Skip to content
Snippets Groups Projects
Commit 809f56f2 authored by Pavel Kácha's avatar Pavel Kácha
Browse files

NoAuthenticator now creates ad-hoc client ids based on client name (thanks to Radko Krkos)

parent 9bc901ef
No related branches found
No related tags found
No related merge requests found
......@@ -279,8 +279,21 @@ class NoAuthenticator(ObjectReq):
ObjectReq.__init__(self, req)
def shash(self, s):
""" Simple FNV1 hash for creating ids on the fly """
res = 2166136261
for c in s:
res = 0xFFFFFFFF & res * 16777619 ^ ord(c)
return res
def authenticate(self, env, args):
return "anybody" # or None
name = args.get("client", [None])[0]
if name is None:
logging.error("NoAuthenticator: clients must authenticate by name, not secret")
return None
return Client(self.shash(name), None, None, None, name, None, 1, None, 1, 1, 1, 0)
def authorize(self, env, client, path, method):
......@@ -336,8 +349,8 @@ class X509Authenticator(NoAuthenticator):
name, secret, str(cert_names)))
return None
# Clients with 'secret' set muset get authorized by it.
# No secret turns auth off for this particular client.
# Clients with 'secret' set must get authenticated by it.
# No secret turns secret auth off for this particular client.
if client.secret is not None and secret is None:
logging.info("authenticate: missing secret argument")
return None
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment