Fix XEP-0078 using the new stream feature workflow.
Honestly, this is mainly just a demo/proof of concept that we can handle dependencies and ordering issues with stream features. DON'T use XEP-0078 if you are able to use the normal SASL method, which should be the case unless you are dealing with a very old XMPP server implementation.
This commit is contained in:
parent
e83fae3a6f
commit
75f23d1130
7 changed files with 168 additions and 72 deletions
1
setup.py
1
setup.py
|
@ -58,6 +58,7 @@ packages = [ 'sleekxmpp',
|
|||
'sleekxmpp/plugins/xep_0060',
|
||||
'sleekxmpp/plugins/xep_0060/stanza',
|
||||
'sleekxmpp/plugins/xep_0066',
|
||||
'sleekxmpp/plugins/xep_0078',
|
||||
'sleekxmpp/plugins/xep_0085',
|
||||
'sleekxmpp/plugins/xep_0086',
|
||||
'sleekxmpp/plugins/xep_0092',
|
||||
|
|
|
@ -9,3 +9,5 @@ __all__ = ['xep_0004', 'xep_0009', 'xep_0012', 'xep_0030', 'xep_0033',
|
|||
'xep_0045', 'xep_0050', 'xep_0060', 'xep_0066', 'xep_0082',
|
||||
'xep_0085', 'xep_0086', 'xep_0092', 'xep_0128', 'xep_0199',
|
||||
'xep_0203', 'xep_0224', 'xep_0249', 'gmail_notify']
|
||||
|
||||
# Don't automatically load xep_0078
|
||||
|
|
|
@ -1,72 +0,0 @@
|
|||
"""
|
||||
SleekXMPP: The Sleek XMPP Library
|
||||
Copyright (C) 2010 Nathanael C. Fritz
|
||||
This file is part of SleekXMPP.
|
||||
|
||||
See the file LICENSE for copying permission.
|
||||
"""
|
||||
from __future__ import with_statement
|
||||
from xml.etree import cElementTree as ET
|
||||
import logging
|
||||
import hashlib
|
||||
from . import base
|
||||
|
||||
|
||||
log = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class xep_0078(base.base_plugin):
|
||||
"""
|
||||
XEP-0078 NON-SASL Authentication
|
||||
"""
|
||||
def plugin_init(self):
|
||||
self.description = "Non-SASL Authentication (broken)"
|
||||
self.xep = "0078"
|
||||
self.xmpp.add_event_handler("session_start", self.check_stream)
|
||||
#disabling until I fix conflict with PLAIN
|
||||
#self.xmpp.registerFeature("<auth xmlns='http://jabber.org/features/iq-auth'/>", self.auth)
|
||||
self.streamid = ''
|
||||
|
||||
def check_stream(self, xml):
|
||||
self.streamid = xml.attrib['id']
|
||||
if xml.get('version', '0') != '1.0':
|
||||
self.auth()
|
||||
|
||||
def auth(self, xml=None):
|
||||
log.debug("Starting jabber:iq:auth Authentication")
|
||||
auth_request = self.xmpp.makeIqGet()
|
||||
auth_request_query = ET.Element('{jabber:iq:auth}query')
|
||||
auth_request.attrib['to'] = self.xmpp.boundjid.host
|
||||
username = ET.Element('username')
|
||||
username.text = self.xmpp.username
|
||||
auth_request_query.append(username)
|
||||
auth_request.append(auth_request_query)
|
||||
result = auth_request.send()
|
||||
rquery = result.find('{jabber:iq:auth}query')
|
||||
attempt = self.xmpp.makeIqSet()
|
||||
query = ET.Element('{jabber:iq:auth}query')
|
||||
resource = ET.Element('resource')
|
||||
resource.text = self.xmpp.resource
|
||||
query.append(username)
|
||||
query.append(resource)
|
||||
if rquery.find('{jabber:iq:auth}digest') is None:
|
||||
log.warning("Authenticating via jabber:iq:auth Plain.")
|
||||
password = ET.Element('password')
|
||||
password.text = self.xmpp.password
|
||||
query.append(password)
|
||||
else:
|
||||
log.debug("Authenticating via jabber:iq:auth Digest")
|
||||
digest = ET.Element('digest')
|
||||
digest.text = hashlib.sha1(b"%s%s" % (self.streamid, self.xmpp.password)).hexdigest()
|
||||
query.append(digest)
|
||||
attempt.append(query)
|
||||
result = attempt.send()
|
||||
if result.attrib['type'] == 'result':
|
||||
with self.xmpp.lock:
|
||||
self.xmpp.authenticated = True
|
||||
self.xmpp.sessionstarted = True
|
||||
self.xmpp.event("session_start")
|
||||
else:
|
||||
log.info("Authentication failed")
|
||||
self.xmpp.disconnect()
|
||||
self.xmpp.event("failed_auth")
|
12
sleekxmpp/plugins/xep_0078/__init__.py
Normal file
12
sleekxmpp/plugins/xep_0078/__init__.py
Normal file
|
@ -0,0 +1,12 @@
|
|||
"""
|
||||
SleekXMPP: The Sleek XMPP Library
|
||||
Copyright (C) 2011 Nathanael C. Fritz, Lance J.T. Stout
|
||||
This file is part of SleekXMPP.
|
||||
|
||||
See the file LICENSE for copying permission.
|
||||
"""
|
||||
|
||||
from sleekxmpp.plugins.xep_0078 import stanza
|
||||
from sleekxmpp.plugins.xep_0078.stanza import IqAuth, AuthFeature
|
||||
from sleekxmpp.plugins.xep_0078.legacyauth import xep_0078
|
||||
|
108
sleekxmpp/plugins/xep_0078/legacyauth.py
Normal file
108
sleekxmpp/plugins/xep_0078/legacyauth.py
Normal file
|
@ -0,0 +1,108 @@
|
|||
"""
|
||||
SleekXMPP: The Sleek XMPP Library
|
||||
Copyright (C) 2011 Nathanael C. Fritz
|
||||
This file is part of SleekXMPP.
|
||||
|
||||
See the file LICENSE for copying permission.
|
||||
"""
|
||||
|
||||
import logging
|
||||
import hashlib
|
||||
import random
|
||||
|
||||
from sleekxmpp.stanza import Iq, StreamFeatures
|
||||
from sleekxmpp.xmlstream import ElementBase, ET, register_stanza_plugin
|
||||
from sleekxmpp.plugins.base import base_plugin
|
||||
from sleekxmpp.plugins.xep_0078 import stanza
|
||||
|
||||
|
||||
log = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class xep_0078(base_plugin):
|
||||
|
||||
"""
|
||||
XEP-0078 NON-SASL Authentication
|
||||
|
||||
This XEP is OBSOLETE in favor of using SASL, so DO NOT use this plugin
|
||||
unless you are forced to use an old XMPP server implementation.
|
||||
"""
|
||||
|
||||
def plugin_init(self):
|
||||
self.xep = "0078"
|
||||
self.description = "Non-SASL Authentication"
|
||||
self.stanza = stanza
|
||||
|
||||
self.xmpp.register_feature('auth',
|
||||
self._handle_auth,
|
||||
restart=False,
|
||||
order=self.config.get('order', 15))
|
||||
|
||||
register_stanza_plugin(Iq, stanza.IqAuth)
|
||||
register_stanza_plugin(StreamFeatures, stanza.AuthFeature)
|
||||
|
||||
|
||||
def _handle_auth(self, features):
|
||||
# If we can or have already authenticated with SASL, do nothing.
|
||||
if 'mechanisms' in features['features']:
|
||||
return False
|
||||
if self.xmpp.authenticated:
|
||||
return False
|
||||
|
||||
log.debug("Starting jabber:iq:auth Authentication")
|
||||
|
||||
# Step 1: Request the auth form
|
||||
iq = self.xmpp.Iq()
|
||||
iq['type'] = 'get'
|
||||
iq['to'] = self.xmpp.boundjid.host
|
||||
iq['auth']['username'] = self.xmpp.boundjid.user
|
||||
resp = iq.send(now=True)
|
||||
|
||||
if resp is None or resp['type'] != 'result':
|
||||
log.info("Authentication failed: %s" % resp['error']['condition'])
|
||||
self.xmpp.event('failed_auth', resp, direct=True)
|
||||
self.xmpp.disconnect()
|
||||
return True
|
||||
|
||||
# Step 2: Fill out auth form for either password or digest auth
|
||||
iq = self.xmpp.Iq()
|
||||
iq['type'] = 'set'
|
||||
iq['auth']['username'] = self.xmpp.boundjid.user
|
||||
|
||||
# A resource is required, so create a random one if necessary
|
||||
if self.xmpp.boundjid.resource:
|
||||
iq['auth']['resource'] = self.xmpp.boundjid.resource
|
||||
else:
|
||||
iq['auth']['resource'] = '%s' % random.random()
|
||||
|
||||
if 'digest' in resp['auth']['fields']:
|
||||
log.debug('Authenticating via jabber:iq:auth Digest')
|
||||
if sys.version_info < (3, 0):
|
||||
stream_id = bytes(self.xmpp.stream_id)
|
||||
password = bytes(self.xmpp.password)
|
||||
else:
|
||||
stream_id = bytes(self.xmpp.stream_id, encoding='utf-8')
|
||||
password = bytes(self.xmpp.password, encoding='utf-8')
|
||||
|
||||
digest = hashlib.sha1(b'%s%s' % (stream_id, password)).hexdigest()
|
||||
iq['auth']['digest'] = digest
|
||||
else:
|
||||
log.warning('Authenticating via jabber:iq:auth Plain.')
|
||||
iq['auth']['password'] = self.xmpp.password
|
||||
|
||||
# Step 3: Send credentials
|
||||
result = iq.send(now=True)
|
||||
if result is not None and result.attrib['type'] == 'result':
|
||||
self.xmpp.features.add('auth')
|
||||
|
||||
self.xmpp.authenticated = True
|
||||
log.debug("Established Session")
|
||||
self.xmpp.sessionstarted = True
|
||||
self.xmpp.session_started_event.set()
|
||||
self.xmpp.event('session_start')
|
||||
else:
|
||||
log.info("Authentication failed")
|
||||
self.xmpp.disconnect()
|
||||
self.xmpp.event("failed_auth")
|
||||
|
||||
return True
|
43
sleekxmpp/plugins/xep_0078/stanza.py
Normal file
43
sleekxmpp/plugins/xep_0078/stanza.py
Normal file
|
@ -0,0 +1,43 @@
|
|||
"""
|
||||
SleekXMPP: The Sleek XMPP Library
|
||||
Copyright (C) 2011 Nathanael C. Fritz
|
||||
This file is part of SleekXMPP.
|
||||
|
||||
See the file LICENSE for copying permission.
|
||||
"""
|
||||
|
||||
from sleekxmpp.xmlstream import ElementBase, ET, register_stanza_plugin
|
||||
|
||||
|
||||
class IqAuth(ElementBase):
|
||||
namespace = 'jabber:iq:auth'
|
||||
name = 'query'
|
||||
plugin_attrib = 'auth'
|
||||
interfaces = set(('fields', 'username', 'password', 'resource', 'digest'))
|
||||
sub_interfaces = set(('username', 'password', 'resource', 'digest'))
|
||||
plugin_tag_map = {}
|
||||
plugin_attrib_map = {}
|
||||
|
||||
def get_fields(self):
|
||||
fields = set()
|
||||
for field in self.sub_interfaces:
|
||||
if self.xml.find('{%s}%s' % (self.namespace, field)) is not None:
|
||||
fields.add(field)
|
||||
return fields
|
||||
|
||||
def set_resource(self, value):
|
||||
self._set_sub_text('resource', value, keep=True)
|
||||
|
||||
def set_password(self, value):
|
||||
self._set_sub_text('password', value, keep=True)
|
||||
|
||||
|
||||
class AuthFeature(ElementBase):
|
||||
namespace = 'http://jabber.org/features/iq-auth'
|
||||
name = 'auth'
|
||||
plugin_attrib = 'auth'
|
||||
interfaces = set()
|
||||
plugin_tag_map = {}
|
||||
plugin_attrib_map = {}
|
||||
|
||||
|
|
@ -19,6 +19,8 @@ class StreamFeatures(StanzaBase):
|
|||
namespace = 'http://etherx.jabber.org/streams'
|
||||
interfaces = set(('features', 'required', 'optional'))
|
||||
sub_interfaces = interfaces
|
||||
plugin_tag_map = {}
|
||||
plugin_attrib_map = {}
|
||||
|
||||
def setup(self, xml):
|
||||
StanzaBase.setup(self, xml)
|
||||
|
|
Loading…
Reference in a new issue