Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auth Plugins / Plugin Cleanup #172

Merged
merged 5 commits into from
May 13, 2015
Merged

Conversation

DirectXMan12
Copy link
Member

This PR introduces auth hooks, with allow websockify users to easily add in arbitrary authentication without having to subclass the main classes of websockify. Authentication plugins are passed the header object, as well as the target host and port. When initialized, they are passed a single parameter, similarly to token plugins. If authentication fails, auth plugins should raise an exception.

@DirectXMan12 DirectXMan12 added the feature New feature or request label Apr 29, 2015
@DirectXMan12 DirectXMan12 added this to the v0.7.0 milestone Apr 29, 2015
@DirectXMan12
Copy link
Member Author

@kanaka , @samhed , @aastrand : does this look good to you?

There were several older bugs and PRs that requested more specific forms of this feature, so I decided to generalize.

@kanaka
Copy link
Member

kanaka commented Apr 29, 2015

@DirectXMan12 I did a brief scan of the change and it looks good to me. Maybe a test for this?

@DirectXMan12
Copy link
Member Author

@kanaka : I'll write up a couple tests.

Auth plugins provide a generic interface for authenticating requests.

The plugin name is specified using the '--auth-plugin' option, and
may either be the name of a class from `websockify.auth_plugins`,
or a fully qualified python path to the auth plugin class (see below).

An optional plugin parameter can be specified using the '--auth-source'
option (a value of `None` will be used if no '--auth-source' option is
specified).

Auth plugins should inherit from `websockify.auth_plugins.BasePlugin`,
and should implement the `authenticate(headers, target_host, target_port)`
method.  The value of the '--auth-source' option is available as
`self.source`.

One plugin is currently included: `ExpectOrigin`.  The `ExpectOrigin`
plugin checks that the 'Origin' header is an expected value.  The list
of acceptable origins is passed using the plugin source, as a
space-separated list.
ReadOnlyTokenFile didn't initialize `self._targets` to `None`,
causing issues.
Previously, we just passed the values of '--*-plugin' and
'--*-source' directly to `LibProxyServer` and `WebSocketProxy`,
which handled turning that into an instance of the plugin class.
Now, that's done in main, and the classes receive an instance
directly.
This commit updates the unit tests to work with the current code
and adds in tests for the auth and token plugin functionality.
This commit enables running the unit tests on Travis for Python 2.6,
2.7, 3.3, and 3.4.  Note that Travis does not support Python 2.4, so
we cannot test there.
@DirectXMan12 DirectXMan12 force-pushed the feature/generic-auth-hook branch from a701829 to afb5d28 Compare May 12, 2015 16:53
@DirectXMan12
Copy link
Member Author

Ok, I rewrote the tests to actually work, and enabled Travis along the way

DirectXMan12 added a commit that referenced this pull request May 13, 2015
Auth Plugins / Plugin Cleanup / Test Update
@DirectXMan12 DirectXMan12 merged commit ca9fe06 into master May 13, 2015
@DirectXMan12 DirectXMan12 deleted the feature/generic-auth-hook branch May 13, 2015 17:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants