kleinhenzes60188
/
social_media_platform
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Development of an internal social media platform with personalised dashboards for students
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
2 Branches
Tree: 95b1878141
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '95b1878141'
${ noResults }
social_media_platform/thesisenv/lib/python3.6/site-packages/ldap/sasl.py

sasl.py 4.3KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134 
  1. """

  2. sasl.py - support for SASL mechanism

  3. 

  4. See https://www.python-ldap.org/ for details.

  5. 

  6. Description:

  7. The ldap.sasl module provides SASL authentication classes.

  8. Each class provides support for one SASL mechanism. This is done by

  9. implementing a callback() - method, which will be called by the

  10. LDAPObject's sasl_bind_s() method

  11. Implementing support for new sasl mechanism is very easy --- see

  12. the examples of digest_md5 and gssapi.

  13. """

  14. 

  15. from ldap import __version__

  16. 

  17. if __debug__:

  18.     # Tracing is only supported in debugging mode

  19.     from ldap import _trace_level, _trace_file

  20. 

  21. 

  22. # These are the SASL callback id's , as defined in sasl.h

  23. CB_USER = 0x4001

  24. CB_AUTHNAME = 0x4002

  25. CB_LANGUAGE = 0x4003

  26. CB_PASS = 0x4004

  27. CB_ECHOPROMPT = 0x4005

  28. CB_NOECHOPROMPT = 0x4006

  29. CB_GETREALM = 0x4008

  30. 

  31. 

  32. class sasl:

  33.     """

  34.     This class handles SASL interactions for authentication.

  35.     If an instance of this class is passed to ldap's sasl_bind_s()

  36.     method, the library will call its callback() method. For

  37.     specific SASL authentication mechanisms, this method can be

  38.     overridden

  39.     """

  40. 

  41.     def __init__(self, cb_value_dict, mech):

  42.         """

  43.         The (generic) base class takes a cb_value_dictionary of

  44.         question-answer pairs. Questions are specified by the respective

  45.         SASL callback id's. The mech argument is a string that specifies

  46.         the SASL mechaninsm to be uesd.

  47.         """

  48.         self.cb_value_dict = cb_value_dict or {}

  49.         if not isinstance(mech, bytes):

  50.             mech = mech.encode('utf-8')

  51.         self.mech = mech

  52. 

  53.     def callback(self, cb_id, challenge, prompt, defresult):

  54.         """

  55.         The callback method will be called by the sasl_bind_s()

  56.         method several times. Each time it will provide the id, which

  57.         tells us what kind of information is requested (the CB_*

  58.         constants above). The challenge might be a short (English) text

  59.         or some binary string, from which the return value is calculated.

  60.         The prompt argument is always a human-readable description string;

  61.         The defresult is a default value provided by the sasl library

  62. 

  63.         Currently, we do not use the challenge and prompt information, and

  64.         return only information which is stored in the self.cb_value_dict

  65.         cb_value_dictionary. Note that the current callback interface is not very

  66.         useful for writing generic sasl GUIs, which would need to know all

  67.         the questions to ask, before the answers are returned to the sasl

  68.         lib (in contrast to one question at a time).

  69. 

  70.         Unicode strings are always converted to bytes.

  71.         """

  72. 

  73.         # The following print command might be useful for debugging

  74.         # new sasl mechanisms. So it is left here

  75.         cb_result = self.cb_value_dict.get(cb_id, defresult) or ''

  76.         if __debug__:

  77.             if _trace_level >= 1:

  78.                 _trace_file.write("*** id=%d, challenge=%s, prompt=%s, defresult=%s\n-> %s\n" % (

  79.                     cb_id,

  80.                     challenge,

  81.                     prompt,

  82.                     repr(defresult),

  83.                     repr(self.cb_value_dict.get(cb_result))

  84.                 ))

  85.         if not isinstance(cb_result, bytes):

  86.             cb_result = cb_result.encode('utf-8')

  87.         return cb_result

  88. 

  89. 

  90. class cram_md5(sasl):

  91.     """

  92.     This class handles SASL CRAM-MD5 authentication.

  93.     """

  94. 

  95.     def __init__(self, authc_id, password, authz_id=""):

  96.         auth_dict = {

  97.             CB_AUTHNAME: authc_id,

  98.             CB_PASS: password,

  99.             CB_USER: authz_id,

  100.         }

  101.         sasl.__init__(self, auth_dict, "CRAM-MD5")

  102. 

  103. 

  104. class digest_md5(sasl):

  105.     """

  106.     This class handles SASL DIGEST-MD5 authentication.

  107.     """

  108. 

  109.     def __init__(self, authc_id, password, authz_id=""):

  110.         auth_dict = {

  111.             CB_AUTHNAME: authc_id,

  112.             CB_PASS: password,

  113.             CB_USER: authz_id,

  114.         }

  115.         sasl.__init__(self, auth_dict, "DIGEST-MD5")

  116. 

  117. 

  118. class gssapi(sasl):

  119.     """

  120.     This class handles SASL GSSAPI (i.e. Kerberos V) authentication.

  121.     """

  122. 

  123.     def __init__(self, authz_id=""):

  124.         sasl.__init__(self, {CB_USER: authz_id}, "GSSAPI")

  125. 

  126. 

  127. class external(sasl):

  128.     """

  129.     This class handles SASL EXTERNAL authentication

  130.     (i.e. X.509 client certificate)

  131.     """

  132. 

  133.     def __init__(self, authz_id=""):

  134.         sasl.__init__(self, {CB_USER: authz_id}, "EXTERNAL")