forked from twisted/treq
/
auth.py
98 lines (74 loc) · 3 KB
/
auth.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# Copyright 2012-2020 The treq Authors.
# See LICENSE for details.
from __future__ import absolute_import, division, print_function
import binascii
from typing import Union
from twisted.web.http_headers import Headers
from twisted.web.iweb import IAgent
from zope.interface import implementer
class UnknownAuthConfig(Exception):
"""
The authentication config provided couldn't be interpreted.
"""
def __init__(self, config):
super(Exception, self).__init__(
'{0!r} not of a known type.'.format(config))
@implementer(IAgent)
class _RequestHeaderSettingAgent(object):
"""
Wrap an agent to set request headers
:ivar _agent: The wrapped agent.
:ivar _request_headers:
Headers to set on each request before forwarding it to the wrapped
agent.
"""
def __init__(self, agent, request_headers):
self._agent = agent
self._request_headers = request_headers
def request(self, method, uri, headers=None, bodyProducer=None):
if headers is None:
new = self._request_headers
else:
new = headers.copy()
for header, values in self._request_headers.getAllRawHeaders():
new.setRawHeaders(header, values)
return self._agent.request(
method, uri, headers=new, bodyProducer=bodyProducer)
def add_basic_auth(agent, username, password):
# type: (IAgent, Union[str, bytes], Union[str, bytes]) -> IAgent
"""
Wrap an agent to add HTTP basic authentication
The returned agent sets the *Authorization* request header according to the
basic authentication scheme described in :rfc:`7617`. This header contains
the given *username* and *password* in plaintext, and thus should only be
used over an encrypted transport (HTTPS).
Note that the colon (``:``) is used as a delimiter between the *username*
and *password*, so if either parameter includes a colon the interpretation
of the *Authorization* header is server-defined.
:param agent: Agent to wrap.
:param username: The username
:param password: The password
:returns: :class:`~twisted.web.iweb.IAgent`
"""
if not isinstance(username, bytes):
username = username.encode('utf-8')
if not isinstance(password, bytes):
password = password.encode('utf-8')
creds = binascii.b2a_base64(b'%s:%s' % (username, password)).rstrip(b'\n')
return _RequestHeaderSettingAgent(
agent,
Headers({b'Authorization': [b'Basic ' + creds]}),
)
def add_auth(agent, auth_config):
"""
Wrap an agent to perform authentication
:param agent: Agent to wrap.
:param auth_config:
A ``('username', 'password')`` tuple --- see :func:`add_basic_auth`.
:returns: :class:`~twisted.web.iweb.IAgent`
:raises UnknownAuthConfig:
When the format *auth_config* isn't supported.
"""
if isinstance(auth_config, tuple):
return add_basic_auth(agent, auth_config[0], auth_config[1])
raise UnknownAuthConfig(auth_config)