added HTTP Basic to hgfactotum

This commit is contained in:
aiju 2011-05-09 18:53:34 +00:00
parent ea0fe9a39b
commit d232167dc3
2 changed files with 74 additions and 7 deletions

View file

@ -17,11 +17,14 @@ class Factotum:
msg = 'start' msg = 'start'
for k, v in args.iteritems(): for k, v in args.iteritems():
msg += ' ' + k + '=\'' + v + '\'' msg += ' ' + k + '=\'' + v + '\''
while True:
self.f.write(msg) self.f.write(msg)
ret = self.f.read(4096) ret = self.f.read(4096)
if ret[:7] != "needkey": break
self.needkey(ret[8:])
if ret == "ok": return if ret == "ok": return
if ret[:5] == "error": raise FactotumError(ret[6:]) if ret[:5] == "error": raise FactotumError(ret[6:])
raise FactotumError("unexpected " + ret) raise FactotumError("start: unexpected " + ret)
def needkey(self, string): def needkey(self, string):
subprocess.call(['/bin/auth/factotum', '-g', string]) subprocess.call(['/bin/auth/factotum', '-g', string])
def read(self): def read(self):
@ -34,7 +37,7 @@ class Factotum:
if ret[:3] == "ok ": return ret[3:] if ret[:3] == "ok ": return ret[3:]
if ret[:5] == "error": raise FactotumError(ret[6:]) if ret[:5] == "error": raise FactotumError(ret[6:])
if ret[:5] == "phase": raise PhaseError(ret[6:]) if ret[:5] == "phase": raise PhaseError(ret[6:])
raise FactotumError("unexpected " + ret) raise FactotumError("read: unexpected " + ret)
def write(self, data): def write(self, data):
while True: while True:
self.f.write('write ' + data) self.f.write('write ' + data)
@ -45,6 +48,48 @@ class Factotum:
if ret[:3] == "toosmall ": return int(ret[4:]) if ret[:3] == "toosmall ": return int(ret[4:])
if ret[:5] == "error": raise FactotumError(ret[6:]) if ret[:5] == "error": raise FactotumError(ret[6:])
if ret[:5] == "phase": raise PhaseError(ret[6:]) if ret[:5] == "phase": raise PhaseError(ret[6:])
raise FactotumError("write: unexpected " + ret)
def attr(self):
self.f.write('attr')
ret = self.f.read(4096)
if ret[:5] == "error": raise FactotumError(ret[6:])
if ret[:3] == "ok ":
dict = {}
ret = ret[3:]
mode = 0
key = ""
value = ""
while ret != "":
if mode == 0:
if ret[0] == '=':
if ret[1] == '\'':
mode = 2
ret = ret[1:]
else:
mode = 1
else:
key += ret[0]
elif mode == 1:
if ret[0] == ' ':
dict[key] = value
key = ""
value = ""
mode = 0
else:
value += ret[0]
elif mode == 2:
if ret[0] == '\'':
ret = ret[1:]
dict[key] = value
key = ""
value = ""
mode = 0
else:
value += ret[0]
if ret != "": ret = ret[1:]
if key != "":
dict[key] = value
return dict
raise FactotumError("unexpected " + ret) raise FactotumError("unexpected " + ret)
def close(self): def close(self):
self.f.close() self.f.close()

View file

@ -3,6 +3,26 @@
import mercurial.url import mercurial.url
import urllib2 import urllib2
import factotum import factotum
import base64
class factotumbasic(urllib2.BaseHandler):
def __init__(self, passmgr=None):
self.f = factotum.Factotum()
def http_error_401(self, req, fp, code, msg, headers):
host = urllib2.urlparse.urlparse(req.get_full_url())[1]
authreq = headers.get('www-authenticate', None)
if authreq == None: return None
authreq = authreq.split(' ', 1)
if authreq[0].lower() != 'basic': return None
chal = urllib2.parse_keqv_list(urllib2.parse_http_list(authreq[1]))
realm = chal['realm']
self.f.start(proto="pass", host=host, realm=realm, role="client")
pw = self.f.read()
user = self.f.attr()["user"]
val = 'Basic %s' % base64.b64encode(user + ':' + pw).strip()
if req.headers.get('Authorization', None) == val: return None
req.add_header('Authorization', val)
return self.parent.open(req)
class factotumdigest(urllib2.BaseHandler): class factotumdigest(urllib2.BaseHandler):
auth_header = 'Authorization' auth_header = 'Authorization'
@ -22,16 +42,18 @@ class factotumdigest(urllib2.BaseHandler):
realm = chal['realm'] realm = chal['realm']
nonce = chal['nonce'] nonce = chal['nonce']
if self.retried >= 6: if self.retried >= 6:
self.f.delkey(proto="httpdigest", realm=realm) self.f.delkey(proto="httpdigest", realm=realm, host=host)
self.f.start(proto="httpdigest", role="client", realm=realm) self.f.start(proto="httpdigest", role="client", realm=realm, host=host)
self.f.write(nonce + ' ' + req.get_method() + ' ' + req.get_selector()) self.f.write(nonce + ' ' + req.get_method() + ' ' + req.get_selector())
resp = self.f.read() resp = self.f.read()
user = self.f.attr()["user"]
self.f.close() self.f.close()
val = 'Digest username="%s", realm="%s", nonce="%s", uri="%s", response="%s", algorithm=MD5' % ("aiju", realm, nonce, req.get_selector(), resp) val = 'Digest username="%s", realm="%s", nonce="%s", uri="%s", response="%s", algorithm=MD5' % (user, realm, nonce, req.get_selector(), resp)
if req.headers.get('Authorization', None) == val: return None if req.headers.get('Authorization', None) == val: return None
req.add_unredirected_header('Authorization', val) req.add_unredirected_header('Authorization', val)
result = self.parent.open(req) result = self.parent.open(req)
self.retried = 0 self.retried = 0
return result return result
urllib2.HTTPBasicAuthHandler = factotumbasic
mercurial.url.httpdigestauthhandler = factotumdigest mercurial.url.httpdigestauthhandler = factotumdigest