Package pyxmpp2 :: Package sasl :: Module core
[hide private]

Module core

Base classes for PyXMPP SASL implementation.

Normative reference:

Authentication properties

Most authentication mechanisms needs some data to identify the authenticating entity and/or to provide characteristics of the communication channel. These are passed as a properties mapping to the .start() method to a server or client authenticator.

Similar mechanism is used to return data obtained via the authentication process: the Success object has a Success.properties attribute with the data obtained.

The mapping contains name->value pairs. Meaning of those is generally mechanism-dependant, but these are the usually expected properties:

Classes [hide private]
  PasswordDatabase
Password database interface.
  Reply
Base class for SASL authentication reply objects.
  Challenge
The challenge SASL message (server's challenge for the client).
  Response
The response SASL message (clients's reply the server's challenge).
  Failure
The failure SASL message.
  Success
The success SASL message (sent by the server on authentication success).
  ClientAuthenticator
Base class for client authenticators.
  ServerAuthenticator
Base class for server authenticators.
Functions [hide private]
bytes
default_nonce_factory()
Generate a random string for digest authentication challenges.
 
_key_func(item)
Key function used for sorting SASL authenticator classes
 
_register_client_authenticator(klass, name)
Add a client authenticator class to CLIENT_MECHANISMS_D, CLIENT_MECHANISMS and, optionally, to SECURE_CLIENT_MECHANISMS
 
_register_server_authenticator(klass, name)
Add a client authenticator class to SERVER_MECHANISMS_D, SERVER_MECHANISMS and, optionally, to SECURE_SERVER_MECHANISMS
 
sasl_mechanism(name, secure, preference=50)
Class decorator generator for ClientAuthenticator or ServerAuthenticator subclasses.
Variables [hide private]
  logger = logging.getLogger("pyxmpp2.sasl.core")
  CLIENT_MECHANISMS_D = {'DIGEST-MD5': <class 'pyxmpp2.sasl.dige...
  CLIENT_MECHANISMS = ['SCRAM-SHA-1-PLUS', 'SCRAM-SHA-1', 'DIGES...
  SECURE_CLIENT_MECHANISMS = ['SCRAM-SHA-1-PLUS', 'SCRAM-SHA-1',...
  SERVER_MECHANISMS_D = {'DIGEST-MD5': <class 'pyxmpp2.sasl.dige...
  SERVER_MECHANISMS = ['SCRAM-SHA-1-PLUS', 'SCRAM-SHA-1', 'DIGES...
  SECURE_SERVER_MECHANISMS = ['SCRAM-SHA-1-PLUS', 'SCRAM-SHA-1',...
Function Details [hide private]

default_nonce_factory()

 

Generate a random string for digest authentication challenges.

The string should be cryptographicaly secure random pattern.

Returns: bytes
the string generated.

sasl_mechanism(name, secure, preference=50)

 
Class decorator generator for ClientAuthenticator or ServerAuthenticator subclasses. Adds the class to the pyxmpp.sasl mechanism registry.
Parameters:
  • name (unicode) - SASL mechanism name
  • secure (bool) - if the mechanims can be considered secure - True if it can be used over plain-text channel
  • preference (int) - mechanism preference level (the higher the better)

Variables Details [hide private]

CLIENT_MECHANISMS_D

Value:
{'DIGEST-MD5': <class 'pyxmpp2.sasl.digest_md5.DigestMD5ClientAuthenti\
cator'>,
 'EXTERNAL': <class 'pyxmpp2.sasl.external.ExternalClientAuthenticator\
'>,
 'PLAIN': <class 'pyxmpp2.sasl.plain.PlainClientAuthenticator'>,
 'SCRAM-SHA-1': <class 'pyxmpp2.sasl.scram.SCRAM_SHA_1_ClientAuthentic\
ator'>,
 'SCRAM-SHA-1-PLUS': <class 'pyxmpp2.sasl.scram.SCRAM_SHA_1_PLUS_Clien\
...

CLIENT_MECHANISMS

Value:
['SCRAM-SHA-1-PLUS',
 'SCRAM-SHA-1',
 'DIGEST-MD5',
 'PLAIN',
 'X-FACEBOOK-PLATFORM',
 'EXTERNAL']

SECURE_CLIENT_MECHANISMS

Value:
['SCRAM-SHA-1-PLUS', 'SCRAM-SHA-1', 'DIGEST-MD5', 'PLAIN']

SERVER_MECHANISMS_D

Value:
{'DIGEST-MD5': <class 'pyxmpp2.sasl.digest_md5.DigestMD5ServerAuthenti\
cator'>,
 'PLAIN': <class 'pyxmpp2.sasl.plain.PlainServerAuthenticator'>,
 'SCRAM-SHA-1': <class 'pyxmpp2.sasl.scram.SCRAM_SHA_1_ServerAuthentic\
ator'>,
 'SCRAM-SHA-1-PLUS': <class 'pyxmpp2.sasl.scram.SCRAM_SHA_1_PLUS_Serve\
rAuthenticator'>}

SERVER_MECHANISMS

Value:
['SCRAM-SHA-1-PLUS', 'SCRAM-SHA-1', 'DIGEST-MD5', 'PLAIN']

SECURE_SERVER_MECHANISMS

Value:
['SCRAM-SHA-1-PLUS', 'SCRAM-SHA-1', 'DIGEST-MD5', 'PLAIN']