Commit 2d654f38 authored by Aurelien Campeas's avatar Aurelien Campeas
Browse files

initial (work in progress) release

parents
include *.py
include */*.py
recursive-include data external_resources *.gif *.png *.css *.ico *.js
recursive-include i18n *.pot *.po
recursive-include wdoc *
This cube provides an authentication plugin which ensures proper
authentication of users behind an apache + mod_ssl + mod_auth_kerb.
It is non-obstrusive and easy to plug.
"""cubicweb-apachekerberos application package
authentication plugin for cubicweb instances behind apache + kerberos
"""
# pylint: disable-msg=W0622
"""cubicweb-apachekerberos application packaging information"""
modname = 'apachekerberos'
distname = 'cubicweb-apachekerberos'
numversion = (0, 1, 0)
version = '.'.join(str(num) for num in numversion)
license = 'LGPL'
author = 'LOGILAB S.A. (Paris, FRANCE)'
author_email = 'contact@logilab.fr'
description = 'authentication plugin for cubicweb instances behind apache + kerberos'
web = 'http://www.cubicweb.org/project/%s' % distname
from os import listdir as _listdir
from os.path import join, isdir, exists
from glob import glob
THIS_CUBE_DIR = join('share', 'cubicweb', 'cubes', modname)
def listdir(dirpath):
return [join(dirpath, fname) for fname in _listdir(dirpath)
if fname[0] != '.' and not fname.endswith('.pyc')
and not fname.endswith('~')
and not isdir(join(dirpath, fname))]
data_files = [
# common files
[THIS_CUBE_DIR, [fname for fname in glob('*.py') if fname != 'setup.py']],
]
# check for possible extended cube layout
for dname in ('entities', 'views', 'sobjects', 'hooks', 'schema', 'data', 'wdoc', 'i18n', 'migration'):
if isdir(dname):
data_files.append([join(THIS_CUBE_DIR, dname), listdir(dname)])
# Note: here, you'll need to add subdirectories if you want
# them to be included in the debian package
__depends__ = {'cubicweb': '>= 3.8.7'}
__recommends__ = {}
"""http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice/
:organization: Logilab
:copyright: 2009-2010 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2.
:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
"""
__docformat__ = "restructuredtext en"
from cubicweb import AuthenticationError
from cubicweb.server.sources import native
from cubes.cryptutils import build_cypher
class XRemoteUserAuthentifier(native.BaseAuthentifier):
""" a source authentifier plugin
login comes here with an encrypted blob
we decrypt it with a special key to identify
the trustfulness of the `client` (pyro, web)
"""
auth_rql = ('Any X WHERE X is CWUser, X login %(login)s')
def authenticate(self, session, login, **kwargs):
"""return CWUser eid for the given login (coming from x-remote-user
http headers) if this account is defined in this source,
else raise `AuthenticationError`
"""
try:
cryptlogin = kwargs.pop('cryptlogin', None)
if cryptlogin:
rset = session.execute(self.auth_rql, {'login': login})
if rset:
fpath = session.config.get('secret-key-filepath')
cyphr = build_cypher(open(fpath, 'rb').read().strip())
if cyphr.decrypt(cryptlogin) == login:
return rset[0][0]
except:
import traceback as tb
tb.print_stack()
raise AuthenticationError('user is not registered')
from Crypto.Cipher import AES
def build_cypher(key):
return AES.new(key, AES.MODE_ECB)
cubicweb-apachekerberos (0.1.0-1) unstable; urgency=low
* initial release
--
Source: cubicweb-apachekerberos
Section: web
Priority: optional
Maintainer: LOGILAB S.A. (Paris, FRANCE) <contact@logilab.fr>
Build-Depends: debhelper (>= 5.0.37.1), python (>=2.4), python-dev (>=2.4)
Standards-Version: 3.8.0
Package: cubicweb-apachekerberos
Architecture: all
Depends: cubicweb-common (>= 3.8.7)
Description: authentication plugin for cubicweb instances behind apache + kerberos
CubicWeb is a semantic web application framework.
.
authentication plugin for cubicweb instances behind apache + kerberos
.
This package will install all the components you need to run the
cubicweb-apachekerberos application (cube :)..
Upstream Author:
LOGILAB S.A. (Paris, FRANCE) <contact@logilab.fr>
Copyright:
Copyright (c) 2010 LOGILAB S.A. (Paris, FRANCE).
http://www.logilab.fr -- mailto:contact@logilab.fr
#!/bin/sh -e
delete_pyo_pyc () {
find /usr/share/cubicweb/cubes/apachekerberos -name "*.pyc" | xargs rm -f
find /usr/share/cubicweb/cubes/apachekerberos -name "*.pyo" | xargs rm -f
}
case "$1" in
failed-upgrade|abort-install|abort-upgrade|disappear)
;;
upgrade)
delete_pyo_pyc
;;
remove)
delete_pyo_pyc
;;
purge)
;;
*)
echo "postrm called with unknown argument \`$1'" >&2
exit 1
esac
#DEBHELPER#
#!/usr/bin/make -f
# Sample debian/rules that uses debhelper.
# GNU copyright 1997 to 1999 by Joey Hess.
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
build: build-stamp
build-stamp:
dh_testdir
NO_SETUPTOOLS=1 python setup.py -q build
touch build-stamp
clean:
dh_testdir
dh_testroot
rm -f build-stamp configure-stamp
rm -rf build
find . -name "*.pyc" | xargs rm -f
dh_clean
install: build
dh_testdir
dh_testroot
dh_clean -k
dh_installdirs -i
NO_SETUPTOOLS=1 python setup.py -q install --no-compile --prefix=debian/cubicweb-apachekerberos/usr/
# remove generated .egg-info file
rm -rf debian/cubicweb-apachekerberos/usr/lib/python*
# Build architecture-independent files here.
binary-indep: build install
dh_testdir
dh_testroot
dh_install -i
dh_installchangelogs -i
dh_installexamples -i
dh_installdocs -i
dh_installman -i
dh_link -i
dh_compress -i -X.py -X.ini -X.xml -Xtest
dh_fixperms -i
dh_installdeb -i
dh_gencontrol -i
dh_md5sums -i
dh_builddeb -i
# Build architecture-dependent files here.
binary-arch:
binary: binary-indep
.PHONY: build clean binary-arch binary-indep binary
# copyright 2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
# contact http://www.logilab.fr -- mailto:contact@logilab.fr
#
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation, either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
"""cubicweb-apachekerberos entity's classes"""
"""remberme cube hooks
:organization: Logilab
:copyright: 2009-2010 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2.
:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
"""
__docformat__ = "restructuredtext en"
from cubicweb.server import hook
from cubes.apachekerberos.authplugin import XRemoteUserAuthentifier
class ServerStartupHook(hook.Hook):
"""task to cleanup expirated auth cookie entities"""
__regid__ = 'xremoteuserinit'
events = ('server_startup',)
def __call__(self):
# XXX use named args and inner functions to avoid referencing globals
# which may cause reloading pb
self.repo.system_source.add_authentifier(XRemoteUserAuthentifier())
msgid ""
msgstr ""
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Generated-By: pygettext.py 1.5\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
msgid ""
msgstr ""
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Generated-By: pygettext.py 1.5\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
msgid ""
msgstr ""
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Generated-By: pygettext.py 1.5\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
# copyright 2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
# contact http://www.logilab.fr -- mailto:contact@logilab.fr
#
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation, either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
"""cubicweb-apachekerberos postcreate script, executed at instance creation time or when
the cube is added to an existing instance.
You could setup site properties or a workflow here for example.
"""
# Example of site property change
#set_property('ui.site-title', "<sitename>")
# copyright 2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
# contact http://www.logilab.fr -- mailto:contact@logilab.fr
#
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation, either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
"""cubicweb-apachekerberos schema"""
#!/usr/bin/env python
# pylint: disable-msg=W0404,W0622,W0704,W0613,W0152
# copyright 2003-2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
__docformat__ = "restructuredtext en"
import os
import sys
import shutil
from os.path import isdir, exists, join, walk
try:
if os.environ.get('NO_SETUPTOOLS'):
raise ImportError()
from setuptools import setup
from setuptools.command import install_lib
USE_SETUPTOOLS = 1
except ImportError:
from distutils.core import setup
from distutils.command import install_lib
USE_SETUPTOOLS = 0
sys.modules.pop('__pkginfo__', None)
# import required features
from __pkginfo__ import modname, version, license, description, \
web, author, author_email
# import optional features
import __pkginfo__
distname = getattr(__pkginfo__, 'distname', modname)
scripts = getattr(__pkginfo__, 'scripts', [])
data_files = getattr(__pkginfo__, 'data_files', None)
include_dirs = getattr(__pkginfo__, 'include_dirs', [])
ext_modules = getattr(__pkginfo__, 'ext_modules', None)
dependency_links = getattr(__pkginfo__, 'dependency_links', [])
STD_BLACKLIST = ('CVS', '.svn', '.hg', 'debian', 'dist', 'build')
IGNORED_EXTENSIONS = ('.pyc', '.pyo', '.elc', '~')
if exists('README'):
long_description = file('README').read()
else:
long_description = ''
if USE_SETUPTOOLS:
requires = {}
for entry in ("__depends__", "__recommends__"):
requires.update(getattr(__pkginfo__, entry, {}))
install_requires = [("%s %s" % (d, v and v or "")).strip()
for d, v in requires.iteritems()]
else:
install_requires = []
def ensure_scripts(linux_scripts):
"""Creates the proper script names required for each platform
(taken from 4Suite)
"""
from distutils import util
if util.get_platform()[:3] == 'win':
scripts_ = [script + '.bat' for script in linux_scripts]
else:
scripts_ = linux_scripts
return scripts_
def get_packages(directory, prefix):
"""return a list of subpackages for the given directory"""
result = []
for package in os.listdir(directory):
absfile = join(directory, package)
if isdir(absfile):
if exists(join(absfile, '__init__.py')) or \
package in ('test', 'tests'):
if prefix:
result.append('%s.%s' % (prefix, package))
else:
result.append(package)
result += get_packages(absfile, result[-1])
return result
def export(from_dir, to_dir,
blacklist=STD_BLACKLIST,
ignore_ext=IGNORED_EXTENSIONS,
verbose=True):
"""make a mirror of from_dir in to_dir, omitting directories and files
listed in the black list
"""
def make_mirror(arg, directory, fnames):
"""walk handler"""
for norecurs in blacklist:
try:
fnames.remove(norecurs)
except ValueError:
pass
for filename in fnames:
# don't include binary files
if filename[-4:] in ignore_ext:
continue
if filename[-1] == '~':
continue
src = join(directory, filename)
dest = to_dir + src[len(from_dir):]
if verbose:
print >> sys.stderr, src, '->', dest
if os.path.isdir(src):
if not exists(dest):
os.mkdir(dest)
else:
if exists(dest):
os.remove(dest)
shutil.copy2(src, dest)
try:
os.mkdir(to_dir)
except OSError, ex:
# file exists ?
import errno
if ex.errno != errno.EEXIST:
raise
walk(from_dir, make_mirror, None)
class MyInstallLib(install_lib.install_lib):
"""extend install_lib command to handle package __init__.py and
include_dirs variable if necessary
"""
def run(self):
"""overridden from install_lib class"""
install_lib.install_lib.run(self)
# manually install included directories if any
if include_dirs:
base = modname
for directory in include_dirs:
dest = join(self.install_dir, base, directory)
export(directory, dest, verbose=False)
def install(**kwargs):
"""setup entry point"""
if USE_SETUPTOOLS:
if '--force-manifest' in sys.argv:
sys.argv.remove('--force-manifest')
# install-layout option was introduced in 2.5.3-1~exp1
elif sys.version_info < (2, 5, 4) and '--install-layout=deb' in sys.argv:
sys.argv.remove('--install-layout=deb')
if USE_SETUPTOOLS and install_requires:
kwargs['install_requires'] = install_requires
kwargs['dependency_links'] = dependency_links
return setup(name = distname,
version = version,
license = license,
description = description,
long_description = long_description,
author = author,
author_email = author_email,
url = web,
scripts = ensure_scripts(scripts),
data_files = data_files,
ext_modules = ext_modules,
cmdclass = {'install_lib': MyInstallLib},
**kwargs
)
if __name__ == '__main__' :
install()
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment