sys/lib/python/hgext/hgfactotum.py

   1 ''' factotum support '''
   2
   3 import mercurial.url
   4 import urllib2
   5 import factotum
   6 import base64
   7
   8 class factotumbasic(urllib2.BaseHandler):
   9         def __init__(self, passmgr=None):
  10                 self.f = factotum.Factotum()
  11         def http_error_401(self, req, fp, code, msg, headers):
  12                 host = urllib2.urlparse.urlparse(req.get_full_url())[1]
  13                 authreq = headers.get('www-authenticate', None)
  14                 if authreq == None: return None
  15                 authreq = authreq.split(' ', 1)
  16                 if authreq[0].lower() != 'basic': return None
  17                 chal = urllib2.parse_keqv_list(urllib2.parse_http_list(authreq[1]))
  18                 realm = chal['realm']
  19                 self.f.start(proto="pass", host=host, realm=realm, role="client")
  20                 pw = self.f.read()
  21                 user = self.f.attr()["user"]
  22                 val = 'Basic %s' % base64.b64encode(user + ':' + pw).strip()
  23                 if req.headers.get('Authorization', None) == val: return None
  24                 req.add_header('Authorization', val)
  25                 return self.parent.open(req)
  26
  27 class factotumdigest(urllib2.BaseHandler):
  28         auth_header = 'Authorization'
  29         handler_order = 490
  30
  31         def __init__(self, passmgr=None):
  32                 self.f = factotum.Factotum()
  33                 self.retried = 0
  34         def http_error_401(self, req, fp, code, msg, headers):
  35                 self.retried += 1
  36                 host = urllib2.urlparse.urlparse(req.get_full_url())[1]
  37                 authreq = headers.get('www-authenticate', None)
  38                 if authreq == None: return None
  39                 authreq = authreq.split(' ', 1)
  40                 if authreq[0].lower() != 'digest': return None
  41                 chal = urllib2.parse_keqv_list(urllib2.parse_http_list(authreq[1]))
  42                 realm = chal['realm']
  43                 nonce = chal['nonce']
  44                 if self.retried >= 6:
  45                         self.f.delkey(proto="httpdigest", realm=realm, host=host)
  46                 self.f.start(proto="httpdigest", role="client", realm=realm, host=host)
  47                 self.f.write(nonce + ' ' + req.get_method() + ' ' + req.get_selector())
  48                 resp = self.f.read()
  49                 user = self.f.attr()["user"]
  50                 self.f.close()
  51                 val = 'Digest username="%s", realm="%s", nonce="%s", uri="%s", response="%s", algorithm=MD5' % (user, realm, nonce, req.get_selector(), resp)
  52                 if req.headers.get('Authorization', None) == val: return None
  53                 req.add_unredirected_header('Authorization', val)
  54                 result = self.parent.open(req)
  55                 self.retried = 0
  56                 return result
  57
  58 urllib2.HTTPBasicAuthHandler = factotumbasic
  59 mercurial.url.httpdigestauthhandler = factotumdigest