This repository has been archived on 2020-03-24. You can view files and clone it, but cannot push or open issues or pull requests.
quay/data/users/apptoken.py

64 lines
1.8 KiB
Python
Raw Normal View History

import logging
from data import model
from oauth.loginmanager import OAuthLoginManager
from oauth.oidc import PublicKeyLoadException
from util.security.jwtutil import InvalidTokenError
logger = logging.getLogger(__name__)
class AppTokenInternalAuth(object):
""" Forces all internal credential login to go through an app token, by disabling all other
access.
"""
@property
def supports_fresh_login(self):
# Since there is no password.
return False
@property
def federated_service(self):
return None
@property
def requires_distinct_cli_password(self):
# Since there is no supported "password".
return False
@property
def supports_encrypted_credentials(self):
# Since there is no supported "password".
return False
def verify_credentials(self, username_or_email, id_token):
return (None, 'An application specific token is required to login')
def verify_and_link_user(self, username_or_email, password):
return self.verify_credentials(username_or_email, password)
def confirm_existing_user(self, username, password):
return self.verify_credentials(username, password)
def link_user(self, username_or_email):
return (None, 'Unsupported for this authentication system')
def get_and_link_federated_user_info(self, user_info):
return (None, 'Unsupported for this authentication system')
def query_users(self, query, limit):
return (None, '', '')
def check_group_lookup_args(self, group_lookup_args):
return (False, 'Not supported')
def iterate_group_members(self, group_lookup_args, page_size=None, disable_pagination=False):
return (None, 'Not supported')
def service_metadata(self):
return {}
def ping(self):
""" Always assumed to be working. If the DB is broken, other checks will handle it. """
return (True, None)