renamed the cube into trustedauth

695b6298 · David Douard · 0322afa30991 · 2455654c · 2455654c · 2455654c
Commit 695b6298 authored Jan 19, 2011 by David Douard
--- a/__init__.py
+++ b/__init__.py
-"""cubicweb-apachekerberos application package
+"""cubicweb-trustedauth application package

-authentication plugin for cubicweb instances behind apache + kerberos
+authentication plugin for cubicweb instances behind a trusted
+reverse proxy managing authentication  (eg. apache + kerberos)
 """
--- a/__pkginfo__.py
+++ b/__pkginfo__.py
 # pylint: disable-msg=W0622
-"""cubicweb-apachekerberos application packaging information"""
+"""cubicweb-trustedauth application packaging information"""

-modname = 'apachekerberos'
-distname = 'cubicweb-apachekerberos'
+modname = 'trustedauth'
+distname = 'cubicweb-trustedauth'

 numversion = (0, 1, 2)
 version = '.'.join(str(num) for num in numversion)
@@ -12,7 +12,8 @@ license = 'LGPL'
 author = 'LOGILAB S.A. (Paris, FRANCE)'
 author_email = 'contact@logilab.fr'

-description = 'authentication plugin for cubicweb instances behind apache + kerberos'
+description = ('authentication plugin for cubicweb instances behind a trusted '
+              'reverse proxy managing authentication  (eg. apache + kerberos)')

 web = 'http://www.cubicweb.org/project/%s' % distname


--- a/authplugin.py
+++ b/authplugin.py
@@ -13,7 +13,7 @@ import base64
 from cubicweb import AuthenticationError
 from cubicweb.server.sources import native

-from cubes.apachekerberos.cryptutils import build_cypher
+from cubes.trustedauth.cryptutils import build_cypher

 class XRemoteUserAuthentifier(native.BaseAuthentifier):
    """ a source authentifier plugin

--- a/debian/control
+++ b/debian/control
-Source: cubicweb-apachekerberos
+Source: cubicweb-trustedauth
 Section: web
 Priority: optional
 Maintainer: LOGILAB S.A. (Paris, FRANCE) <contact@logilab.fr>
@@ -6,13 +6,14 @@ Build-Depends: debhelper (>= 5.0.37.1), python (>=2.4), python-dev (>=2.4)
 Standards-Version: 3.8.0


-Package: cubicweb-apachekerberos
+Package: cubicweb-trustedauth
 Architecture: all
 Depends: cubicweb-common (>= 3.9.3), python-crypto
-Description: authentication plugin for cubicweb instances behind apache + kerberos
+Description: authentication plugin for cubicweb instances behind a reverse proxy
 CubicWeb is a semantic web application framework.
 .
- authentication plugin for cubicweb instances behind apache + kerberos
+ This cube is an authentication plugin for cubicweb instances behind a trusted
+ reverse proxy managing authentication  (eg. apache + kerberos).
 .
 This package will install all the components you need to run the
- cubicweb-apachekerberos application (cube :)..
+ cubicweb-trustedauth application (cube :)..
--- a/debian/cubicweb-apachekerberos.prerm
+++ b/debian/cubicweb-apachekerberos.prerm
 #!/bin/sh -e

 delete_pyo_pyc () {
-  find /usr/share/cubicweb/cubes/apachekerberos -name "*.pyc" | xargs rm -f
-  find /usr/share/cubicweb/cubes/apachekerberos -name "*.pyo" | xargs rm -f
+  find /usr/share/cubicweb/cubes/trustedauth -name "*.pyc" | xargs rm -f
+  find /usr/share/cubicweb/cubes/trustedauth -name "*.pyo" | xargs rm -f
 }



--- a/debian/rules
+++ b/debian/rules
@@ -23,9 +23,9 @@ install: build
 	dh_testroot
 	dh_clean -k
 	dh_installdirs -i
-	NO_SETUPTOOLS=1 python setup.py -q install --no-compile --prefix=debian/cubicweb-apachekerberos/usr/
+	NO_SETUPTOOLS=1 python setup.py -q install --no-compile --prefix=debian/cubicweb-trustedauth/usr/
 	# remove generated .egg-info file
-	rm -rf debian/cubicweb-apachekerberos/usr/lib/python*
+	rm -rf debian/cubicweb-trustedauth/usr/lib/python*


 # Build architecture-independent files here.

--- a/entities.py
+++ b/entities.py
@@ -14,4 +14,4 @@
 # You should have received a copy of the GNU Lesser General Public License along
 # with this program. If not, see <http://www.gnu.org/licenses/>.

-"""cubicweb-apachekerberos entity's classes"""
+"""cubicweb-trustedauth entity's classes"""
--- a/hooks.py
+++ b/hooks.py
@@ -10,7 +10,7 @@ import os.path as osp

 from cubicweb.server import hook

-from cubes.apachekerberos.authplugin import XRemoteUserAuthentifier
+from cubes.trustedauth.authplugin import XRemoteUserAuthentifier

 class ServerStartupHook(hook.Hook):
    """register authentifier at startup"""

--- a/migration/postcreate.py
+++ b/migration/postcreate.py
@@ -14,7 +14,7 @@
 # You should have received a copy of the GNU Lesser General Public License along
 # with this program. If not, see <http://www.gnu.org/licenses/>.

-"""cubicweb-apachekerberos postcreate script, executed at instance creation time or when
+"""cubicweb-trustedauth postcreate script, executed at instance creation time or when
 the cube is added to an existing instance.

 You could setup site properties or a workflow here for example.

--- a/schema.py
+++ b/schema.py
@@ -14,4 +14,4 @@
 # You should have received a copy of the GNU Lesser General Public License along
 # with this program. If not, see <http://www.gnu.org/licenses/>.

-"""cubicweb-apachekerberos schema"""
+"""cubicweb-trustedauth schema"""
--- a/test/data/bootstrap_cubes
+++ b/test/data/bootstrap_cubes
-apachekerberos
+trustedauth
--- a/test/test_apachekerberos.py
+++ b/test/test_apachekerberos.py
-# copyright 2003-2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
-# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
-#
-# This file is part of CubicWeb.
-#
-# CubicWeb is free software: you can redistribute it and/or modify it under the
-# terms of the GNU Lesser General Public License as published by the Free
-# Software Foundation, either version 2.1 of the License, or (at your option)
-# any later version.
-#
-# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Lesser General Public License along
-# with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.
-"""template automatic tests
-
-"""
-
-from logilab.common.testlib import TestCase, unittest_main
-
-class DefaultTC(TestCase):
-    def test_something(self):
-        self.skip('this cube has no test')
-
-## uncomment the import if you want to activate automatic test for your
-## template
-
-# from cubicweb.devtools.testlib import AutomaticWebTest
-
-
-if __name__ == '__main__':
-    unittest_main()
--- a/test/unittest_trustedauth.py
+++ b/test/unittest_trustedauth.py
+# copyright 2003-2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
+# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
+#
+# This file is part of CubicWeb.
+#
+# CubicWeb is free software: you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free
+# Software Foundation, either version 2.1 of the License, or (at your option)
+# any later version.
+#
+# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Lesser General Public License along
+# with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.
+"""unit tests for cubicweb.web.application"""
+
+import base64, Cookie
+import os
+import sys
+import logging
+import tempfile
+
+from logilab.common.testlib import TestCase, unittest_main
+from logilab.common.decorators import clear_cache
+
+from cubicweb import AuthenticationError, Unauthorized
+from cubicweb.devtools.testlib import CubicWebTC
+from cubicweb.devtools.fake import FakeRequest
+from cubicweb.web import LogOut, Redirect, INTERNAL_FIELD_VALUE
+from cubicweb.web.views.basecontrollers import ViewController
+
+CONFIG = u'''secret-key=%s'''
+secretfile = None
+
+
+class TrustAuthTC(CubicWebTC):
+    def setUp(self):
+        if self.config._cubes is None:
+            self.config.init_cubes(self.config.expand_cubes(('trustedauth',)))
+        self.set_option('secret-key', "mysecret")
+        super(TrustAuthTC, self).setUp()
+
+    def setup_database(self):
+        for log in 'cubicweb', 'cubicweb.cubes', 'cubicweb.twisted':
+            logger = logging.getLogger(log)
+            logger.handlers = [logging.StreamHandler(sys.stdout)]
+            logger.setLevel(logging.DEBUG)
+
+    def _reset_cookie(self, req):
+        # preparing the suite of the test
+        # set session id in cookie
+        cookie = Cookie.SimpleCookie()
+        sessioncookie = self.app.session_handler.session_cookie(req)
+        cookie[sessioncookie] = req.session.sessionid
+        req._headers['Cookie'] = cookie[sessioncookie].OutputString()
+        clear_cache(req, 'get_authorization')
+        # reset session as if it was a new incoming request
+        req.session = req.cnx = None
+
+    def _test_auth_anon(self, req):
+        self.app.connect(req)
+        asession = req.session
+        self.assertEqual(len(self.open_sessions), 1)
+        self.assertEqual(asession.login, 'anon')
+        self.assertEqual(asession.authinfo['password'], 'anon')
+        self.failUnless(asession.anonymous_session)
+        self._reset_cookie(req)
+
+    def _test_anon_auth_fail(self, req):
+        self.assertEqual(len(self.open_sessions), 1)
+        self.app.connect(req)
+        self.assertEqual(req.message, 'authentication failure')
+        self.assertEqual(req.session.anonymous_session, True)
+        self.assertEqual(len(self.open_sessions), 1)
+        self._reset_cookie(req)
+
+    def test_login(self):
+        req, origsession = self.init_authentication('http', 'anon')
+        req._headers['x-remote-user'] = 'admin'
+        self.assertAuthSuccess(req, origsession)
+        #self.assertEqual(req.session.authinfo, {'secret': origsession.authinfo['password']})
+        self.assertRaises(LogOut, self.app_publish, req, 'logout')
+        self.assertEqual(len(self.open_sessions), 0)
+
+    # XXX what is the correct test here?
+    def test_failed_login(self):
+        req, origsession = self.init_authentication('http', 'anon')
+        req._headers['x-remote-user'] = 'toto'
+        self._test_auth_anon(req)
+        #self.assertAuthFailure(req)
+        #req, origsession = self.init_authentication('http', 'anon')
+        req._headers['x-remote-user'] = 'admin'
+        self.assertAuthSuccess(req, origsession)
+        #self.assertEqual(req.session.authinfo, {'secret': origsession.authinfo['password']})
+        self.assertRaises(LogOut, self.app_publish, req, 'logout')
+        self.assertEqual(len(self.open_sessions), 0)
--- a/views.py
+++ b/views.py
@@ -11,7 +11,7 @@ import base64
 from cubicweb.selectors import objectify_selector
 from cubicweb.web.views import authentication, actions, basecontrollers

-from cubes.apachekerberos.cryptutils import build_cypher
+from cubes.trustedauth.cryptutils import build_cypher

 # web authentication info retreiver ############################################


--- a/wdoc/setup_fr
+++ b/wdoc/setup_fr
@@ -279,7 +279,7 @@ Dans /etc/apache2/sites-available/cw-kerberos::
 Configuration CubicWeb
 ~~~~~~~~~~~~~~~~~~~~~~

-Utiliser et configurer le cube apachekerberos: il faut créer un
+Utiliser et configurer le cube trustedauth : il faut créer un
 fichier contenant la "clef secrète" (dont la taille doit être un
 multiple de 16 octets) et donner le chemin vers ce fichier dans le
 all-in-one.conf::