diff --git a/.gitignore b/.gitignore index 67ddc0c..b0a5bcc 100644 --- a/.gitignore +++ b/.gitignore @@ -7,4 +7,6 @@ *_flymake.py *#* tests/test-indexes/* -/doc/example-index/* \ No newline at end of file +/doc/example-index/* +env*/ +tmp/ diff --git a/README.rst b/README.rst index 8330761..773bcb2 100644 --- a/README.rst +++ b/README.rst @@ -75,7 +75,7 @@ Run The following will start the application and a static file server for `CheesePrism` suitable for testing and development:: - $ paster serve development.ini + $ pserve development.ini **If** you have not installed the source (ie. you installed the package or from the strap file), you will need to copy the @@ -114,11 +114,11 @@ See ``doc/sample-nginx.conf`` and replace ``alias CheesePrism/files;`` and Serve management app ~~~~~~~~~~~~~~~~~~~~ -Use the prod.ini (edited for your setup) for simplest serving. Be sure +Use the production.ini (edited for your setup) for simplest serving. Be sure to remove such things as ``pyramid.includes = pyramid_debugtoolbar`` if security is a concern:: - $ paster serve prod.ini + $ pserve production.ini Sane people use something like upstart or `supervisord `_ to manage this process. @@ -138,23 +138,22 @@ python2.6 and better you can setup your ``~/.pypirc`` and then upload to your prism as you would `pypi `_:: [distutils] - index-servers = - pypi - local + index-servers = + pypi + local [pypi] - username:user - password:secret + username:user + password:secret [local] - # your prism of fromage - username:user - password:secret - repository:http://mycheese + # your prism of fromage + username:user + password:secret + repository:http://localhost:6543/simple - -The you can upload a source ala:: +Then you can upload a source ala:: $ cd /src/MyAwesomePyPkg $ python setup.py sdist upload -r local diff --git a/cheeseprism/auth.py b/cheeseprism/auth.py index 55118cc..21bfd4f 100644 --- a/cheeseprism/auth.py +++ b/cheeseprism/auth.py @@ -1,5 +1,3 @@ -from paste.httpheaders import AUTHORIZATION -from paste.httpheaders import WWW_AUTHENTICATE from pyramid.interfaces import IAuthenticationPolicy from pyramid.security import Authenticated from pyramid.security import Everyone @@ -41,11 +39,10 @@ def authenticated_userid(self, request): @staticmethod def _get_credentials(request): - authorization = AUTHORIZATION(request.environ) - try: - authmeth, auth = authorization.split(' ', 1) - except ValueError: # not enough values to unpack + authorization = request.authorization + if authorization is None: return None + authmeth, auth = request.authorization if authmeth.lower() == 'basic': try: auth = auth.strip().decode('base64') @@ -83,8 +80,8 @@ def remember(self, request, principal, **kw): return [] def forget(self, request): - head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm) - return head + headers = [('WWW-Authenticate', 'Basic realm="%s"' % self.realm)] + return headers @staticmethod def noop_check(credentials, request): diff --git a/setup.py b/setup.py index cdd897c..80d204e 100644 --- a/setup.py +++ b/setup.py @@ -13,7 +13,8 @@ 'pyramid_debugtoolbar', 'pyramid_jinja2', 'requests', - 'pip'] + 'pip', + 'Paste'] setup(name='CheesePrism', version='0.1a2', diff --git a/tests/test_auth.py b/tests/test_auth.py index 4148332..e74fa93 100644 --- a/tests/test_auth.py +++ b/tests/test_auth.py @@ -11,7 +11,7 @@ def makeone(self, check=None): def setUp(self): self.req = CPDummyRequest() - self.req.environ['HTTP_AUTHORIZATION'] = 'Basic d2hpdDpzZWNyZXQ=' + self.req.authorization = ('Basic', 'd2hpdDpzZWNyZXQ=') self.req.headers['Authorization'] = 'Basic d2hpdDpzZWNyZXQ=' self.req.environ['wsgi.version'] = '1.0' @@ -22,7 +22,7 @@ def test_authenticated_userid(self): def test_authenticated_userid_nocred(self): policy = self.makeone() - del self.req.environ['HTTP_AUTHORIZATION'] + self.req.authorization = None userid = policy.authenticated_userid(self.req) assert userid is None @@ -34,16 +34,16 @@ def test_get_cred_good(self): def test_get_cred_bad(self): from cheeseprism.auth import BasicAuthenticationPolicy as policy - self.req.environ['HTTP_AUTHORIZATION'] = 'bleh' + self.req.authorization = None assert policy._get_credentials(self.req) is None - self.req.environ['HTTP_AUTHORIZATION'] = 'Basic 123' + self.req.authorization = ('Basic', '123') assert policy._get_credentials(self.req) is None - self.req.environ['HTTP_AUTHORIZATION'] = 'Basic d2hpdCtzZWNyZXQ=\n' + self.req.authorization = ('Basic', 'd2hpdCtzZWNyZXQ=\n') assert policy._get_credentials(self.req) is None - self.req.environ['HTTP_AUTHORIZATION'] = 'fah nah' + self.req.authorization = ('fah', 'nah') assert policy._get_credentials(self.req) is None def test_effective_principals(self): @@ -52,7 +52,7 @@ def test_effective_principals(self): assert princs == ['system.Everyone', 'system.Authenticated', 'whit'] def test_effective_p_without_cred(self): - self.req.environ['HTTP_AUTHORIZATION'] = 'Basic d2hpdCtzZWNyZXQ=\n' + self.req.authorization = ('Basic', 'd2hpdCtzZWNyZXQ=\n') policy = self.makeone() assert policy.effective_principals(self.req) == ['system.Everyone'] @@ -63,7 +63,7 @@ def test_effective_p_without_groups(self): def test_unauth_userid(self): policy = self.makeone() assert 'whit' == policy.unauthenticated_userid(self.req) - self.req.environ['HTTP_AUTHORIZATION'] = 'Bad Auth' + self.req.authorization = ('Bad', 'Auth') assert policy.unauthenticated_userid(self.req) is None