake_init.assert_called_with(
@@ -117,7 +117,7 @@ def test_generate_request_header_step_error(self):
117117
response.url = "http://www.example.org/"
118118
response.headers = {'www-authenticate': 'negotiate token'}
119119
host = urlparse(response.url).hostname
120-
auth = requests_gssapi.HTTPSPNEGOAuth()
120+
auth = requests_gssapi.HTTPKerberosAuth()
121121
self.assertRaises(requests_gssapi.exceptions.SPNEGOExchangeError,
122122
auth.generate_request_header, response, host)
123123
fake_init.assert_called_with(
@@ -148,7 +148,7 @@ def test_authenticate_user(self):
148148
response.connection = connection
149149
response._content = ""
150150
response.raw = raw
151-
auth = requests_gssapi.HTTPSPNEGOAuth()
151+
auth = requests_gssapi.HTTPKerberosAuth()
152152
r = auth.authenticate_user(response)
153153

154154
self.assertTrue(response in r.history)
@@ -185,7 +185,7 @@ def test_handle_401(self):
185185
response.connection = connection
186186
response._content = ""
187187
response.raw = raw
188-
auth = requests_gssapi.HTTPSPNEGOAuth()
188+
auth = requests_gssapi.HTTPKerberosAuth()
189189
r = auth.handle_401(response)
190190

191191
self.assertTrue(response in r.history)
@@ -209,7 +209,7 @@ def test_authenticate_server(self):
209209
'www-authenticate': 'negotiate servertoken',
210210
'authorization': 'Negotiate GSSRESPONSE'}
211211

212-
auth = requests_gssapi.HTTPSPNEGOAuth()
212+
auth = requests_gssapi.HTTPKerberosAuth()
213213
auth.context = {"www.example.org": gssapi.SecurityContext}
214214
result = auth.authenticate_server(response_ok)
215215

@@ -226,7 +226,7 @@ def test_handle_other(self):
226226
'www-authenticate': 'negotiate servertoken',
227227
'authorization': 'Negotiate GSSRESPONSE'}
228228

229-
auth = requests_gssapi.HTTPSPNEGOAuth()
229+
auth = requests_gssapi.HTTPKerberosAuth()
230230
auth.context = {"www.example.org": gssapi.SecurityContext}
231231

232232
r = auth.handle_other(response_ok)
@@ -244,7 +244,7 @@ def test_handle_response_200(self):
244244
'www-authenticate': 'negotiate servertoken',
245245
'authorization': 'Negotiate GSSRESPONSE'}
246246

247-
auth = requests_gssapi.HTTPSPNEGOAuth()
247+
auth = requests_gssapi.HTTPKerberosAuth()
248248
auth.context = {"www.example.org": gssapi.SecurityContext}
249249

250250
r = auth.handle_response(response_ok)
@@ -261,7 +261,7 @@ def test_handle_response_200_mutual_auth_required_failure(self):
261261
response_ok.status_code = 200
262262
response_ok.headers = {}
263263

264-
auth = requests_gssapi.HTTPSPNEGOAuth()
264+
auth = requests_gssapi.HTTPKerberosAuth()
265265
auth.context = {"www.example.org": "CTX"}
266266

267267
self.assertRaises(requests_gssapi.MutualAuthenticationError,
@@ -279,7 +279,7 @@ def test_handle_response_200_mutual_auth_required_failure_2(self):
279279
'www-authenticate': 'negotiate servertoken',
280280
'authorization': 'Negotiate GSSRESPONSE'}
281281

282-
auth = requests_gssapi.HTTPSPNEGOAuth()
282+
auth = requests_gssapi.HTTPKerberosAuth()
283283
auth.context = {"www.example.org": gssapi.SecurityContext}
284284

285285
self.assertRaises(requests_gssapi.MutualAuthenticationError,
@@ -297,7 +297,7 @@ def test_handle_response_200_mutual_auth_optional_hard_failure(self):
297297
'www-authenticate': 'negotiate servertoken',
298298
'authorization': 'Negotiate GSSRESPONSE'}
299299

300-
auth = requests_gssapi.HTTPSPNEGOAuth(
300+
auth = requests_gssapi.HTTPKerberosAuth(
301301
requests_gssapi.OPTIONAL)
302302
auth.context = {"www.example.org": gssapi.SecurityContext}
303303

@@ -313,7 +313,7 @@ def test_handle_response_200_mutual_auth_optional_soft_failure(self):
313313
response_ok.url = "http://www.example.org/"
314314
response_ok.status_code = 200
315315

316-
auth = requests_gssapi.HTTPSPNEGOAuth(
316+
auth = requests_gssapi.HTTPKerberosAuth(
317317
requests_gssapi.OPTIONAL)
318318
auth.context = {"www.example.org": gssapi.SecurityContext}
319319

@@ -337,7 +337,7 @@ def test_handle_response_500_mutual_auth_required_failure(self):
337337
response_500.raw = "RAW"
338338
response_500.cookies = "COOKIES"
339339

340-
auth = requests_gssapi.HTTPSPNEGOAuth()
340+
auth = requests_gssapi.HTTPKerberosAuth()
341341
auth.context = {"www.example.org": "CTX"}
342342

343343
r = auth.handle_response(response_500)
@@ -358,7 +358,7 @@ def test_handle_response_500_mutual_auth_required_failure(self):
358358
self.assertFalse(fail_resp.called)
359359

360360
# re-test with error response sanitizing disabled
361-
auth = requests_gssapi.HTTPSPNEGOAuth(
361+
auth = requests_gssapi.HTTPKerberosAuth(
362362
sanitize_mutual_error_response=False)
363363
auth.context = {"www.example.org": "CTX"}
364364

@@ -381,7 +381,7 @@ def test_handle_response_500_mutual_auth_optional_failure(self):
381381
response_500.raw = "RAW"
382382
response_500.cookies = "COOKIES"
383383

384-
auth = requests_gssapi.HTTPSPNEGOAuth(
384+
auth = requests_gssapi.HTTPKerberosAuth(
385385
requests_gssapi.OPTIONAL)
386386
auth.context = {"www.example.org": "CTX"}
387387

@@ -416,7 +416,7 @@ def test_handle_response_401(self):
416416
response._content = ""
417417
response.raw = raw
418418

419-
auth = requests_gssapi.HTTPSPNEGOAuth()
419+
auth = requests_gssapi.HTTPKerberosAuth()
420420
auth.handle_other = Mock(return_value=response_ok)
421421

422422
r = auth.handle_response(response)
@@ -462,7 +462,7 @@ def connection_send(self, *args, **kwargs):
462462
response._content = ""
463463
response.raw = raw
464464

465-
auth = requests_gssapi.HTTPSPNEGOAuth()
465+
auth = requests_gssapi.HTTPKerberosAuth()
466466

467467
r = auth.handle_response(response)
468468

@@ -483,7 +483,7 @@ def test_generate_request_header_custom_service(self):
483483
response.url = "http://www.example.org/"
484484
response.headers = {'www-authenticate': 'negotiate token'}
485485
host = urlparse(response.url).hostname
486-
auth = requests_gssapi.HTTPSPNEGOAuth(service="barfoo")
486+
auth = requests_gssapi.HTTPKerberosAuth(service="barfoo")
487487
auth.generate_request_header(response, host),
488488
fake_init.assert_called_with(
489489
name=gssapi.Name("[email protected]"),
@@ -513,7 +513,7 @@ def test_delegation(self):
513513
response.connection = connection
514514
response._content = ""
515515
response.raw = raw
516-
auth = requests_gssapi.HTTPSPNEGOAuth(1, "HTTP", True)
516+
auth = requests_gssapi.HTTPKerberosAuth(1, "HTTP", True)
517517
r = auth.authenticate_user(response)
518518

519519
self.assertTrue(response in r.history)
@@ -535,7 +535,7 @@ def test_principal_override(self):
535535
response.url = "http://www.example.org/"
536536
response.headers = {'www-authenticate': 'negotiate token'}
537537
host = urlparse(response.url).hostname
538-
auth = requests_gssapi.HTTPSPNEGOAuth(principal="user@REALM")
538+
auth = requests_gssapi.HTTPKerberosAuth(principal="user@REALM")
539539
auth.generate_request_header(response, host)
540540
fake_creds.assert_called_with(gssapi.creds.Credentials,
541541
usage="initiate",
@@ -552,7 +552,7 @@ def test_realm_override(self):
552552
response.url = "http://www.example.org/"
553553
response.headers = {'www-authenticate': 'negotiate token'}
554554
host = urlparse(response.url).hostname
555-
auth = requests_gssapi.HTTPSPNEGOAuth(
555+
auth = requests_gssapi.HTTPKerberosAuth(
556556
hostname_override="otherhost.otherdomain.org")
557557
auth.generate_request_header(response, host)
558558
fake_init.assert_called_with(

0 commit comments

Comments
 (0)