slixmpp/sleekxmpp/plugins/xep_0078/legacyauth.py

"""
    SleekXMPP: The Sleek XMPP Library
    Copyright (C) 2011 Nathanael C. Fritz
    This file is part of SleekXMPP.

    See the file LICENSE for copying permission.
"""

import uuid
import logging
import hashlib
import random
import sys

from sleekxmpp.jid import JID
from sleekxmpp.exceptions import IqError, IqTimeout
from sleekxmpp.stanza import Iq, StreamFeatures
from sleekxmpp.xmlstream import ElementBase, ET, register_stanza_plugin
from sleekxmpp.plugins import BasePlugin
from sleekxmpp.plugins.xep_0078 import stanza


log = logging.getLogger(__name__)


class XEP_0078(BasePlugin):

    """
    XEP-0078 NON-SASL Authentication

    This XEP is OBSOLETE in favor of using SASL, so DO NOT use this plugin
    unless you are forced to use an old XMPP server implementation.
    """

    name = 'xep_0078'
    description = 'XEP-0078: Non-SASL Authentication'
    dependencies = set()
    stanza = stanza
    default_config = {
        'order': 15
    }

    def plugin_init(self):
        self.xmpp.register_feature('auth',
                self._handle_auth,
                restart=False,
                order=self.order)

        self.xmpp.add_event_handler('legacy_protocol',
                self._handle_legacy_protocol)

        register_stanza_plugin(Iq, stanza.IqAuth)
        register_stanza_plugin(StreamFeatures, stanza.AuthFeature)

    def plugin_end(self):
        self.xmpp.del_event_handler('legacy_protocol',
                self._handle_legacy_protocol)
        self.xmpp.unregister_feature('auth', self.order)

    def _handle_auth(self, features):
        # If we can or have already authenticated with SASL, do nothing.
        if 'mechanisms' in features['features']:
            return False
        return self.authenticate()

    def _handle_legacy_protocol(self, event):
        self.authenticate()

    def authenticate(self):
        if self.xmpp.authenticated:
            return False

        log.debug("Starting jabber:iq:auth Authentication")

        # Step 1: Request the auth form
        iq = self.xmpp.Iq()
        iq['type'] = 'get'
        iq['to'] = self.xmpp.requested_jid.host
        iq['auth']['username'] = self.xmpp.requested_jid.user

        try:
            resp = iq.send(now=True)
        except IqError as err:
            log.info("Authentication failed: %s", err.iq['error']['condition'])
            self.xmpp.event('failed_auth', direct=True)
            self.xmpp.disconnect()
            return True
        except IqTimeout:
            log.info("Authentication failed: %s", 'timeout')
            self.xmpp.event('failed_auth', direct=True)
            self.xmpp.disconnect()
            return True

        # Step 2: Fill out auth form for either password or digest auth
        iq = self.xmpp.Iq()
        iq['type'] = 'set'
        iq['auth']['username'] = self.xmpp.requested_jid.user

        # A resource is required, so create a random one if necessary
        resource = self.xmpp.requested_jid.resource
        if not resource:
            resource = str(uuid.uuid4())

        iq['auth']['resource'] = resource

        if 'digest' in resp['auth']['fields']:
            log.debug('Authenticating via jabber:iq:auth Digest')
            if sys.version_info < (3, 0):
                stream_id = bytes(self.xmpp.stream_id)
                password = bytes(self.xmpp.password)
            else:
                stream_id = bytes(self.xmpp.stream_id, encoding='utf-8')
                password = bytes(self.xmpp.password, encoding='utf-8')

            digest = hashlib.sha1(b'%s%s' % (stream_id, password)).hexdigest()
            iq['auth']['digest'] = digest
        else:
            log.warning('Authenticating via jabber:iq:auth Plain.')
            iq['auth']['password'] = self.xmpp.password

        # Step 3: Send credentials
        try:
            result = iq.send(now=True)
        except IqError as err:
            log.info("Authentication failed")
            self.xmpp.event("failed_auth", direct=True)
            self.xmpp.disconnect()
        except IqTimeout:
            log.info("Authentication failed")
            self.xmpp.event("failed_auth", direct=True)
            self.xmpp.disconnect()

        self.xmpp.features.add('auth')

        self.xmpp.authenticated = True

        self.xmpp.boundjid = JID(self.xmpp.requested_jid,
                resource=resource,
                cache_lock=True)
        self.xmpp.event('session_bind', self.xmpp.boundjid, direct=True)

        log.debug("Established Session")
        self.xmpp.sessionstarted = True
        self.xmpp.session_started_event.set()
        self.xmpp.event('session_start')

        return True
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00			`"""`
			`SleekXMPP: The Sleek XMPP Library`
			`Copyright (C) 2011 Nathanael C. Fritz`
			`This file is part of SleekXMPP.`

			`See the file LICENSE for copying permission.`
			`"""`

Fixed resource generation via uuid 2013-02-18 19:41:13 +00:00			`import uuid`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00			`import logging`
			`import hashlib`
			`import random`
Fix instances of using undefined variables. 2012-02-18 19:56:10 +00:00			`import sys`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00
Lock the bound JID in the JID cache. 2012-10-24 19:56:54 +00:00			`from sleekxmpp.jid import JID`
Fix instances of using undefined variables. 2012-02-18 19:56:10 +00:00			`from sleekxmpp.exceptions import IqError, IqTimeout`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00			`from sleekxmpp.stanza import Iq, StreamFeatures`
			`from sleekxmpp.xmlstream import ElementBase, ET, register_stanza_plugin`
Move XEP-0078 to new system. 2012-03-12 05:40:38 +00:00			`from sleekxmpp.plugins import BasePlugin`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00			`from sleekxmpp.plugins.xep_0078 import stanza`


			`log = logging.getLogger(__name__)`


Move XEP-0078 to new system. 2012-03-12 05:40:38 +00:00			`class XEP_0078(BasePlugin):`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00
			`"""`
			`XEP-0078 NON-SASL Authentication`

			`This XEP is OBSOLETE in favor of using SASL, so DO NOT use this plugin`
			`unless you are forced to use an old XMPP server implementation.`
			`"""`

Move XEP-0078 to new system. 2012-03-12 05:40:38 +00:00			`name = 'xep_0078'`
			`description = 'XEP-0078: Non-SASL Authentication'`
			`dependencies = set()`
			`stanza = stanza`
Enhance plugin config with attribute accessors. This makes updating the config after plugin initialization much easier. 2012-07-27 06:04:16 +00:00			`default_config = {`
			`'order': 15`
			`}`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00
Move XEP-0078 to new system. 2012-03-12 05:40:38 +00:00			`def plugin_init(self):`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00			`self.xmpp.register_feature('auth',`
			`self._handle_auth,`
			`restart=False,`
Enhance plugin config with attribute accessors. This makes updating the config after plugin initialization much easier. 2012-07-27 06:04:16 +00:00			`order=self.order)`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00
Update legacy auth to be used outside of stream features. Also, add detection of legacy XMPP version. 2012-10-01 23:27:55 +00:00			`self.xmpp.add_event_handler('legacy_protocol',`
			`self._handle_legacy_protocol)`

Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00			`register_stanza_plugin(Iq, stanza.IqAuth)`
			`register_stanza_plugin(StreamFeatures, stanza.AuthFeature)`

Update plugins to use session_bind handler for disco, and use plugin_end 2012-07-10 08:37:44 +00:00			`def plugin_end(self):`
Update legacy auth to be used outside of stream features. Also, add detection of legacy XMPP version. 2012-10-01 23:27:55 +00:00			`self.xmpp.del_event_handler('legacy_protocol',`
			`self._handle_legacy_protocol)`
Enhance plugin config with attribute accessors. This makes updating the config after plugin initialization much easier. 2012-07-27 06:04:16 +00:00			`self.xmpp.unregister_feature('auth', self.order)`
Update plugins to use session_bind handler for disco, and use plugin_end 2012-07-10 08:37:44 +00:00
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00			`def _handle_auth(self, features):`
			`# If we can or have already authenticated with SASL, do nothing.`
			`if 'mechanisms' in features['features']:`
			`return False`
Update legacy auth to be used outside of stream features. Also, add detection of legacy XMPP version. 2012-10-01 23:27:55 +00:00			`return self.authenticate()`

			`def _handle_legacy_protocol(self, event):`
			`self.authenticate()`

			`def authenticate(self):`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00			`if self.xmpp.authenticated:`
			`return False`

			`log.debug("Starting jabber:iq:auth Authentication")`

			`# Step 1: Request the auth form`
			`iq = self.xmpp.Iq()`
			`iq['type'] = 'get'`
Update legacy auth to be used outside of stream features. Also, add detection of legacy XMPP version. 2012-10-01 23:27:55 +00:00			`iq['to'] = self.xmpp.requested_jid.host`
			`iq['auth']['username'] = self.xmpp.requested_jid.user`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00
Update plugins that use Iq stanzas to work with new exceptions. 2011-08-18 04:30:47 +00:00			`try:`
			`resp = iq.send(now=True)`
Fix XEP-0078 error handling 2012-10-05 16:49:04 +00:00			`except IqError as err:`
			`log.info("Authentication failed: %s", err.iq['error']['condition'])`
Update plugins that use Iq stanzas to work with new exceptions. 2011-08-18 04:30:47 +00:00			`self.xmpp.event('failed_auth', direct=True)`
			`self.xmpp.disconnect()`
			`return True`
			`except IqTimeout:`
Tidy up logging calls. 2011-11-19 20:07:57 +00:00			`log.info("Authentication failed: %s", 'timeout')`
Update plugins that use Iq stanzas to work with new exceptions. 2011-08-18 04:30:47 +00:00			`self.xmpp.event('failed_auth', direct=True)`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00			`self.xmpp.disconnect()`
			`return True`

			`# Step 2: Fill out auth form for either password or digest auth`
			`iq = self.xmpp.Iq()`
			`iq['type'] = 'set'`
Update legacy auth to be used outside of stream features. Also, add detection of legacy XMPP version. 2012-10-01 23:27:55 +00:00			`iq['auth']['username'] = self.xmpp.requested_jid.user`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00
			`# A resource is required, so create a random one if necessary`
Lock the bound JID in the JID cache. 2012-10-24 19:56:54 +00:00			`resource = self.xmpp.requested_jid.resource`
			`if not resource:`
Fixed resource generation via uuid 2013-02-18 19:41:13 +00:00			`resource = str(uuid.uuid4())`
Lock the bound JID in the JID cache. 2012-10-24 19:56:54 +00:00
			`iq['auth']['resource'] = resource`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00
			`if 'digest' in resp['auth']['fields']:`
			`log.debug('Authenticating via jabber:iq:auth Digest')`
			`if sys.version_info < (3, 0):`
			`stream_id = bytes(self.xmpp.stream_id)`
			`password = bytes(self.xmpp.password)`
			`else:`
			`stream_id = bytes(self.xmpp.stream_id, encoding='utf-8')`
			`password = bytes(self.xmpp.password, encoding='utf-8')`

			`digest = hashlib.sha1(b'%s%s' % (stream_id, password)).hexdigest()`
			`iq['auth']['digest'] = digest`
			`else:`
			`log.warning('Authenticating via jabber:iq:auth Plain.')`
			`iq['auth']['password'] = self.xmpp.password`

			`# Step 3: Send credentials`
Update plugins that use Iq stanzas to work with new exceptions. 2011-08-18 04:30:47 +00:00			`try:`
			`result = iq.send(now=True)`
			`except IqError as err:`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00			`log.info("Authentication failed")`
Update plugins that use Iq stanzas to work with new exceptions. 2011-08-18 04:30:47 +00:00			`self.xmpp.event("failed_auth", direct=True)`
Fix XEP-0078 error handling 2012-10-05 16:49:04 +00:00			`self.xmpp.disconnect()`
Update plugins that use Iq stanzas to work with new exceptions. 2011-08-18 04:30:47 +00:00			`except IqTimeout:`
			`log.info("Authentication failed")`
			`self.xmpp.event("failed_auth", direct=True)`
Fix XEP-0078 error handling 2012-10-05 16:49:04 +00:00			`self.xmpp.disconnect()`
Update plugins that use Iq stanzas to work with new exceptions. 2011-08-18 04:30:47 +00:00
			`self.xmpp.features.add('auth')`

			`self.xmpp.authenticated = True`
Lock the bound JID in the JID cache. 2012-10-24 19:56:54 +00:00
			`self.xmpp.boundjid = JID(self.xmpp.requested_jid,`
			`resource=resource,`
			`cache_lock=True)`
			`self.xmpp.event('session_bind', self.xmpp.boundjid, direct=True)`

Update plugins that use Iq stanzas to work with new exceptions. 2011-08-18 04:30:47 +00:00			`log.debug("Established Session")`
			`self.xmpp.sessionstarted = True`
			`self.xmpp.session_started_event.set()`
			`self.xmpp.event('session_start')`
Fix XEP-0078 using the new stream feature workflow. Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation. 2011-08-06 07:45:18 +00:00
			`return True`