Python requests_kerberos.DISABLED Examples

The following are 7 code examples of requests_kerberos.DISABLED(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module requests_kerberos , or try the search function .
Example #1
Source File: client.py    From jira with BSD 2-Clause "Simplified" License 6 votes vote down vote up
def _create_kerberos_session(self, timeout, kerberos_options=None):
        verify = self._options["verify"]
        if kerberos_options is None:
            kerberos_options = {}

        from requests_kerberos import DISABLED
        from requests_kerberos import HTTPKerberosAuth
        from requests_kerberos import OPTIONAL

        if kerberos_options.get("mutual_authentication", "OPTIONAL") == "OPTIONAL":
            mutual_authentication = OPTIONAL
        elif kerberos_options.get("mutual_authentication") == "DISABLED":
            mutual_authentication = DISABLED
        else:
            raise ValueError(
                "Unknown value for mutual_authentication: %s"
                % kerberos_options["mutual_authentication"]
            )

        self._session = ResilientSession(timeout=timeout)
        self._session.verify = verify
        self._session.auth = HTTPKerberosAuth(
            mutual_authentication=mutual_authentication
        ) 
Example #2
Source File: tar.py    From treadmill with Apache License 2.0 6 votes vote down vote up
def _download(url, temp):
    """Downloads the image."""
    _LOGGER.debug('Downloading tar file from %r to %r.', url, temp)

    krb_auth = requests_kerberos.HTTPKerberosAuth(
        mutual_authentication=requests_kerberos.DISABLED,
        # kerberos 1.2.5 doesn't accept None principal. Remove this once fixed.
        principal=''
    )

    request = requests.get(url, stream=True, auth=krb_auth)
    shutil.copyfileobj(request.raw, temp) 
Example #3
Source File: rt.py    From ticketutil with GNU General Public License v3.0 5 votes vote down vote up
def _create_requests_session(self):
        """
        Creates a Requests Session and authenticates to base API URL with HTTP Basic Auth or Kerberos Auth.
        We're using a Session to persist cookies across all requests made from the Session instance.
        :return s: Requests Session.
        """
        s = requests.Session()
        # Kerberos Auth
        if self.auth == 'kerberos':
            self.principal = ticket._get_kerberos_principal()
            s.auth = HTTPKerberosAuth(mutual_authentication=DISABLED)
            s.verify = False
        # HTTP Basic Auth
        if isinstance(self.auth, tuple):
            username, password = self.auth
            self.principal = username
            s.params.update({'user': username, 'pass': password})

        # Try to authenticate to auth_url.
        try:
            r = s.get(self.auth_url)
            logger.debug("Create requests session: status code: {0}".format(r.status_code))
            r.raise_for_status()
            # Special case for RT. A 200 status code is still returned if authentication failed. Have to check r.text.
            if '200' not in r.text:
                raise requests.RequestException
            logger.info("Successfully authenticated to {0}".format(self.ticketing_tool))
            return s
        except requests.RequestException as e:
            logger.error("Error authenticating to {0}".format(self.auth_url))
            s.close() 
Example #4
Source File: ticket.py    From ticketutil with GNU General Public License v3.0 5 votes vote down vote up
def _create_requests_session(self):
        """
        Creates a Requests Session and authenticates to base API URL with kerberos-requests.
        We're using a Session to persist cookies across all requests made from the Session instance.
        :return s: Requests Session.
        """
        # TODO: Support other authentication methods.
        # Set up authentication for requests session.
        s = requests.Session()
        if self.auth == 'kerberos':
            self.principal = _get_kerberos_principal()
            s.auth = HTTPKerberosAuth(mutual_authentication=DISABLED)
            s.verify = self.verify
        if isinstance(self.auth, tuple):
            s.auth = self.auth
            s.verify = self.verify

        # Try to authenticate to auth_url.
        try:
            r = s.get(self.auth_url)
            logger.debug("Create requests session: status code: {0}".format(r.status_code))
            r.raise_for_status()
            logger.info("Successfully authenticated to {0}".format(self.ticketing_tool))
            return s
        except requests.RequestException as e:
            logger.error("Error authenticating to {0}".format(self.auth_url))
            logger.error(e)
            s.close() 
Example #5
Source File: restclient.py    From treadmill with Apache License 2.0 5 votes vote down vote up
def _krb_auth():
    """Returns kerberos auth object."""
    auth_principle = None
    if os.name == 'posix':
        # kerberos 1.2.5 doesn't accept None principal. Remove this once fixed.
        auth_principle = ''

    return requests_kerberos.HTTPKerberosAuth(
        mutual_authentication=requests_kerberos.DISABLED,
        principal=auth_principle,
        service=restclientopts.AUTH_PRINCIPAL
    ) 
Example #6
Source File: http.py    From integrations-core with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
def create_kerberos_auth(config):
    global requests_kerberos
    if requests_kerberos is None:
        import requests_kerberos

        KERBEROS_STRATEGIES['required'] = requests_kerberos.REQUIRED
        KERBEROS_STRATEGIES['optional'] = requests_kerberos.OPTIONAL
        KERBEROS_STRATEGIES['disabled'] = requests_kerberos.DISABLED

    # For convenience
    if config['kerberos_auth'] is None or is_affirmative(config['kerberos_auth']):
        config['kerberos_auth'] = 'required'

    if config['kerberos_auth'] not in KERBEROS_STRATEGIES:
        raise ConfigurationError(
            'Invalid Kerberos strategy `{}`, must be one of: {}'.format(
                config['kerberos_auth'], ' | '.join(KERBEROS_STRATEGIES)
            )
        )

    return requests_kerberos.HTTPKerberosAuth(
        mutual_authentication=KERBEROS_STRATEGIES[config['kerberos_auth']],
        delegate=is_affirmative(config['kerberos_delegate']),
        force_preemptive=is_affirmative(config['kerberos_force_initiate']),
        hostname_override=config['kerberos_hostname'],
        principal=config['kerberos_principal'],
    ) 
Example #7
Source File: test_http.py    From integrations-core with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
def test_config_kerberos(self):
        instance = {'auth_type': 'kerberos', 'kerberos_auth': 'required'}
        init_config = {}

        # Trigger lazy import
        http = RequestsWrapper(instance, init_config)
        assert isinstance(http.options['auth'], requests_kerberos.HTTPKerberosAuth)

        with mock.patch('datadog_checks.base.utils.http.requests_kerberos.HTTPKerberosAuth') as m:
            RequestsWrapper(instance, init_config)

            m.assert_called_once_with(
                mutual_authentication=requests_kerberos.REQUIRED,
                delegate=False,
                force_preemptive=False,
                hostname_override=None,
                principal=None,
            )

        with mock.patch('datadog_checks.base.utils.http.requests_kerberos.HTTPKerberosAuth') as m:
            RequestsWrapper({'auth_type': 'kerberos', 'kerberos_auth': 'optional'}, init_config)

            m.assert_called_once_with(
                mutual_authentication=requests_kerberos.OPTIONAL,
                delegate=False,
                force_preemptive=False,
                hostname_override=None,
                principal=None,
            )

        with mock.patch('datadog_checks.base.utils.http.requests_kerberos.HTTPKerberosAuth') as m:
            RequestsWrapper({'auth_type': 'kerberos', 'kerberos_auth': 'disabled'}, init_config)

            m.assert_called_once_with(
                mutual_authentication=requests_kerberos.DISABLED,
                delegate=False,
                force_preemptive=False,
                hostname_override=None,
                principal=None,
            )