Skip to main content

Powerfull and useful library to integrate mod_auth_tkt and mod_auth_pubtkt into your projects.

Project description

Welcome to mod_auth’s documentation!

Requirement

  • Python2.6+

  • M2Crypto library

  • Setuptools

  • pip

Installation

To install mod_auth Library you can run this command from unix shell:

>>> sudo pip install https://github.com/b3c/mod_auth/zipball/master

Mod_Auth

This module implements the session cookie format from mod_auth_tkt and mod_auth_pubtkt. In this documentation show you how to use and integrate mod_auth library into your project.

Contributors:

Before start I want say a BIG TANKS to plone.session team for tkauth.py module. It help us to start with this library:

plone-session: https://github.com/plone/plone.session/blob/master/p lone/session/tktauth.py

And to Andrey Plotnikov for a easy implementation fo mod_auth_pubtkt

auth_pubtkt: https://github.com/AndreyPlotnikov/auth_pubtkt

Simple use

To start with mod_auth Library you can use Simple function to create and validate Ticket. They based on mod_auth_tkt cookie authentication and work with minimum set of attribute , SECRET and USERID. SECRET have to be shared with all server where you intend to use tickets system authetication. Example of use:

>>> from mod_auth import createSimpleTicket
>>> from mod_auth import validateSimpleTicket
>>> SECRET = 'b8fb7b6df0d64dd98b8ccd00577434d7'
>>> userid = 'testUser'
#Ticket creation
>>> tkt = createSimpleTicket(SECRET,userid)
>>> tkt
>>> '1cfdad68a9f9b70227da2bbd99ca462e5011c7b7testUser!'
#Ticket validation
>>> validateSimpleTicket(tkt)
>>> (u'testUser', (), u'', 1343342519)

static mod_auth.createSimpleTicket(secret, userid, tokens=(), user_data=())

Simple way to use mod_auth_tkt cookie authentication. To create a ticket it need only of SECRET and userid.

Arguments:

“secret” (string):

secret key.

“userid” (string):

Unique user identifier.

Optional arguments:

“tokens” (tupla):

tokens list.

“user_data” (tupla):

user data list

Return:

“ticket” (string):

mod_auth_ticket format.

static mod_auth.validateSimpleTicket(secret, ticket)

Simple way to use mod_auth_tkt cookie authentication. To validate a ticket it need only of SECRET and ticket.

Arguments:

“secret” (string):

secret key.

“ticket” (string):

Ticket string value.

Return:

“fields” (tupla):

ticket’s fields format (userid, tocken, userdata, validuntil)

SignedTicket

class class mod_auth.mod_auth.SignedTicket(pub_key_Path, priv_key_Path=None)

Mod_auth_pubtkt style cookie authentication class.

validateTkt(ticket, now=None, encoding=’utf8’)

Parse and verify auth_pubtkt ticket.

Returns tupla with ticket’s fields format: (userid, tocken, userdata, validuntil)

“TicketParseError” exceptions can be raised in case of invalid ticket format or signature verification failure.

“TicketExpired” exceptions raised if ticket expire.

Arguments:

“ticket” (string):

Ticket string value.

“now” (string):

Timestamp of client datetime, if not set , server timestamp is used.

“encoding”:

encoding of the data into ticket

Return:

“fields” (tupla):

ticket’s fields format (userid, tocken, userdata, validuntil)

createTkt(userid, tokens=(), user_data=(), cip=’0.0.0.0’, validuntil=None, encoding=’utf8’)

Create mod_auth_pubtkt ticket.

Returns a valid ticket string.

Arguments:

“userid” (string):

Unique user identifier.

Optional arguments:

“tokens” (tupla):

tokens list.

“user_data” (tupla):

user data list

“cip” (string):

user client ip.

“validuntil” (string):

timestamp of ticket expiration.

“encoding” :

encoding of the data into ticket

Return:

“ticket” (string):

mod_auth_pubtkt signed ticket format.

Ticket

class class mod_auth.mod_auth.Ticket(secret)

Mod_auth_tkt style cookie authentication class.

validateTkt(ticket, cip=’0.0.0.0’, now=None, encoding=’utf8’)

To validate, a new ticket is created from the data extracted from cookie and the shared secret. The two digests are compared and timestamp checked.

Successful validation returns a tupla with ticket’s fields format: (userid, tocken, userdata, validuntil)

“BadTicket” exceptions can be raised in case of invalid ticket format or digest verification failure.

“TicketExpired” exceptions raised if ticket expire.

Arguments:

“ticket” (string):

Ticket string value.

“cip” (string):

if createtkt was set client ip, here it need too, because it validate the digest.

“now” (string):

Timestamp of client datetime, if not set , server timestamp is used.

“encoding”:

encoding of the data into ticket

Return:

“fields” (tupla):

ticket’s fields format (userid, tocken, userdata, validuntil)

createTkt(userid, tokens=(), user_data=(), cip=’0.0.0.0’, validuntil=None, encoding=’utf8’)

Create mod_auth_pubtkt ticket.

Returns a valid ticket string.

Arguments:

“userid” (string):

Unique user identifier.

Optional arguments:

“tokens” (tupla):

tokens list.

“user_data” (tupla):

user data list

“cip” (string):

user client ip.

“validuntil” (string):

timestamp of ticket expiration.

“encoding” :

encoding of the data into ticket

Return:

“ticket” (string):

mod_auth_ticket format.

Exception

exception exception mod_auth.exception.BadSignature(ticket)

Exception raised when a signature verification is failed

exception exception mod_auth.exception.BadTicket(ticket, msg=’’)

Exception raised when a ticket has invalid format

exception exception mod_auth.exception.TicketExpired(ticket)

Exception raised when a signature verification is failed

exception exception mod_auth.exception.TicketParseError(ticket, msg=’’)

Base class for all ticket parsing errors

LICENSE

mod_auth is Copyright 2012 SuperComputer Solutions S.r.l (SCS)

Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Indices and tables

  • Index

  • Module Index

  • Search Page

Project details


Release history Release notifications | RSS feed

This version

1.0

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page