diff --git a/src/django_kerberos/__init__.py b/src/django_kerberos/__init__.py
index 3f262a6..e69de29 100644
--- a/src/django_kerberos/__init__.py
+++ b/src/django_kerberos/__init__.py
@@ -1 +0,0 @@
-__version__ = '1.2.1'
diff --git a/src/django_kerberos/app_settings.py b/src/django_kerberos/app_settings.py
index be740f3..05764d1 100644
--- a/src/django_kerberos/app_settings.py
+++ b/src/django_kerberos/app_settings.py
@@ -1,14 +1,31 @@
+# django-kerberos - SPNEGO/Kerberos authentication for Django applications
+# Copyright (C) 2014-2019 Entr'ouvert
+#
+# This program is free software: you can redistribute it and/or modify it
+# under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see .
+
import sys
+
class AppSettings(object):
__PREFIX = 'KERBEROS_'
__DEFAULTS = {
- 'BACKEND_CREATE': False,
- 'BACKEND_ADMIN_REGEXP': None,
- 'DEFAULT_REALM': None,
- 'SERVICE_PRINCIPAL': '',
- 'HOSTNAME': None,
- 'KEEP_PASSWORD': False,
+ 'BACKEND_CREATE': False,
+ 'BACKEND_ADMIN_REGEXP': None,
+ 'DEFAULT_REALM': None,
+ 'SERVICE_PRINCIPAL': '',
+ 'HOSTNAME': None,
+ 'KEEP_PASSWORD': False,
}
def __getattr__(self, name):
diff --git a/src/django_kerberos/backends.py b/src/django_kerberos/backends.py
index 6cc87e1..1cac582 100644
--- a/src/django_kerberos/backends.py
+++ b/src/django_kerberos/backends.py
@@ -1,3 +1,19 @@
+# django-kerberos - SPNEGO/Kerberos authentication for Django applications
+# Copyright (C) 2014-2019 Entr'ouvert
+#
+# This program is free software: you can redistribute it and/or modify it
+# under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see .
+
import re
import logging
@@ -11,6 +27,7 @@ from django.contrib.auth.backends import ModelBackend
import kerberos
+
class KerberosBackend(ModelBackend):
def __init__(self):
self.logger = logging.getLogger(__name__)
@@ -57,7 +74,6 @@ class KerberosBackend(ModelBackend):
self.provision_user(principal, user)
return user
-
def authenticate(self, principal=None, **kwargs):
if principal and self.authorize_principal(principal):
return self.lookup_user(principal)
@@ -81,9 +97,9 @@ class KerberosPasswordBackend(KerberosBackend):
def service_principal(self):
'''Service principal for checking password'''
if not app_settings.SERVICE_PRINCIPAL:
- raise ImproperlyConfigured('Kerberos password backend needs '
- 'the setting KERBEROS_SERVICE_PRINCIPAL to be '
- 'set')
+ raise ImproperlyConfigured('Kerberos password backend needs the '
+ 'setting KERBEROS_SERVICE_PRINCIPAL to be'
+ ' set')
return app_settings.SERVICE_PRINCIPAL
def authenticate(self, username=None, password=None, **kwargs):
@@ -96,11 +112,12 @@ class KerberosPasswordBackend(KerberosBackend):
try:
if not kerberos.checkPassword(principal, password,
- self.service_principal(), self.default_realm()):
+ self.service_principal(),
+ self.default_realm()):
return
- except kerberos.KrbError, e:
- logging.getLogger(__name__).error('password validation'
- 'for principal %r failed %s', principal, e)
+ except kerberos.KrbError as e:
+ logging.getLogger(__name__).error(
+ 'password validation forprincipal %r failed %s', principal, e)
return
else:
if principal and self.authorize_principal(principal):
diff --git a/src/django_kerberos/hashers.py b/src/django_kerberos/hashers.py
index 35bea1d..6fc3d2e 100644
--- a/src/django_kerberos/hashers.py
+++ b/src/django_kerberos/hashers.py
@@ -1,3 +1,19 @@
+# django-kerberos - SPNEGO/Kerberos authentication for Django applications
+# Copyright (C) 2014-2019 Entr'ouvert
+#
+# This program is free software: you can redistribute it and/or modify it
+# under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see .
+
import logging
from django.core.exceptions import ImproperlyConfigured
@@ -9,6 +25,7 @@ import kerberos
from . import app_settings
+
class KerberosHasher(BasePasswordHasher):
'''A pseudo hasher which just validate that the given password
match a given Kerberos identity'''
@@ -20,9 +37,9 @@ class KerberosHasher(BasePasswordHasher):
def service_principal(self):
if not app_settings.SERVICE_PRINCIPAL:
- raise ImproperlyConfigured('Kerberos pseudo password hasher needs '
- 'the setting KERBEROS_SERVICE_PRINCIPAL to be '
- 'set')
+ raise ImproperlyConfigured(
+ 'Kerberos pseudo password hasher needs the setting '
+ 'KERBEROS_SERVICE_PRINCIPAL to be set')
return app_settings.SERVICE_PRINCIPAL
def verify(self, password, encoded):
@@ -31,11 +48,11 @@ class KerberosHasher(BasePasswordHasher):
principal = force_bytes(principal)
password = force_bytes(password)
try:
- return kerberos.checkPassword(principal, password,
- self.service_principal(), self.default_realm())
- except kerberos.KrbError, e:
- logging.getLogger(__name__).error('password validation'
- 'for principal %r failed %s', principal, e)
+ return kerberos.checkPassword(
+ principal, password,
+ self.service_principal(),
+ self.default_realm())
+ except kerberos.KrbError as e:
+ logging.getLogger(__name__).error(
+ 'password validation for principal %r failed %s', principal, e)
return False
-
-
diff --git a/src/django_kerberos/urls.py b/src/django_kerberos/urls.py
index de3834c..8fe5228 100644
--- a/src/django_kerberos/urls.py
+++ b/src/django_kerberos/urls.py
@@ -1,3 +1,19 @@
+# django-kerberos - SPNEGO/Kerberos authentication for Django applications
+# Copyright (C) 2014-2019 Entr'ouvert
+#
+# This program is free software: you can redistribute it and/or modify it
+# under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see .
+
from django.conf.urls import patterns, url
from . import views
diff --git a/src/django_kerberos/views.py b/src/django_kerberos/views.py
index baf7601..9403e7b 100644
--- a/src/django_kerberos/views.py
+++ b/src/django_kerberos/views.py
@@ -1,3 +1,19 @@
+# django-kerberos - SPNEGO/Kerberos authentication for Django applications
+# Copyright (C) 2014-2019 Entr'ouvert
+#
+# This program is free software: you can redistribute it and/or modify it
+# under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see .
+
import logging
import kerberos
@@ -62,7 +78,7 @@ class NegotiateView(View):
self.logger.debug(u'Negotiate authstr %r', authstr)
try:
result, context = kerberos.authGSSServerInit(service)
- except kerberos.KrbError, e:
+ except kerberos.KrbError as e:
self.logger.warning(u'exception during authGSSServerInit: %s, certainly a '
u'keytab problem', e)
details = (u'exception during authGSSServerInit: %s, certainly a '
@@ -78,7 +94,7 @@ class NegotiateView(View):
context={'details': details}, status=500)
try:
r = kerberos.authGSSServerStep(context, authstr)
- except kerberos.KrbError, e:
+ except kerberos.KrbError as e:
self.logger.warning(u'exception during authGSSServerStep: %s', e)
details = u'exception during authGSSServerStep: %s' % e
return TemplateResponse(request, self.error_template_name,
@@ -89,7 +105,7 @@ class NegotiateView(View):
return self.challenge(request, *args, **kwargs)
try:
self.principal = kerberos.authGSSServerUserName(context)
- except kerberos.KrbError, e:
+ except kerberos.KrbError as e:
self.logger.warning(u'exception during authGSSServerUserName: %s', e)
details = u'exception during authGSSServerUserName: %s' % e
return TemplateResponse(request, self.error_template_name,