ó pÁìVc@sùdZddlmZddlZddlmZmZddlmZddl m Z ddl m Z mZddlmZd „Zd efd „ƒYZd efd „ƒYZdefd„ƒYZdefd„ƒYZdefd„ƒYZdS(u+ Provides various authentication policies. iÿÿÿÿ(tunicode_literalsN(t authenticatetget_user_model(tCsrfViewMiddleware(t ugettext_lazy(tHTTP_HEADER_ENCODINGt exceptions(tTokencCs@|jjddƒ}t|tdƒƒr<|jtƒ}n|S(u‰ Return request's 'Authorization:' header, as a bytestring. Hide some test client ickyness where the header can be unicode. uHTTP_AUTHORIZATIONtu(tMETAtgett isinstancettypetencodeR(trequesttauth((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pytget_authorization_headerst CSRFCheckcBseZd„ZRS(cCs|S(N((tselfRtreason((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyt_rejects(t__name__t __module__R(((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyRstBaseAuthenticationcBs eZdZd„Zd„ZRS(uF All authentication classes should extend BaseAuthentication. cCstdƒ‚dS(uS Authenticate the request and return a two-tuple of (user, token). u#.authenticate() must be overridden.N(tNotImplementedError(RR((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyR(scCsdS(uç Return a string to be used as the value of the `WWW-Authenticate` header in a `401 Unauthenticated` response, or `None` if the authentication scheme should return `403 Permission Denied` responses. N((RR((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pytauthenticate_header.s(RRt__doc__RR(((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyR#s tBasicAuthenticationcBs/eZdZdZd„Zd„Zd„ZRS(u> HTTP Basic authentication against username/password. uapicCst|ƒjƒ}| s/|djƒdkr3d St|ƒdkrctdƒ}tj|ƒ‚n0t|ƒdkr“tdƒ}tj|ƒ‚ny)tj |dƒj t ƒj dƒ}Wn2t tfk rðtdƒ}tj|ƒ‚nX|d|d}}|j||ƒS( uœ Returns a `User` if a correct username and password have been supplied using HTTP Basic authentication. Otherwise returns `None`. itbasiciu.Invalid basic header. No credentials provided.iuCInvalid basic header. Credentials string should not contain spaces.u:u?Invalid basic header. Credentials not correctly base64 encoded.N(RtsplittlowertNonetlent_RtAuthenticationFailedtbase64t b64decodetdecodeRt partitiont TypeErrortUnicodeDecodeErrortauthenticate_credentials(RRRtmsgt auth_partstuseridtpassword((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyR=s   ) cCsui|tƒj6|d6}t|}|dkrJtjtdƒƒ‚n|jsktjtdƒƒ‚n|dfS(uU Authenticate the userid and password against username and password. upassworduInvalid username/password.uUser inactive or deleted.N(RtUSERNAME_FIELDRRRR"R!t is_active(RR,R-t credentialstuser((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyR)Ws     cCs d|jS(NuBasic realm="%s"(twww_authenticate_realm(RR((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyRis(RRRR2RR)R(((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyR7s   tSessionAuthenticationcBs eZdZd„Zd„ZRS(u< Use Django's session framework for authentication. cCsAt|jddƒ}| s&|j r*dS|j|ƒ|dfS(u{ Returns a `User` if the request session currently has a logged in user. Otherwise returns `None`. uuserN(tgetattrt_requestRR/t enforce_csrf(RRR1((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyRrs  cCs;tƒj|ddiƒ}|r7tjd|ƒ‚ndS(uK Enforce CSRF validation for session based authentication. uCSRF Failed: %sN((Rt process_viewRRtPermissionDenied(RRR((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyR6„s(RRRRR6(((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyR3ms tTokenAuthenticationcBs/eZdZeZd„Zd„Zd„ZRS(u Simple token based authentication. Clients should authenticate by passing the token key in the "Authorization" HTTP header, prepended with the string "Token ". For example: Authorization: Token 401f7ac837da42b97f613d789819ff93537bee6a cCsãt|ƒjƒ}| s/|djƒdkr3dSt|ƒdkrctdƒ}tj|ƒ‚n0t|ƒdkr“tdƒ}tj|ƒ‚ny|djƒ}Wn,t k rÕtdƒ}tj|ƒ‚nX|j |ƒS(Nittokeniu.Invalid token header. No credentials provided.iu=Invalid token header. Token string should not contain spaces.uIInvalid token header. Token string should not contain invalid characters.( RRRRR R!RR"R%t UnicodeErrorR)(RRRR*R:((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyR s    cCs…y%|jjjdƒjd|ƒ}Wn,|jjk rStjtdƒƒ‚nX|jj sxtjtdƒƒ‚n|j|fS(NuusertkeyuInvalid token.uUser inactive or deleted.( tmodeltobjectstselect_relatedR t DoesNotExistRR"R!R1R/(RR<R:((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyR)µs% cCsdS(NuToken((RR((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyRÀs(RRRRR=RR)R(((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyR9Žs   (Rt __future__RR#tdjango.contrib.authRRtdjango.middleware.csrfRtdjango.utils.translationRR!trest_frameworkRRtrest_framework.authtoken.modelsRRRtobjectRRR3R9(((sw/opt/seafile/seafile-server-5.1.3/seahub/thirdpart/djangorestframework-3.3.2-py2.7.egg/rest_framework/authentication.pyts  6!