twisted.web.guard.HTTPAuthSessionWrapper

class documentation

class HTTPAuthSessionWrapper: (source)

Constructor: HTTPAuthSessionWrapper(portal, credentialFactories)

Implements interfaces: twisted.web.resource.IResource

Wrap a portal, enforcing supported header-based authentication schemes.

Method	`__init__`	Initialize a session wrapper
Method	`getChildWithDefault`	Inspect the Authorization HTTP header, and return a deferred which, when fired after successful authentication, will return an authorized `Avatar`. On authentication failure, an `UnauthorizedResource` will be returned, essentially halting further dispatch on the wrapped resource and all children...
Method	`putChild`	Put a child `IResource` implementor at the given path.
Method	`render`	Find the `IResource` avatar suitable for the given request, if possible, and render it. Otherwise, perhaps render an error page requiring authorization or describing an internal server failure.
Class Variable	`isLeaf`	Signal if this IResource implementor is a "leaf node" or not. If True, getChildWithDefault will not be called on this Resource.
Method	`_authorizedResource`	Get the `IResource` which the given request is authorized to receive. If the proper authorization headers are present, the resource will be requested from the portal. If not, an anonymous login attempt will be made.
Method	`_login`	Get the `IResource` avatar for the given credentials.
Method	`_loginFailed`	Handle login failure by presenting either another challenge (for expected authentication/authorization-related failures) or a server error page (for anything else).
Method	`_loginSucceeded`	Handle login success by wrapping the resulting `IResource` avatar so that the `logout` callback will be invoked when rendering is complete.
Method	`_selectParseHeader`	Choose an `ICredentialFactory` from `_credentialFactories` suitable to use to decode the given Authenticate header.
Class Variable	`_log`	Undocumented
Instance Variable	`_credentialFactories`	A list of `ICredentialFactory` providers which will be used to decode Authorization headers into `ICredentials` providers.
Instance Variable	`_portal`	The `Portal` which will be used to retrieve `IResource` avatars.

def __init__(self, portal, credentialFactories): (source) ¶

Initialize a session wrapper

Parameters
portal:`Portal`	The portal that will authenticate the remote client
credentialFactories:`Iterable`	The portal that will authenticate the remote client based on one submitted `ICredentialFactory`

def getChildWithDefault(self, path, request): (source) ¶

from twisted.web.resource.IResource

Inspect the Authorization HTTP header, and return a deferred which, when fired after successful authentication, will return an authorized Avatar. On authentication failure, an UnauthorizedResource will be returned, essentially halting further dispatch on the wrapped resource and all children

def putChild(self, path, child): (source) ¶

from twisted.web.resource.IResource

Put a child IResource implementor at the given path.

Parameters

path

A single path component, to be interpreted relative to the path this resource is found at, at which to put the given child. For example, if resource A can be found at http://example.com/foo then a call like A.putChild(b"bar", B) will make resource B available at http://example.com/foo/bar.

The path component is not URL-encoded -- pass b'foo bar' rather than b'foo%20bar'.

child Undocumented

def render(self, request): (source) ¶

from twisted.web.resource.IResource

Find the IResource avatar suitable for the given request, if possible, and render it. Otherwise, perhaps render an error page requiring authorization or describing an internal server failure.

isLeaf: bool = (source) ¶

from twisted.web.resource.IResource

Signal if this IResource implementor is a "leaf node" or not. If True, getChildWithDefault will not be called on this Resource.

def _authorizedResource(self, request): (source) ¶

Get the IResource which the given request is authorized to receive. If the proper authorization headers are present, the resource will be requested from the portal. If not, an anonymous login attempt will be made.

def _login(self, credentials): (source) ¶

Get the IResource avatar for the given credentials.

Returns
A `Deferred` which will be called back with an `IResource` avatar or which will errback if authentication fails.

def _loginFailed(self, result): (source) ¶

Handle login failure by presenting either another challenge (for expected authentication/authorization-related failures) or a server error page (for anything else).

def _loginSucceeded(self, args): (source) ¶

Handle login success by wrapping the resulting IResource avatar so that the logout callback will be invoked when rendering is complete.

def _selectParseHeader(self, header): (source) ¶

Choose an ICredentialFactory from _credentialFactories suitable to use to decode the given Authenticate header.

Returns
A two-tuple of a factory and the remaining portion of the header value to be decoded or a two-tuple of `None` if no factory can decode the header value.

_log = (source) ¶

Undocumented

_credentialFactories = (source) ¶

A list of ICredentialFactory providers which will be used to decode Authorization headers into ICredentials providers.

_portal = (source) ¶

The Portal which will be used to retrieve IResource avatars.