authentication – Authentication Components Module

Authentication for Kofa.

class waeup.kofa.authentication.Account(name, password, title=None, description=None, email=None, phone=None, public_name=None, roles=[])

Bases: grokcore.content.components.Model

Kofa user accounts store infos about a user.

Beside the usual data and an (encrypted) password, accounts also have a persistent attribute failed_logins which is an instance of waeup.kofa.authentication.FailedLoginInfo.

This attribute can be manipulated directly (set new value, increase values, or reset).

__doc__ = 'Kofa user accounts store infos about a user.\n\n Beside the usual data and an (encrypted) password, accounts also\n have a persistent attribute `failed_logins` which is an instance\n of `waeup.kofa.authentication.FailedLoginInfo`.\n\n This attribute can be manipulated directly (set new value,\n increase values, or reset).\n '

__implemented__ = <implementedBy waeup.kofa.authentication.Account>

__init__(name, password, title=None, description=None, email=None, phone=None, public_name=None, roles=[])

__module__ = 'waeup.kofa.authentication'

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

checkPassword(password)

getLocalRoles()

getSiteRolesForPrincipal()

notifyLocalRoleChanged(obj, role_id, granted=True)

roles

setPassword(password)

setSiteRolesForPrincipal(roles)

class waeup.kofa.authentication.AuthenticatedKofaPrincipalFactory(info, request)

Bases: grokcore.component.components.MultiAdapter

Creates ‘authenticated’ Kofa principals.

Adapts (principal info, request) to a KofaPrincipal instance.

This adapter is used by the standard PAU to transform KofaPrincipalInfos into KofaPrincipal instances.

__call__(authentication)

__component_adapts__ = (<InterfaceClass waeup.kofa.interfaces.IKofaPrincipalInfo>, <InterfaceClass zope.publisher.interfaces.IRequest>)

__doc__ = "Creates 'authenticated' Kofa principals.\n\n Adapts (principal info, request) to a KofaPrincipal instance.\n\n This adapter is used by the standard PAU to transform\n KofaPrincipalInfos into KofaPrincipal instances.\n "

__implemented__ = <implementedBy waeup.kofa.authentication.AuthenticatedKofaPrincipalFactory>

__init__(info, request)

__module__ = 'waeup.kofa.authentication'

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

class waeup.kofa.authentication.FailedLoginInfo(num=0, last=None)

Bases: grokcore.content.components.Model

__doc__ = None

__implemented__ = <implementedBy waeup.kofa.authentication.FailedLoginInfo>

__init__(num=0, last=None)

__module__ = 'waeup.kofa.authentication'

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

as_tuple()

increase()

reset()

set_values(num=0, last=None)

class waeup.kofa.authentication.KofaPrincipal(id, title=u'', description=u'', email=u'', phone=None, public_name=u'', user_type=u'', prefix=None)

Bases: zope.pluggableauth.factories.Principal

A portal principal.

Kofa principals provide an extra email, phone, public_name and user_type attribute extending ordinary principals.

__doc__ = 'A portal principal.\n\n Kofa principals provide an extra `email`, `phone`, `public_name`\n and `user_type` attribute extending ordinary principals.\n '

__implemented__ = <implementedBy waeup.kofa.authentication.KofaPrincipal>

__init__(id, title=u'', description=u'', email=u'', phone=None, public_name=u'', user_type=u'', prefix=None)

__module__ = 'waeup.kofa.authentication'

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

__repr__()

class waeup.kofa.authentication.KofaPrincipalInfo(id, title, description, email, phone, public_name, user_type)

Bases: object

An implementation of IKofaPrincipalInfo.

A Kofa principal info is created with id, login, title, description, phone, email, public_name and user_type.

__dict__ = dict_proxy({'__providedBy__': <_interface_coptimizations.ObjectSpecificationDescriptor object at 0x7f402dea22c0>, '__module__': 'waeup.kofa.authentication', '__weakref__': <attribute '__weakref__' of 'KofaPrincipalInfo' objects>, '__provides__': <zope.interface.declarations.ClassProvides object at 0x7f4027d14890>, '__dict__': <attribute '__dict__' of 'KofaPrincipalInfo' objects>, '__implemented__': <implementedBy waeup.kofa.authentication.KofaPrincipalInfo>, '__eq__': <function __eq__ at 0x7f4027d75488>, '__doc__': 'An implementation of IKofaPrincipalInfo.\n\n A Kofa principal info is created with id, login, title, description,\n phone, email, public_name and user_type.\n ', '__init__': <function __init__ at 0x7f4027d75410>})

__doc__ = 'An implementation of IKofaPrincipalInfo.\n\n A Kofa principal info is created with id, login, title, description,\n phone, email, public_name and user_type.\n '

__eq__(obj)

__implemented__ = <implementedBy waeup.kofa.authentication.KofaPrincipalInfo>

__init__(id, title, description, email, phone, public_name, user_type)

__module__ = 'waeup.kofa.authentication'

__providedBy__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

__weakref__

list of weak references to the object (if defined)

class waeup.kofa.authentication.KofaSessionCredentialsPlugin

Bases: grokcore.component.components.GlobalUtility, zope.pluggableauth.plugins.session.SessionCredentialsPlugin

Session plugin that picks usernames/passwords from fields in webforms.

__doc__ = 'Session plugin that picks usernames/passwords from fields in webforms.\n '

__module__ = 'waeup.kofa.authentication'

loginfield = 'form.login'

loginpagename = 'login'

passwordfield = 'form.password'

class waeup.kofa.authentication.KofaXMLRPCCredentialsPlugin

Bases: grokcore.component.components.GlobalUtility, zope.pluggableauth.plugins.httpplugins.HTTPBasicAuthCredentialsPlugin

Plugin that picks useranams/passwords from basic-auth headers.

As XMLRPC requests send/post their authentication credentials in HTTP basic-auth headers, we need a plugin that can handle this.

This plugin, however, does no challenging. If a user does not provide basic-auth infos, we will not ask for some. This is correct as we plan to communicate with machines.

This plugin is planned to be used in “PluggableAuthenitications” registered with University instances.

__doc__ = 'Plugin that picks useranams/passwords from basic-auth headers.\n\n As XMLRPC requests send/post their authentication credentials in HTTP\n basic-auth headers, we need a plugin that can handle this.\n\n This plugin, however, does no challenging. If a user does not provide\n basic-auth infos, we will not ask for some. This is correct as we plan to\n communicate with machines.\n\n This plugin is planned to be used in "PluggableAuthenitications" registered\n with `University` instances.\n '

__module__ = 'waeup.kofa.authentication'

challenge(request)

XMLRPC is for machines. No need to challenge.

logout(request)

Basic auth does not provide any logout possibility.

class waeup.kofa.authentication.LocalRoleSetEvent(object, role_id, principal_id, granted=True)

Bases: object

__dict__ = dict_proxy({'__providedBy__': <_interface_coptimizations.ObjectSpecificationDescriptor object at 0x7f402dea22c0>, '__module__': 'waeup.kofa.authentication', '__provides__': <zope.interface.declarations.ClassProvides object at 0x7f4027d6b4d0>, '__init__': <function __init__ at 0x7f4027d66848>, '__dict__': <attribute '__dict__' of 'LocalRoleSetEvent' objects>, '__implemented__': <implementedBy waeup.kofa.authentication.LocalRoleSetEvent>, '__weakref__': <attribute '__weakref__' of 'LocalRoleSetEvent' objects>, '__doc__': None})

__doc__ = None

__implemented__ = <implementedBy waeup.kofa.authentication.LocalRoleSetEvent>

__init__(object, role_id, principal_id, granted=True)

__module__ = 'waeup.kofa.authentication'

__providedBy__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

__weakref__

list of weak references to the object (if defined)

class waeup.kofa.authentication.PasswordValidator

Bases: grokcore.component.components.GlobalUtility

__doc__ = None

__implemented__ = <implementedBy waeup.kofa.authentication.PasswordValidator>

__module__ = 'waeup.kofa.authentication'

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

validate_password(pw, pw_repeat)

validate_secure_password(pw, pw_repeat)

^(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9]).{8,}$

^ Start anchor (?=.*[A-Z]) Ensure password has one uppercase letters. (?=.*[0-9]) Ensure password has one digit. (?=.*[a-z]) Ensure password has one lowercase letter. .{8,} Ensure password is of length 8. $ End anchor

class waeup.kofa.authentication.UpdatePAUPlugin

Bases: grokcore.component.components.GlobalUtility

A plugin that updates a local PAU.

We insert an ‘xmlrpc-credentials’ PAU-plugin into a sites PAU if it is not present already. There must be ‘credentials’ plugin registered already.

XXX: This Plugin fixes a shortcoming of waeup.kofa 1.5. Sites created or

updated afterwards do not need this plugin and it should be removed.

__doc__ = "A plugin that updates a local PAU.\n\n We insert an 'xmlrpc-credentials' PAU-plugin into a sites PAU if it is not\n present already. There must be 'credentials' plugin registered already.\n\n XXX: This Plugin fixes a shortcoming of waeup.kofa 1.5. Sites created or\n updated afterwards do not need this plugin and it should be removed.\n "

__implemented__ = <implementedBy waeup.kofa.authentication.UpdatePAUPlugin>

__module__ = 'waeup.kofa.authentication'

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

setup(site, name, logger)

update(site, name, logger)

class waeup.kofa.authentication.UserAccountFactory

Bases: grokcore.component.components.GlobalUtility

A factory for user accounts.

This factory is only needed for imports.

__call__(*args, **kw)

__doc__ = 'A factory for user accounts.\n\n This factory is only needed for imports.\n '

__implemented__ = <implementedBy waeup.kofa.authentication.UserAccountFactory>

__module__ = 'waeup.kofa.authentication'

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

description = u'This factory instantiates new user account instances.'

getInterfaces()

title = (u'Create a user.',)

class waeup.kofa.authentication.UserAuthenticatorPlugin

Bases: grokcore.component.components.GlobalUtility

__doc__ = None

__implemented__ = <implementedBy waeup.kofa.authentication.UserAuthenticatorPlugin>

__module__ = 'waeup.kofa.authentication'

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

addAccount(account)

addUser(name, password, title=None, description=None)

authenticateCredentials(credentials)

getAccount(login)

getUsersContainer()

principalInfo(id)

class waeup.kofa.authentication.UserProcessor

Bases: waeup.kofa.utils.batching.BatchProcessor

The User Processor processes user accounts, i.e. Account objects in the users container.

The roles columns must contain Python list expressions like ['waeup.PortalManager', 'waeup.ImportManager'].

The processor does not import local roles. These can be imported by means of batch processors in the academic section.

__doc__ = "The User Processor processes user accounts, i.e. `Account` objects in\n the ``users`` container.\n\n The `roles` columns must contain Python list\n expressions like ``['waeup.PortalManager', 'waeup.ImportManager']``.\n\n The processor does not import local roles. These can be imported\n by means of batch processors in the academic section.\n "

__implemented__ = <implementedBy waeup.kofa.authentication.UserProcessor>

__module__ = 'waeup.kofa.authentication'

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

addEntry(obj, row, site)

checkConversion(row, mode='ignore')

Validates all values in row.

delEntry(row, site)

entryExists(row, site)

factory_name = 'waeup.UserAccount'

getEntry(row, site)

getParent(row, site)

iface = <InterfaceClass waeup.kofa.interfaces.IUserAccount>

location_fields = ['name']

mode = None

name = u'User Processor'

parentsExist(row, site)

updateEntry(obj, row, site, filename)

Update obj to the values given in row.

util_name = 'userprocessor'

class waeup.kofa.authentication.UsersPlugin

Bases: grokcore.component.components.GlobalUtility

A plugin that updates users.

__doc__ = 'A plugin that updates users.\n '

__implemented__ = <implementedBy waeup.kofa.authentication.UsersPlugin>

__module__ = 'waeup.kofa.authentication'

__provides__

Special descriptor for class __provides__

The descriptor caches the implementedBy info, so that we can get declarations for objects without instance-specific interfaces a bit quicker.

For example:

>>> from zope.interface import Interface
>>> class IFooFactory(Interface):
...     pass
>>> class IFoo(Interface):
...     pass
>>> class C(object):
...     implements(IFoo)
...     classProvides(IFooFactory)
>>> [i.getName() for i in C.__provides__]
['IFooFactory']

>>> [i.getName() for i in C().__provides__]
['IFoo']

deprecated_attributes = []

setup(site, name, logger)

update(site, name, logger)

waeup.kofa.authentication.get_principal_role_manager()

Get a role manager for principals.

If we are currently ‘in a site’, return the role manager for the portal or the global rolemanager else.

waeup.kofa.authentication.handle_account_added(account, event)

When an account is added, the local owner role and the global AcademicsOfficer role must be set.

waeup.kofa.authentication.handle_account_removed(account, event)

When an account is removed, local and global roles might have to be deleted.

waeup.kofa.authentication.handle_local_role_changed(obj, event)

waeup.kofa.authentication.handle_local_roles_on_obj_removed(obj, event)

waeup.kofa.authentication.setup_authentication(pau)

Set up plugguble authentication utility.

Sets up an IAuthenticatorPlugin and ICredentialsPlugin (for the authentication mechanism)

Then looks for any external utilities that want to modify the PAU.