launchpad-reviewers team mailing list archive

Thread
Date

[Merge] lp:~jtv/maas/extract-api-auth into lp:maas

To: mp+93836@xxxxxxxxxxxxxxxxxx
From: "Jeroen T. Vermeulen" <jtv@xxxxxxxxxxxxx>
Date: Mon, 20 Feb 2012 13:43:21 -0000
Reply-to: mp+93836@xxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Jeroen T. Vermeulen has proposed merging lp:~jtv/maas/extract-api-auth into lp:maas.

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~jtv/maas/extract-api-auth/+merge/93836

maasserver.urls instantiates MaasAPIAuthentication (our custom OAuthAuthentication derivative), but metadataserver.urls will be needing it as well.  In the interest of branch brevity and minimal divergence, I'm extracting it in a separate branch.  A new module in maas (where our project-global stuff is supposed to go) both defines and instantiates the class, so there's only one symbol to export.  Yes, that's fine-grained but it may help avoid import cycles.
-- 
https://code.launchpad.net/~jtv/maas/extract-api-auth/+merge/93836
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~jtv/maas/extract-api-auth into lp:maas.

=== added file 'src/maas/api_auth.py'
--- src/maas/api_auth.py	1970-01-01 00:00:00 +0000
+++ src/maas/api_auth.py	2012-02-20 13:42:17 +0000
@@ -0,0 +1,40 @@
+# Copyright 2012 Canonical Ltd.  This software is licensed under the
+# GNU Affero General Public License version 3 (see the file LICENSE).
+
+"""OAuth authentication for the various APIs."""
+
+from __future__ import (
+    print_function,
+    unicode_literals,
+    )
+
+__metaclass__ = type
+__all__ = [
+    'api_auth',
+    ]
+
+from piston.authentication import OAuthAuthentication
+from piston.utils import rc
+
+
+class MaasAPIAuthentication(OAuthAuthentication):
+    """A piston authentication class that uses the currently logged-in user
+    if there is one, and defaults to piston's OAuthAuthentication if not.
+
+    """
+
+    def is_authenticated(self, request):
+        if request.user.is_authenticated():
+            return request.user
+        else:
+            return super(
+                MaasAPIAuthentication, self).is_authenticated(request)
+
+    def challenge(self):
+        # Beware: this returns 401: Unauthenticated, not 403: Forbidden
+        # as the name implies.
+        return rc.FORBIDDEN
+
+
+# OAuth authentication for the APIs.
+api_auth = MaasAPIAuthentication(realm="MaaS API")

=== modified file 'src/maasserver/api.py'
--- src/maasserver/api.py	2012-02-16 14:40:10 +0000
+++ src/maasserver/api.py	2012-02-20 13:42:17 +0000
@@ -24,9 +24,7 @@
 import sys
 import types
 
-from django.core.exceptions import (
-    ValidationError,
-    )
+from django.core.exceptions import ValidationError
 from django.http import (
     HttpResponse,
     HttpResponseBadRequest,
@@ -50,7 +48,6 @@
     MACAddress,
     Node,
     )
-from piston.authentication import OAuthAuthentication
 from piston.doc import generate_doc
 from piston.handler import (
     BaseHandler,
@@ -59,23 +56,6 @@
 from piston.utils import rc
 
 
-class MaasAPIAuthentication(OAuthAuthentication):
-    """A piston authentication class that uses the currently logged-in user
-    if there is one, and defaults to piston's OAuthAuthentication if not.
-
-    """
-
-    def is_authenticated(self, request):
-        if request.user.is_authenticated():
-            return request.user
-        else:
-            return super(
-                MaasAPIAuthentication, self).is_authenticated(request)
-
-    def challenge(self):
-        return rc.FORBIDDEN
-
-
 dispatch_methods = {
     'GET': 'read',
     'POST': 'create',

=== modified file 'src/maasserver/urls.py'
--- src/maasserver/urls.py	2012-02-16 15:58:31 +0000
+++ src/maasserver/urls.py	2012-02-20 13:42:17 +0000
@@ -21,11 +21,11 @@
     direct_to_template,
     redirect_to,
     )
+from maas.api_auth import api_auth
 from maasserver.api import (
     AccountHandler,
     api_doc,
     FilesHandler,
-    MaasAPIAuthentication,
     NodeHandler,
     NodeMacHandler,
     NodeMacsHandler,
@@ -93,14 +93,12 @@
 
 
 # API.
-auth = MaasAPIAuthentication(realm="MaaS API")
-
-account_handler = Resource(AccountHandler, authentication=auth)
-files_handler = Resource(FilesHandler, authentication=auth)
-node_handler = Resource(NodeHandler, authentication=auth)
-nodes_handler = Resource(NodesHandler, authentication=auth)
-node_mac_handler = Resource(NodeMacHandler, authentication=auth)
-node_macs_handler = Resource(NodeMacsHandler, authentication=auth)
+account_handler = Resource(AccountHandler, authentication=api_auth)
+files_handler = Resource(FilesHandler, authentication=api_auth)
+node_handler = Resource(NodeHandler, authentication=api_auth)
+nodes_handler = Resource(NodesHandler, authentication=api_auth)
+node_mac_handler = Resource(NodeMacHandler, authentication=api_auth)
+node_macs_handler = Resource(NodeMacsHandler, authentication=api_auth)
 
 # API URLs accessible to anonymous users.
 urlpatterns += patterns('',