1
0
mirror of https://github.com/ansible/awx.git synced 2024-10-31 15:21:13 +03:00

Update authenticate method on auth backends to add required request param

This became mandatory in Django 2.1.
This commit is contained in:
Jeff Bradberry 2019-07-12 11:15:07 -04:00
parent 261f1427e9
commit a691340986
2 changed files with 11 additions and 11 deletions

View File

@ -98,7 +98,7 @@ class LDAPBackend(BaseLDAPBackend):
settings = property(_get_settings, _set_settings)
def authenticate(self, username, password):
def authenticate(self, request, username, password):
if self.settings.START_TLS and ldap.OPT_X_TLS_REQUIRE_CERT in self.settings.CONNECTION_OPTIONS:
# with python-ldap, if you want to set connection-specific TLS
# parameters, you must also specify OPT_X_TLS_NEWCTX = 0
@ -124,7 +124,7 @@ class LDAPBackend(BaseLDAPBackend):
raise ImproperlyConfigured(
"{} must be an {} instance.".format(setting_name, type_)
)
return super(LDAPBackend, self).authenticate(None, username, password)
return super(LDAPBackend, self).authenticate(request, username, password)
except Exception:
logger.exception("Encountered an error authenticating to LDAP")
return None
@ -196,10 +196,10 @@ class RADIUSBackend(BaseRADIUSBackend):
Custom Radius backend to verify license status
'''
def authenticate(self, username, password):
def authenticate(self, request, username, password):
if not django_settings.RADIUS_SERVER:
return None
return super(RADIUSBackend, self).authenticate(None, username, password)
return super(RADIUSBackend, self).authenticate(request, username, password)
def get_user(self, user_id):
if not django_settings.RADIUS_SERVER:
@ -217,7 +217,7 @@ class TACACSPlusBackend(object):
Custom TACACS+ auth backend for AWX
'''
def authenticate(self, username, password):
def authenticate(self, request, username, password):
if not django_settings.TACACSPLUS_HOST:
return None
try:
@ -284,13 +284,13 @@ class SAMLAuth(BaseSAMLAuth):
idp_config = self.setting('ENABLED_IDPS')[idp_name]
return TowerSAMLIdentityProvider(idp_name, **idp_config)
def authenticate(self, *args, **kwargs):
def authenticate(self, request, *args, **kwargs):
if not all([django_settings.SOCIAL_AUTH_SAML_SP_ENTITY_ID, django_settings.SOCIAL_AUTH_SAML_SP_PUBLIC_CERT,
django_settings.SOCIAL_AUTH_SAML_SP_PRIVATE_KEY, django_settings.SOCIAL_AUTH_SAML_ORG_INFO,
django_settings.SOCIAL_AUTH_SAML_TECHNICAL_CONTACT, django_settings.SOCIAL_AUTH_SAML_SUPPORT_CONTACT,
django_settings.SOCIAL_AUTH_SAML_ENABLED_IDPS]):
return None
user = super(SAMLAuth, self).authenticate(*args, **kwargs)
user = super(SAMLAuth, self).authenticate(request, *args, **kwargs)
# Comes from https://github.com/omab/python-social-auth/blob/v0.2.21/social/backends/base.py#L91
if getattr(user, 'is_new', False):
_decorate_enterprise_user(user, 'saml')

View File

@ -4,7 +4,7 @@ from unittest import mock
def test_empty_host_fails_auth(tacacsplus_backend):
with mock.patch('awx.sso.backends.django_settings') as settings:
settings.TACACSPLUS_HOST = ''
ret_user = tacacsplus_backend.authenticate(u"user", u"pass")
ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass")
assert ret_user is None
@ -16,7 +16,7 @@ def test_client_raises_exception(tacacsplus_backend):
mock.patch('tacacs_plus.TACACSClient', return_value=client):
settings.TACACSPLUS_HOST = 'localhost'
settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii'
ret_user = tacacsplus_backend.authenticate(u"user", u"pass")
ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass")
assert ret_user is None
logger.exception.assert_called_once_with(
"TACACS+ Authentication Error: foo"
@ -32,7 +32,7 @@ def test_client_return_invalid_fails_auth(tacacsplus_backend):
mock.patch('tacacs_plus.TACACSClient', return_value=client):
settings.TACACSPLUS_HOST = 'localhost'
settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii'
ret_user = tacacsplus_backend.authenticate(u"user", u"pass")
ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass")
assert ret_user is None
@ -48,5 +48,5 @@ def test_client_return_valid_passes_auth(tacacsplus_backend):
mock.patch('awx.sso.backends._get_or_set_enterprise_user', return_value=user):
settings.TACACSPLUS_HOST = 'localhost'
settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii'
ret_user = tacacsplus_backend.authenticate(u"user", u"pass")
ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass")
assert ret_user == user