Back to index

moin  1.9.0~rc2
interwiki.py
Go to the documentation of this file.
00001 # -*- coding: iso-8859-1 -*-
00002 """
00003     MoinMoin - authentication using a remote wiki
00004 
00005     @copyright: 2005 by Florian Festi,
00006                 2007-2008 by MoinMoin:ThomasWaldmann
00007     @license: GNU GPL, see COPYING for details.
00008 """
00009 
00010 import xmlrpclib
00011 
00012 from MoinMoin import log
00013 logging = log.getLogger(__name__)
00014 
00015 from MoinMoin import wikiutil, user
00016 from MoinMoin.auth import BaseAuth, ContinueLogin, CancelLogin
00017 
00018 class InterwikiAuth(BaseAuth):
00019     name = 'interwiki'
00020     logout_possible = True
00021     login_inputs = ['username', 'password']
00022 
00023     def __init__(self, trusted_wikis, autocreate=False):
00024         BaseAuth.__init__(self)
00025         self.trusted_wikis = trusted_wikis
00026         self.autocreate = autocreate
00027 
00028     def login(self, request, user_obj, **kw):
00029         username = kw.get('username')
00030         password = kw.get('password')
00031 
00032         if not username or not password:
00033             return ContinueLogin(user_obj)
00034 
00035         logging.debug("trying to authenticate %r" % username)
00036         wikiname, username = username.split(' ', 1) # XXX Hack because ':' is not allowed in name field
00037         wikitag, wikiurl, name, err = wikiutil.resolve_interwiki(request, wikiname, username)
00038 
00039         logging.debug("resolve wiki returned: %r %r %r %r" % (wikitag, wikiurl, name, err))
00040         if err or wikitag not in self.trusted_wikis:
00041             return ContinueLogin(user_obj)
00042 
00043         homewiki = xmlrpclib.ServerProxy(wikiurl + "?action=xmlrpc2")
00044         auth_token = homewiki.getAuthToken(name, password)
00045         if not auth_token:
00046             logging.debug("%r wiki did not return an auth token." % wikitag)
00047             return ContinueLogin(user_obj)
00048 
00049         logging.debug("successfully got an auth token for %r. trying to get user profile data..." % name)
00050 
00051         mc = xmlrpclib.MultiCall(homewiki)
00052         mc.applyAuthToken(auth_token)
00053         mc.getUserProfile()
00054         result, account_data = mc()
00055 
00056         if result != "SUCCESS":
00057             logging.debug("%r wiki did not accept auth token." % wikitag)
00058             return ContinueLogin(None)
00059 
00060         if not account_data:
00061             logging.debug("%r wiki did not return a user profile." % wikitag)
00062             return ContinueLogin(None)
00063 
00064         logging.debug("%r wiki returned a user profile." % wikitag)
00065 
00066         # TODO: check remote auth_attribs
00067         u = user.User(request, name=name, auth_method=self.name, auth_attribs=('name', 'aliasname', 'password', 'email', ))
00068         for key, value in account_data.iteritems():
00069             if key not in request.cfg.user_transient_fields:
00070                 setattr(u, key, value)
00071         u.valid = True
00072         if self.autocreate:
00073             u.create_or_update(True)
00074         logging.debug("successful interwiki auth for %r" % name)
00075         return ContinueLogin(u)
00076