Skip to content

Commit 29cc5d6

Browse files
committed
Move context creation to its own method
1 parent f8b4d89 commit 29cc5d6

File tree

1 file changed

+35
-23
lines changed

1 file changed

+35
-23
lines changed

httpx_gssapi/gssapi_.py

Lines changed: 35 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
import re
22
import logging
3-
from typing import Generator, Optional
3+
from typing import Generator, Optional, List
44

55
from base64 import b64encode, b64decode
66

@@ -189,29 +189,9 @@ def generate_request_header(self,
189189
If any GSSAPI step fails, raise SPNEGOExchangeError
190190
with failure detail.
191191
"""
192-
gssflags = [gssapi.RequirementFlag.out_of_sequence_detection]
193-
if self.delegate:
194-
gssflags.append(gssapi.RequirementFlag.delegate_to_peer)
195-
if self.mutual_authentication != DISABLED:
196-
gssflags.append(gssapi.RequirementFlag.mutual_authentication)
197-
198192
gss_stage = "initiating context"
199193
try:
200-
if type(self.target_name) != gssapi.Name:
201-
if '@' not in self.target_name:
202-
self.target_name = f"{self.target_name}@{host}"
203-
204-
self.target_name = gssapi.Name(
205-
self.target_name,
206-
gssapi.NameType.hostbased_service,
207-
)
208-
self.context[host] = gssapi.SecurityContext(
209-
usage="initiate",
210-
flags=gssflags,
211-
name=self.target_name,
212-
creds=self.creds,
213-
mech=self.mech,
214-
)
194+
self.context[host] = self._make_context(host)
215195

216196
gss_stage = "stepping context"
217197
token = _negotiate_value(response) if response else None
@@ -235,7 +215,7 @@ def authenticate_user(self, response: Response) -> Request:
235215

236216
return response.request
237217

238-
def authenticate_server(self, response: Response):
218+
def authenticate_server(self, response: Response) -> bool:
239219
"""
240220
Uses GSSAPI to authenticate the server.
241221
@@ -256,3 +236,35 @@ def authenticate_server(self, response: Response):
256236

257237
log.debug("authenticate_server(): authentication successful")
258238
return True
239+
240+
def _make_context(self, host: str) -> gssapi.SecurityContext:
241+
"""
242+
Create a GSSAPI security context for handling the authentication.
243+
244+
:param host:
245+
Hostname to create context for. Only used if it isn't included
246+
in :py:attr:`target_name`
247+
"""
248+
name = self.target_name
249+
if type(name) != gssapi.Name: # type(name) is str
250+
if '@' not in name:
251+
name += f"@{host}"
252+
name = gssapi.Name(name, gssapi.NameType.hostbased_service)
253+
254+
return gssapi.SecurityContext(
255+
usage="initiate",
256+
flags=self._gssflags,
257+
name=name,
258+
creds=self.creds,
259+
mech=self.mech,
260+
)
261+
262+
@property
263+
def _gssflags(self) -> List[gssapi.RequirementFlag]:
264+
"""List of configured GSSAPI requirement flags."""
265+
flags = [gssapi.RequirementFlag.out_of_sequence_detection]
266+
if self.delegate:
267+
flags.append(gssapi.RequirementFlag.delegate_to_peer)
268+
if self.mutual_authentication != DISABLED:
269+
flags.append(gssapi.RequirementFlag.mutual_authentication)
270+
return flags

0 commit comments

Comments
 (0)