Ϫf,>UdZddlZddlmZmZmZmZmZddlm Z m Z m Z ddl m Z ddlmZmZmZddlmZddlmZdd lmZdd lmZd Zed ed <Gd de Ze eGddZe eGddZe eGddZeZ y)zf Basic credential checkers @var ANONYMOUS: An empty tuple used to represent the anonymous avatar ID. N)AnyDictOptionalTupleUnion) Attribute Interface implementer)error) IAnonymousIUsernameHashedPasswordIUsernamePassword)defer)Deferred)Logger)failure ANONYMOUScFeZdZdZedZdedeee e dffdZ y)ICredentialsCheckerzE An object that can check sub-interfaces of L{ICredentials}. zNA list of sub-interfaces of L{ICredentials} which specifies which I may check. credentialsreturnrcy)a Validate credentials and produce an avatar ID. @param credentials: something which implements one of the interfaces in C{credentialInterfaces}. @return: a L{Deferred} which will fire with a L{bytes} that identifies an avatar, an empty tuple to specify an authenticated anonymous user (provided as L{twisted.cred.checkers.ANONYMOUS}) or fail with L{UnauthorizedLogin}. Alternatively, return the result itself. @see: L{twisted.cred.credentials} Nr)rs 7/usr/lib/python3/dist-packages/twisted/cred/checkers.pyrequestAvatarIdz#ICredentialsChecker.requestAvatarId3sN) __name__ __module__ __qualname____doc__rcredentialInterfacesrrrbytesrrrrrrr)s?%   S  XeE59failr r;r's rrz7InMemoryUsernamePasswordDatabaseDontUse.requestAvatarIdst   4:: -&&))4::k6J6J+Kk$//1E1EF G::e5578 8r) rrrr rr r!r"r2r6r>rrrrr*r*VsQ$  FF$F$ ( ( (4 (> 9rr*ceZdZUdZdZdZeeeefe d<dZ e e d<e Z ddZdZd Zd Zd ed eeeffd Zded eeeedffdZy)FilePasswordDBaz A file-based, text-based username/password database. Records in the datafile for this class are delimited by a particular string. The username appears in a fixed field of the columns delimited by this string, as does the password. Both fields are specifiable. If the passwords are not stored plaintext, a hash function must be supplied to convert plaintext passwords to the form stored on disk and this CredentialsChecker will only be able to check L{IUsernamePassword} credentials. If the passwords are stored plaintext, L{IUsernameHashedPassword} credentials will be checkable as well. FN _credCacher_cacheTimestampc||_||_||_||_||_||_||_|j ttf|_ ytf|_ y)a @type filename: L{str} @param filename: The name of the file from which to read username and password information. @type delim: L{bytes} @param delim: The field delimiter used in the file. @type usernameField: L{int} @param usernameField: The index of the username after splitting a line on the delimiter. @type passwordField: L{int} @param passwordField: The index of the password after splitting a line on the delimiter. @type caseSensitive: L{bool} @param caseSensitive: If true, consider the case of the username when performing a lookup. Ignore it otherwise. @type hash: Three-argument callable or L{None} @param hash: A function used to transform the plaintext password received over the network to a format suitable for comparison against the version stored on disk. The arguments to the callable are the username, the network-supplied password, and the in-file version of the password. If the return value compares equal to the version stored on disk, the credentials are accepted. @type cache: L{bool} @param cache: If true, maintain an in-memory cache of the contents of the password file. On lookups, the mtime of the file will be checked, and the file will only be re-parsed if the mtime is newer than when the cache was generated. N) filenamedelimufieldpfield caseSensitivehashcacherr r!)r(rJrK usernameField passwordFieldrNrOrPs rr2zFilePasswordDB.__init__s`X!  # # *  99 "')D %*;(zFilePasswordDB._cbPasswordMatchr?rc#fK t|jd5}|D]}|j}|j|j}|j t |k\s|jt |k\r_|jr!||j ||jf||j j||jf dddy#1swYyxYw#t$r6}|jjd|tjd}~wwxYww)a Loads the credentials from the configured file. @return: An iterable of C{username, password} couples. @rtype: C{iterable} @raise UnauthorizedLogin: when failing to read the credentials from the file. rbNz$Unable to load credentials db: {e!r})e)openrJrstripsplitrKrLlenrMrNlowerOSError_logr r;)r(flinepartsr]s r_loadCredentialszFilePasswordDB._loadCredentialss ,dmmT* Ma MD;;=D JJtzz2E{{c%j0DKK3u:4M ))#DKK0% 2DDD#DKK0668% :LLL M M M M , IIOOBaO H))+ + ,sLD1C/B?C#C/"D1#C,(C/+D1,C// D.81D))D..D1r3rc|js|j}|jr|j6tj j |j|jkDrLtj j |j|_t|j|_||j|fS|jD]\}}||k(s ||fcSt|)a Look up the credentials for a username. @param username: The username to look up. @type username: L{bytes} @returns: Two-tuple of the canonicalicalized username (i.e. lowercase if the database is not case sensitive) and the associated password value, both L{bytes}. @rtype: L{tuple} @raises KeyError: When lookup of the username fails. ) rNrbrPrGospathgetmtimerJrHrTrhrV)r(r3ups rgetUserzFilePasswordDB.getUsers!!~~'H ::'77##DMM2T5I5II')ww'7'7 'F$"&t'<'<'>"?T__X66 6--/ 1=a4K 8$ $rrrc$ |j|j\}}t|d}|jrj|A|j|j|j|}||k(rt j |St jtjSt j|j|j|j|S#t$r*t jtjcYSwxYwr8)ror3rrOr4rr&rDr r;rArBrCr>rV)r(rrmrnuphs rrzFilePasswordDB.requestAvatarId7s << 4 45DAq#;5Byy> "++r{{A>AAv$}}Q//zz%"9"9";<<**;+D+DaHTT))1 9::e5578 8 9sC0DD):rTNF)rrrr rPrGrrr"__annotations__rHfloatrrdr2rYr>rhrrorrrrrrrrFrFs  E/3JeUl+,3OU 8D  >=@> ,4%%%u *=%>, %uRy() *rrF)!r rjtypingrrrrrzope.interfacerr r twisted.credr twisted.cred.credentialsr r rtwisted.internetrtwisted.internet.deferrtwisted.loggerrtwisted.pythonrrrurr$r*rFOnDiskUsernamePasswordDatabaserrrrs  44<< #+!" 59 ) 4 !(("($ !A9A9"A9H !mm"md"0r