twisted.web.guard.HTTPAuthSessionWrapper(object)
class documentationtwisted.web.guard
View Source
(View In Hierarchy)
Implements interfaces: twisted.web.resource.IResource
Wrap a portal, enforcing supported header-based authentication schemes.
Method | __init__ | Initialize a session wrapper |
Method | render | Find the IResource
avatar suitable for the given request, if possible, and render it.
Otherwise, perhaps render an error page requiring authorization or
describing an internal server failure. |
Method | getChildWithDefault | No summary |
Instance Variable | _portal | The Portal which
will be used to retrieve IResource
avatars. |
Instance Variable | _credentialFactories | A list of ICredentialFactory
providers which will be used to decode Authorization headers into ICredentials
providers. |
Method | _authorizedResource | No summary |
Method | _login | Get the IResource
avatar for the given credentials. |
Method | _loginSucceeded | Handle login success by wrapping the resulting IResource
avatar so that the logout callback will be invoked when
rendering is complete. |
Method | _loginFailed | Handle login failure by presenting either another challenge (for expected authentication/authorization-related failures) or a server error page (for anything else). |
Method | _selectParseHeader | Choose an ICredentialFactory from
_credentialFactories suitable to use to decode the given
Authenticate header. |
ICredentialFactory
providers which will be used to decode Authorization headers into ICredentials
providers.
Initialize a session wrapper
Parameters | portal | The portal that will authenticate the remote client (type: Portal ) |
credentialFactories | The portal that will authenticate the remote client based on one submitted
ICredentialFactory (type: Iterable ) |
Get the IResource
which
the given request is authorized to receive. If the proper authorization
headers are present, the resource will be requested from the portal. If
not, an anonymous login attempt will be made.
Find the IResource
avatar suitable for the given request, if possible, and render it.
Otherwise, perhaps render an error page requiring authorization or
describing an internal server failure.
Inspect the Authorization HTTP header, and return a deferred which, when
fired after successful authentication, will return an authorized
Avatar
. On authentication failure, an
UnauthorizedResource
will be returned, essentially halting
further dispatch on the wrapped resource and all children
Handle login success by wrapping the resulting IResource
avatar so that the logout
callback will be invoked when
rendering is complete.
Handle login failure by presenting either another challenge (for expected authentication/authorization-related failures) or a server error page (for anything else).
Choose an ICredentialFactory
from
_credentialFactories
suitable to use to decode the given
Authenticate header.
Returns | A two-tuple of a factory and the remaining portion of the header value to
be decoded or a two-tuple of None if no factory can decode the
header value. |