External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-18 06:47:41 -02:30
Code Issues Packages Projects Releases Wiki Activity

Update authenticate method on auth backends to add required request param

Browse Source 
This became mandatory in Django 2.1.
This commit is contained in:
Jeff Bradberry
2019-07-12 11:15:07 -04:00
parent 261f1427e9
commit a691340986
2 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
awx/sso/backends.py
View File

@@ -98,7 +98,7 @@ class LDAPBackend(BaseLDAPBackend):
settings = property(_get_settings, _set_settings) settings = property(_get_settings, _set_settings)
def authenticate(self, username, password): def authenticate(self, request, username, password):
if self.settings.START_TLS and ldap.OPT_X_TLS_REQUIRE_CERT in self.settings.CONNECTION_OPTIONS: if self.settings.START_TLS and ldap.OPT_X_TLS_REQUIRE_CERT in self.settings.CONNECTION_OPTIONS:
# with python-ldap, if you want to set connection-specific TLS # with python-ldap, if you want to set connection-specific TLS
# parameters, you must also specify OPT_X_TLS_NEWCTX = 0 # parameters, you must also specify OPT_X_TLS_NEWCTX = 0
@@ -124,7 +124,7 @@ class LDAPBackend(BaseLDAPBackend):
raise ImproperlyConfigured( raise ImproperlyConfigured(
"{} must be an {} instance.".format(setting_name, type_) "{} must be an {} instance.".format(setting_name, type_)
) )
return super(LDAPBackend, self).authenticate(None, username, password) return super(LDAPBackend, self).authenticate(request, username, password)
except Exception: except Exception:
logger.exception("Encountered an error authenticating to LDAP") logger.exception("Encountered an error authenticating to LDAP")
return None return None
@@ -196,10 +196,10 @@ class RADIUSBackend(BaseRADIUSBackend):
Custom Radius backend to verify license status Custom Radius backend to verify license status
''' '''
def authenticate(self, username, password): def authenticate(self, request, username, password):
if not django_settings.RADIUS_SERVER: if not django_settings.RADIUS_SERVER:
return None return None
return super(RADIUSBackend, self).authenticate(None, username, password) return super(RADIUSBackend, self).authenticate(request, username, password)
def get_user(self, user_id): def get_user(self, user_id):
if not django_settings.RADIUS_SERVER: if not django_settings.RADIUS_SERVER:
@@ -217,7 +217,7 @@ class TACACSPlusBackend(object):
Custom TACACS+ auth backend for AWX Custom TACACS+ auth backend for AWX
''' '''
def authenticate(self, username, password): def authenticate(self, request, username, password):
if not django_settings.TACACSPLUS_HOST: if not django_settings.TACACSPLUS_HOST:
return None return None
try: try:
@@ -284,13 +284,13 @@ class SAMLAuth(BaseSAMLAuth):
idp_config = self.setting('ENABLED_IDPS')[idp_name] idp_config = self.setting('ENABLED_IDPS')[idp_name]
return TowerSAMLIdentityProvider(idp_name, **idp_config) return TowerSAMLIdentityProvider(idp_name, **idp_config)
def authenticate(self, *args, **kwargs): def authenticate(self, request, *args, **kwargs):
if not all([django_settings.SOCIAL_AUTH_SAML_SP_ENTITY_ID, django_settings.SOCIAL_AUTH_SAML_SP_PUBLIC_CERT, if not all([django_settings.SOCIAL_AUTH_SAML_SP_ENTITY_ID, django_settings.SOCIAL_AUTH_SAML_SP_PUBLIC_CERT,
django_settings.SOCIAL_AUTH_SAML_SP_PRIVATE_KEY, django_settings.SOCIAL_AUTH_SAML_ORG_INFO, django_settings.SOCIAL_AUTH_SAML_SP_PRIVATE_KEY, django_settings.SOCIAL_AUTH_SAML_ORG_INFO,
django_settings.SOCIAL_AUTH_SAML_TECHNICAL_CONTACT, django_settings.SOCIAL_AUTH_SAML_SUPPORT_CONTACT, django_settings.SOCIAL_AUTH_SAML_TECHNICAL_CONTACT, django_settings.SOCIAL_AUTH_SAML_SUPPORT_CONTACT,
django_settings.SOCIAL_AUTH_SAML_ENABLED_IDPS]): django_settings.SOCIAL_AUTH_SAML_ENABLED_IDPS]):
return None return None
user = super(SAMLAuth, self).authenticate(*args, **kwargs) user = super(SAMLAuth, self).authenticate(request, *args, **kwargs)
# Comes from https://github.com/omab/python-social-auth/blob/v0.2.21/social/backends/base.py#L91 # Comes from https://github.com/omab/python-social-auth/blob/v0.2.21/social/backends/base.py#L91
if getattr(user, 'is_new', False): if getattr(user, 'is_new', False):
_decorate_enterprise_user(user, 'saml') _decorate_enterprise_user(user, 'saml')

8
awx/sso/tests/unit/test_tacacsplus.py
View File

@@ -4,7 +4,7 @@ from unittest import mock
def test_empty_host_fails_auth(tacacsplus_backend): def test_empty_host_fails_auth(tacacsplus_backend):
with mock.patch('awx.sso.backends.django_settings') as settings: with mock.patch('awx.sso.backends.django_settings') as settings:
settings.TACACSPLUS_HOST = '' settings.TACACSPLUS_HOST = ''
ret_user = tacacsplus_backend.authenticate(u"user", u"pass") ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass")
assert ret_user is None assert ret_user is None
@@ -16,7 +16,7 @@ def test_client_raises_exception(tacacsplus_backend):
mock.patch('tacacs_plus.TACACSClient', return_value=client): mock.patch('tacacs_plus.TACACSClient', return_value=client):
settings.TACACSPLUS_HOST = 'localhost' settings.TACACSPLUS_HOST = 'localhost'
settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii' settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii'
ret_user = tacacsplus_backend.authenticate(u"user", u"pass") ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass")
assert ret_user is None assert ret_user is None
logger.exception.assert_called_once_with( logger.exception.assert_called_once_with(
"TACACS+ Authentication Error: foo" "TACACS+ Authentication Error: foo"
@@ -32,7 +32,7 @@ def test_client_return_invalid_fails_auth(tacacsplus_backend):
mock.patch('tacacs_plus.TACACSClient', return_value=client): mock.patch('tacacs_plus.TACACSClient', return_value=client):
settings.TACACSPLUS_HOST = 'localhost' settings.TACACSPLUS_HOST = 'localhost'
settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii' settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii'
ret_user = tacacsplus_backend.authenticate(u"user", u"pass") ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass")
assert ret_user is None assert ret_user is None
@@ -48,5 +48,5 @@ def test_client_return_valid_passes_auth(tacacsplus_backend):
mock.patch('awx.sso.backends._get_or_set_enterprise_user', return_value=user): mock.patch('awx.sso.backends._get_or_set_enterprise_user', return_value=user):
settings.TACACSPLUS_HOST = 'localhost' settings.TACACSPLUS_HOST = 'localhost'
settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii' settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii'
ret_user = tacacsplus_backend.authenticate(u"user", u"pass") ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass")
assert ret_user == user assert ret_user == user