source: TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/authninterface/__init__.py @ 7077

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg-security/TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/authninterface/__init__.py@7077
Revision 7077, 6.4 KB checked in by pjkersha, 11 years ago (diff)
  • Property svn:keywords set to Id
Line 
1"""WSGI Middleware components - OpenID package Authentication Interface
2plugins sub-package
3
4NERC DataGrid Project"""
5__author__ = "P J Kershaw"
6__date__ = "05/12/08"
7__copyright__ = "(C) 2009 Science and Technology Facilities Council"
8__license__ = "BSD - see LICENSE file in top-level directory"
9__contact__ = "Philip.Kershaw@stfc.ac.uk"
10__revision__ = '$Id$'
11import logging
12log = logging.getLogger(__name__)
13
14
15class AuthNInterfaceError(Exception):
16    """Base class for AbstractAuthNInterface exceptions
17   
18    A standard message is raised set by the msg class variable but the actual
19    exception details are logged to the error log.  The use of a standard
20    message enables callers to use its content for user error messages.
21   
22    @type msg: basestring
23    @cvar msg: standard message to be raised for this exception"""
24    userMsg = ("An internal error occurred during login,  Please contact your "
25               "system administrator")
26    errorMsg = "AuthNInterface error"
27   
28    def __init__(self, *arg, **kw):
29        if len(arg) > 0:
30            msg = arg[0]
31        else:
32            msg = self.__class__.errorMsg
33           
34        log.error(msg)
35        Exception.__init__(self, msg, **kw)
36       
37       
38class AuthNInterfaceInvalidCredentials(AuthNInterfaceError):
39    """User has provided incorrect username/password.  Raise from logon"""
40    userMsg = ("Invalid username / password provided.  Please try again.  If "
41               "the problem persists please contact your system "
42               "administrator")
43    errorMsg = "Invalid username/password provided"
44
45
46class AuthNInterfaceUsername2IdentifierMismatch(AuthNInterfaceError): 
47    """User has provided a username which doesn't match the identifier from
48    the OpenID URL that they provided.  DOESN'T apply to ID Select mode where
49    the user has given a generic URL for their OpenID Provider."""
50    userMsg = ("Invalid username for the OpenID entered.  Please ensure you "
51               "have the correct OpenID and username and try again.  If the "
52               "problem persists contact your system administrator")
53    errorMsg = "invalid username / OpenID identifier combination"
54   
55   
56class AuthNInterfaceRetrieveError(AuthNInterfaceError):
57    """Error with retrieval of information to authenticate user e.g. error with
58    database look-up.  Raise from logon"""
59    errorMsg = ("An error occurred retrieving information to check the login "
60                "credentials")
61
62
63class AuthNInterfaceInitError(AuthNInterfaceError):
64    """Error with initialisation of AuthNInterface.  Raise from __init__"""
65    errorMsg = "AuthNInterface initialisation error"
66   
67   
68class AuthNInterfaceConfigError(AuthNInterfaceError):
69    """Error with Authentication configuration.  Raise from __init__"""
70    errorMsg = "AuthNInterface configuration error"
71   
72   
73class AbstractAuthNInterface(object):
74    '''OpenID Provider abstract base class for authentication configuration.
75    Derive from this class to define the authentication interface for users
76    logging into the OpenID Provider'''
77   
78    # Slot declaration here enables derived classes to use slots if they want to
79    __slots__ = ()
80   
81    def __init__(self, **prop):
82        """Make any initial settings
83       
84        Settings are held in a dictionary which can be set from **prop,
85        a call to setProperties() or by passing settings in an XML file
86        given by propFilePath
87       
88        @type **prop: dict
89        @param **prop: set properties via keywords
90        @raise AuthNInterfaceInitError: error with initialisation
91        @raise AuthNInterfaceConfigError: error with configuration
92        @raise AuthNInterfaceError: generic exception not described by the
93        other specific exception types.
94        """
95   
96    def logon(self, environ, identityURI, username, password):
97        """Interface login method
98       
99        @type environ: dict
100        @param environ: standard WSGI environ parameter
101       
102        @type identityURI: basestring
103        @param identityURI: user's identity URL e.g.
104        'https://joebloggs.somewhere.ac.uk/'
105       
106        @type username: basestring
107        @param username: user identifier for authentication
108       
109        @type password: basestring
110        @param password: corresponding password for username givens
111       
112        @raise AuthNInterfaceInvalidCredentials: invalid username/password
113        @raise AuthNInterfaceUsername2IdentifierMismatch: username doesn't
114        match the OpenID URL provided by the user.  (Doesn't apply to ID Select
115        type requests).
116        @raise AuthNInterfaceRetrieveError: error with retrieval of information
117        to authenticate user e.g. error with database look-up.
118        @raise AuthNInterfaceError: generic exception not described by the
119        other specific exception types.
120        """
121        raise NotImplementedError()
122   
123    def username2UserIdentifiers(self, environ, username):
124        """Map the login username to an identifier which will become the
125        unique path suffix to the user's OpenID identifier.  The
126        OpenIDProviderMiddleware takes self.urls['id_url']/
127        self.urls['id_yadis'] and adds it to this identifier:
128       
129            identifier = self._authN.username2UserIdentifiers(environ,
130                                                              username)
131            identityURL = self.createIdentityURI(self.urls['url_id'],
132                                                 identifier)
133       
134        @type environ: dict
135        @param environ: standard WSGI environ parameter
136
137        @type username: basestring
138        @param username: user identifier
139       
140        @rtype: tuple
141        @return: one or more identifiers to be used to make OpenID user
142        identity URL(s).
143       
144        @raise AuthNInterfaceConfigError: problem with the configuration
145        @raise AuthNInterfaceRetrieveError: error with retrieval of information
146        to identifier e.g. error with database look-up.
147        @raise AuthNInterfaceError: generic exception not described by the
148        other specific exception types.
149        """
150        raise NotImplementedError()
151
152    def logout(self, authNInterface):
153        """Stub to enable custom actions for logout.
154       
155        @type authNInterface: AbstractAuthNInterface derived type
156        @param authNInterface: authentication interface object.  See
157        AbstractAuthNInterface class for details
158        """
159        raise NotImplementedError()
Note: See TracBrowser for help on using the repository browser.