From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Sun, 4 Jan 2015 14:48:38 +0000 (-0500)
Subject: Give out FTPAvatarID objects instead.
X-Git-Tag: allmydata-tahoe-1.10.1a1~90
X-Git-Url: https://git.rkrishnan.org/Site/Content/Exhibitors/quickstart.html?a=commitdiff_plain;h=102d581a9091679eab6538887c0d60ac33d092f7;p=tahoe-lafs%2Ftahoe-lafs.git

Give out FTPAvatarID objects instead.
---

diff --git a/src/allmydata/frontends/auth.py b/src/allmydata/frontends/auth.py
index 745adbe8..bba6d64b 100644
--- a/src/allmydata/frontends/auth.py
+++ b/src/allmydata/frontends/auth.py
@@ -43,9 +43,12 @@ class AccountFileChecker:
                 rootcap = rest
             self.rootcaps[name] = rootcap
 
+    def _avatarId(self, username):
+        return FTPAvatarID(username, self.rootcaps[username])
+
     def _cbPasswordMatch(self, matched, username):
         if matched:
-            return FTPAvatarID(username, self.rootcaps[username])
+            return self._avatarId(username)
         raise error.UnauthorizedLogin
 
     def requestAvatarId(self, creds):
@@ -110,7 +113,7 @@ class AccountFileChecker:
             if creds.signature is None:
                 return defer.fail(conch_error.ValidPublicKey())
             if self._correctSignature(creds):
-                return defer.succeed(creds.username)
+                return defer.succeed(self._avatarId(creds.username))
         return defer.fail(error.UnauthorizedLogin())
 
 class AccountURLChecker:
diff --git a/src/allmydata/test/test_auth.py b/src/allmydata/test/test_auth.py
index 46c2fbfb..b61531b1 100644
--- a/src/allmydata/test/test_auth.py
+++ b/src/allmydata/test/test_auth.py
@@ -103,10 +103,11 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQDJGMWlPXh2M3pYzTiamjcBIMqctt4VvLVW2QZgEFc8
 
     def test_authenticated(self):
         """
-        AccountFileChecker.requestAvatarId returns a Deferred that fires with
-        the username portion of the account file line that matches the username
-        and key blob portion of the SSHPrivateKey object if that object also
-        has a correct signature.
+        If called with an SSHPrivateKey object with a username and public key
+        found in the account file and a signature that proves possession of the
+        corresponding private key, AccountFileChecker.requestAvatarId returns a
+        Deferred that fires with an FTPAvatarID giving the username and root
+        capability for that user.
         """
         username = b"carol"
         signed_data = b"signed data"
@@ -115,5 +116,10 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQDJGMWlPXh2M3pYzTiamjcBIMqctt4VvLVW2QZgEFc8
         key_credentials = credentials.SSHPrivateKey(
             username, b"md5", right_key_blob, signed_data, signature)
         avatarId = self.checker.requestAvatarId(key_credentials)
-        avatarId.addCallback(self.assertEqual, username)
+        def authenticated(avatarId):
+            self.assertEqual(
+                (username,
+                 b"URI:DIR2:cccccccccccccccccccccccccc:3333333333333333333333333333333333333333333333333333"),
+                (avatarId.username, avatarId.rootcap))
+        avatarId.addCallback(authenticated)
         return avatarId