From 3e25b5e5937ff38555980cfd95174e319a58cd5e Mon Sep 17 00:00:00 2001 From: Helmut Merz Date: Mon, 24 Mar 2025 12:04:53 +0100 Subject: [PATCH] work in progress: entry points for OpenID Connect (oidc) authentication --- demo/demo_server.py | 3 +++ scopes/interfaces.py | 9 +++++++-- scopes/server/auth.py | 21 ++++++++++++++++++++- scopes/server/browser.py | 9 +++------ scopes/storage/folder.py | 14 ++++++++++++++ 5 files changed, 47 insertions(+), 9 deletions(-) diff --git a/demo/demo_server.py b/demo/demo_server.py index a7f69f1..2a81076 100644 --- a/demo/demo_server.py +++ b/demo/demo_server.py @@ -1,5 +1,8 @@ # py-scopes/demo/demo_server.py +from scopes.server import auth +from scopes.storage import topic + from wsgiref.simple_server import make_server def run(app, config): diff --git a/scopes/interfaces.py b/scopes/interfaces.py index c150f25..6909c51 100644 --- a/scopes/interfaces.py +++ b/scopes/interfaces.py @@ -1,9 +1,14 @@ # scopes.interfaces -from zope.interface import Interface +from zope.interface import Interface, Attribute -class ITraversable(Interface): +class IViewable(Interface): + + prefix = Attribute('Prefix string for identifying the type (class) of an object') + + +class ITraversable(IViewable): def get(key, default=None): """Return the item addressed by `key`; return `default` if not found.""" diff --git a/scopes/server/auth.py b/scopes/server/auth.py index 06c933d..68e7917 100644 --- a/scopes/server/auth.py +++ b/scopes/server/auth.py @@ -4,6 +4,9 @@ from zope.authentication.interfaces import IAuthentication from zope.interface import implementer from zope.publisher.interfaces import Unauthorized +from scopes.server.browser import DefaultView, register +from scopes.storage.folder import DummyFolder, Root + def authenticate(request): #print('*** authenticate') @@ -11,7 +14,7 @@ def authenticate(request): @implementer(IAuthentication) -class JwtAuthentication: +class OidcAuthentication: def __init__(self, baseAuth): self.baseAuth = baseAuth @@ -37,3 +40,19 @@ class JwtAuthentication: def logout(self, request): print('*** JwtAuthentication: logout') +JwtAuthentication = OidcAuthentication # old name - still used? + + +class Authenticator(DummyFolder): + prefix = 'auth' + + +@register('auth', Root) +def authView(context, request): + print('*** auth', context, request['PATH_INFO'], request.getTraversalStack()) + return Authenticator() + +@register('login', Authenticator) +def login(context, request): + print('*** login', context, request['PATH_INFO'], request.getTraversalStack()) + return DefaultView(context, request) diff --git a/scopes/server/browser.py b/scopes/server/browser.py index 8d6eac1..29e9835 100644 --- a/scopes/server/browser.py +++ b/scopes/server/browser.py @@ -12,12 +12,11 @@ def register(name, *contextTypes): def doRegister(factory): implementer(IView)(factory) nameEntry = views.setdefault(name, {}) - for ct in contextTypes: - if not isinstance(ct, string): + cts = contextTypes or [''] + for ct in cts: + if not isinstance(ct, str): ct = ct.prefix nameEntry[ct] = factory - else: - nameEntry[''] = factory return factory return doRegister @@ -61,5 +60,3 @@ class DefaultView: def render(self, result): self.request.response.setHeader('Content-type', 'application/json; charset=utf-8') return json.dumps(result).encode('UTF-8') - - diff --git a/scopes/storage/folder.py b/scopes/storage/folder.py index fd3994c..77bd563 100644 --- a/scopes/storage/folder.py +++ b/scopes/storage/folder.py @@ -7,6 +7,18 @@ from scopes.storage.common import registerContainerClass from scopes.storage.tracking import Container, Track +class DummyFolder(dict): + + prefix = 'dummy' + + def asDict(self): + return self + + def __repr__(self): + return '%s: %s' % (self.__class__.__name__, + super(DummyFolder, self).__repr__()) + + @implementer(IContainer, IReference) class Folder(Track): @@ -57,6 +69,8 @@ class Root(Folder): """A dummy (virtual) root folder for creating real folders using the Folder API.""" + prefix = 'root' + def __init__(self, storage): cont = storage.create(Folders) super(Root, self).__init__(container=cont)