diff options
author | Kali Kaneko <kali@leap.se> | 2015-12-16 01:12:30 -0400 |
---|---|---|
committer | Kali Kaneko <kali@leap.se> | 2015-12-18 11:13:50 -0400 |
commit | ea41bb44afee34e8ad6baf917ba461a7e95bf70d (patch) | |
tree | 13328c1e3a5114c6b02cd0838bf8a94e16052123 /src/leap/mail/imap/service/imap.py | |
parent | cb676ab65d41c8821683a10bb675e94ac59e06ff (diff) |
[feat] cred authentication for SMTP service
Diffstat (limited to 'src/leap/mail/imap/service/imap.py')
-rw-r--r-- | src/leap/mail/imap/service/imap.py | 59 |
1 files changed, 1 insertions, 58 deletions
diff --git a/src/leap/mail/imap/service/imap.py b/src/leap/mail/imap/service/imap.py index 24fa865..9e34454 100644 --- a/src/leap/mail/imap/service/imap.py +++ b/src/leap/mail/imap/service/imap.py @@ -23,9 +23,6 @@ import os from collections import defaultdict from twisted.cred.portal import Portal, IRealm -from twisted.cred.credentials import IUsernamePassword -from twisted.cred.checkers import ICredentialsChecker -from twisted.cred.error import UnauthorizedLogin from twisted.mail.imap4 import IAccount from twisted.internet import defer from twisted.internet import reactor @@ -35,6 +32,7 @@ from twisted.python import log from zope.interface import implementer from leap.common.events import emit_async, catalog +from leap.mail.cred import LocalSoledadTokenChecker from leap.mail.imap.account import IMAPAccount from leap.mail.imap.server import LEAPIMAPServer @@ -88,61 +86,6 @@ class LocalSoledadIMAPRealm(object): return defer.succeed(soledad) -@implementer(ICredentialsChecker) -class LocalSoledadTokenChecker(object): - - """ - A Credentials Checker for a LocalSoledad store. - - It checks that: - - 1) The Local SoledadStorage has been correctly unlocked for the given - user. This currently means that the right passphrase has been passed - to the Local SoledadStorage. - - 2) The password passed in the credentials matches whatever token has - been stored in the local encrypted SoledadStorage, associated to the - Protocol that is requesting the authentication. - """ - - credentialInterfaces = (IUsernamePassword,) - service = None - - def __init__(self, soledad_sessions): - """ - :param soledad_sessions: a dict-like object, containing instances - of a Store (soledad instances), indexed by - userid. - """ - self._soledad_sessions = soledad_sessions - - def requestAvatarId(self, credentials): - if self.service is None: - raise NotImplementedError( - "this checker has not defined its service name") - username, password = credentials.username, credentials.password - d = self.checkSoledadToken(username, password, self.service) - d.addErrback(lambda f: defer.fail(UnauthorizedLogin())) - return d - - def checkSoledadToken(self, username, password, service): - soledad = self._soledad_sessions.get(username) - if not soledad: - return defer.fail(Exception("No soledad")) - - def match_token(token): - if token is None: - raise RuntimeError('no token') - if token == password: - return username - else: - raise RuntimeError('bad token') - - d = soledad.get_or_create_service_token(service) - d.addCallback(match_token) - return d - - class IMAPTokenChecker(LocalSoledadTokenChecker): """A credentials checker that will lookup a token for the IMAP service.""" service = 'imap' |