From a6913409865fe988b576b8f8a5c9626025306756 Mon Sep 17 00:00:00 2001 From: Jeff Bradberry Date: Fri, 12 Jul 2019 11:15:07 -0400 Subject: [PATCH] Update authenticate method on auth backends to add required request param This became mandatory in Django 2.1. --- awx/sso/backends.py | 14 +++++++------- awx/sso/tests/unit/test_tacacsplus.py | 8 ++++---- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/awx/sso/backends.py b/awx/sso/backends.py index 4498fa7fe4..13fd4be02f 100644 --- a/awx/sso/backends.py +++ b/awx/sso/backends.py @@ -98,7 +98,7 @@ class LDAPBackend(BaseLDAPBackend): settings = property(_get_settings, _set_settings) - def authenticate(self, username, password): + def authenticate(self, request, username, password): if self.settings.START_TLS and ldap.OPT_X_TLS_REQUIRE_CERT in self.settings.CONNECTION_OPTIONS: # with python-ldap, if you want to set connection-specific TLS # parameters, you must also specify OPT_X_TLS_NEWCTX = 0 @@ -124,7 +124,7 @@ class LDAPBackend(BaseLDAPBackend): raise ImproperlyConfigured( "{} must be an {} instance.".format(setting_name, type_) ) - return super(LDAPBackend, self).authenticate(None, username, password) + return super(LDAPBackend, self).authenticate(request, username, password) except Exception: logger.exception("Encountered an error authenticating to LDAP") return None @@ -196,10 +196,10 @@ class RADIUSBackend(BaseRADIUSBackend): Custom Radius backend to verify license status ''' - def authenticate(self, username, password): + def authenticate(self, request, username, password): if not django_settings.RADIUS_SERVER: return None - return super(RADIUSBackend, self).authenticate(None, username, password) + return super(RADIUSBackend, self).authenticate(request, username, password) def get_user(self, user_id): if not django_settings.RADIUS_SERVER: @@ -217,7 +217,7 @@ class TACACSPlusBackend(object): Custom TACACS+ auth backend for AWX ''' - def authenticate(self, username, password): + def authenticate(self, request, username, password): if not django_settings.TACACSPLUS_HOST: return None try: @@ -284,13 +284,13 @@ class SAMLAuth(BaseSAMLAuth): idp_config = self.setting('ENABLED_IDPS')[idp_name] return TowerSAMLIdentityProvider(idp_name, **idp_config) - def authenticate(self, *args, **kwargs): + def authenticate(self, request, *args, **kwargs): if not all([django_settings.SOCIAL_AUTH_SAML_SP_ENTITY_ID, django_settings.SOCIAL_AUTH_SAML_SP_PUBLIC_CERT, django_settings.SOCIAL_AUTH_SAML_SP_PRIVATE_KEY, django_settings.SOCIAL_AUTH_SAML_ORG_INFO, django_settings.SOCIAL_AUTH_SAML_TECHNICAL_CONTACT, django_settings.SOCIAL_AUTH_SAML_SUPPORT_CONTACT, django_settings.SOCIAL_AUTH_SAML_ENABLED_IDPS]): return None - user = super(SAMLAuth, self).authenticate(*args, **kwargs) + user = super(SAMLAuth, self).authenticate(request, *args, **kwargs) # Comes from https://github.com/omab/python-social-auth/blob/v0.2.21/social/backends/base.py#L91 if getattr(user, 'is_new', False): _decorate_enterprise_user(user, 'saml') diff --git a/awx/sso/tests/unit/test_tacacsplus.py b/awx/sso/tests/unit/test_tacacsplus.py index c10cbd317e..e475694d63 100644 --- a/awx/sso/tests/unit/test_tacacsplus.py +++ b/awx/sso/tests/unit/test_tacacsplus.py @@ -4,7 +4,7 @@ from unittest import mock def test_empty_host_fails_auth(tacacsplus_backend): with mock.patch('awx.sso.backends.django_settings') as settings: settings.TACACSPLUS_HOST = '' - ret_user = tacacsplus_backend.authenticate(u"user", u"pass") + ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass") assert ret_user is None @@ -16,7 +16,7 @@ def test_client_raises_exception(tacacsplus_backend): mock.patch('tacacs_plus.TACACSClient', return_value=client): settings.TACACSPLUS_HOST = 'localhost' settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii' - ret_user = tacacsplus_backend.authenticate(u"user", u"pass") + ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass") assert ret_user is None logger.exception.assert_called_once_with( "TACACS+ Authentication Error: foo" @@ -32,7 +32,7 @@ def test_client_return_invalid_fails_auth(tacacsplus_backend): mock.patch('tacacs_plus.TACACSClient', return_value=client): settings.TACACSPLUS_HOST = 'localhost' settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii' - ret_user = tacacsplus_backend.authenticate(u"user", u"pass") + ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass") assert ret_user is None @@ -48,5 +48,5 @@ def test_client_return_valid_passes_auth(tacacsplus_backend): mock.patch('awx.sso.backends._get_or_set_enterprise_user', return_value=user): settings.TACACSPLUS_HOST = 'localhost' settings.TACACSPLUS_AUTH_PROTOCOL = 'ascii' - ret_user = tacacsplus_backend.authenticate(u"user", u"pass") + ret_user = tacacsplus_backend.authenticate(None, u"user", u"pass") assert ret_user == user