From: Jean-Paul Calderone Date: Sun, 4 Jan 2015 14:48:38 +0000 (-0500) Subject: Give out FTPAvatarID objects instead. X-Git-Tag: allmydata-tahoe-1.10.1a1~90 X-Git-Url: https://git.rkrishnan.org/components/com_hotproperty/flags/configuration.rst?a=commitdiff_plain;h=102d581a9091679eab6538887c0d60ac33d092f7;p=tahoe-lafs%2Ftahoe-lafs.git Give out FTPAvatarID objects instead. --- diff --git a/src/allmydata/frontends/auth.py b/src/allmydata/frontends/auth.py index 745adbe8..bba6d64b 100644 --- a/src/allmydata/frontends/auth.py +++ b/src/allmydata/frontends/auth.py @@ -43,9 +43,12 @@ class AccountFileChecker: rootcap = rest self.rootcaps[name] = rootcap + def _avatarId(self, username): + return FTPAvatarID(username, self.rootcaps[username]) + def _cbPasswordMatch(self, matched, username): if matched: - return FTPAvatarID(username, self.rootcaps[username]) + return self._avatarId(username) raise error.UnauthorizedLogin def requestAvatarId(self, creds): @@ -110,7 +113,7 @@ class AccountFileChecker: if creds.signature is None: return defer.fail(conch_error.ValidPublicKey()) if self._correctSignature(creds): - return defer.succeed(creds.username) + return defer.succeed(self._avatarId(creds.username)) return defer.fail(error.UnauthorizedLogin()) class AccountURLChecker: diff --git a/src/allmydata/test/test_auth.py b/src/allmydata/test/test_auth.py index 46c2fbfb..b61531b1 100644 --- a/src/allmydata/test/test_auth.py +++ b/src/allmydata/test/test_auth.py @@ -103,10 +103,11 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQDJGMWlPXh2M3pYzTiamjcBIMqctt4VvLVW2QZgEFc8 def test_authenticated(self): """ - AccountFileChecker.requestAvatarId returns a Deferred that fires with - the username portion of the account file line that matches the username - and key blob portion of the SSHPrivateKey object if that object also - has a correct signature. + If called with an SSHPrivateKey object with a username and public key + found in the account file and a signature that proves possession of the + corresponding private key, AccountFileChecker.requestAvatarId returns a + Deferred that fires with an FTPAvatarID giving the username and root + capability for that user. """ username = b"carol" signed_data = b"signed data" @@ -115,5 +116,10 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQDJGMWlPXh2M3pYzTiamjcBIMqctt4VvLVW2QZgEFc8 key_credentials = credentials.SSHPrivateKey( username, b"md5", right_key_blob, signed_data, signature) avatarId = self.checker.requestAvatarId(key_credentials) - avatarId.addCallback(self.assertEqual, username) + def authenticated(avatarId): + self.assertEqual( + (username, + b"URI:DIR2:cccccccccccccccccccccccccc:3333333333333333333333333333333333333333333333333333"), + (avatarId.username, avatarId.rootcap)) + avatarId.addCallback(authenticated) return avatarId