qivSrSSKrSSKJrJr SSKJr SSKJr Sr \R"\ 5r "SS\5r g) a Abstract base class of a domain controller (used by HTTPAuthenticator). This ABC serves as base class for DomainControllers and provides some default implementations. Domain controllers are called by `HTTPAuthenticator` to handle these tasks: - Basic authentication: Check if user_name/password is allowed to perform a request - Digest authentication (optional): Check if user_name is allowed to perform a request and return the MD5 hash. - Define permissions and roles for a given user (optional). Note that there is no checking for `isinstance(BaseDomainController)` in the code, so WsgiDAV also accepts duck-typed domain controllers. Digest Authentication --------------------- See https://en.wikipedia.org/wiki/Digest_access_authentication Permissions and Roles --------------------- A domain controller MAY add entries to the `environment["wsgidav.auth. ..."]` namespace in order to define access permissions for the following middleware (e.g. dir_browser) and DAV providers. TODO: Work In Progress / Subject to change N)ABCabstractmethod)md5)utilreStructuredTextc\rSrSrSrSrSrSrSr\ S5r \ S5r S r \ S 5r \ S 5rS rS rSrg)BaseDomainController2) browse_dirdelete_resource edit_resource)admineditorreadercXlX lg)N) wsgidav_appconfig)selfrrs G/home/kali/flask_env/lib/python3.13/site-packages/wsgidav/dc/base_dc.py__init__BaseDomainController.__init__9s & c4URRS3$)Nz()) __class____name__rs r__str__BaseDomainController.__str__=s..))*"--rc&U(aUSnOURRU5upCU(dK[RS[R "U[ RR5<SS<35 gURnUS:XaSnU$)zDInternal helper for derived classes to implement get_domain_realm().zwsgidav.providerz_calc_realm_from_path_provider(z): N/) rresolve_providerloggerwarningrsafe_re_encodesysstdoutencoding share_path)r path_infoenviron dav_provider_sharerealms r_calc_realm_from_path_provider3BaseDomainController._calc_realm_from_path_provider@s ##56L$(#3#3#D#DY#O F NN1$2E2EiQTQ[Q[QdQd2e1hhklpkst '' B;E rc[e)aReturn the normalized realm name for a given URL. This method is called - On startup, to check if anonymous access is allowed for a given share. In this case, `environ` is None. - For every request, before basic or digest authentication is handled. A domain controller that uses the share path as realm name may use the `_calc_realm_from_path_provider()` helper. Args: path_info (str): environ (dict | None): Returns: str NotImplementedError)rr*r+s rget_domain_realm%BaseDomainController.get_domain_realmVs &"!rc[e)aReturn False to disable authentication for this request. This method is called - On startup, to check if anonymous access is allowed for a given share. In this case, `environ` is None. - For every request, before basic or digest authentication is handled. If False is returned, we MAY also set environment variables for anonymous access:: environment["wsgidav.auth.roles"] = (, ...) environment["wsgidav.auth.permissions"] = (, ...) return False Args: realm (str): environ (dict | None): Returns: False to allow anonymous access True to force subsequent digest or basic authentication r2)rr.r+s rrequire_authentication+BaseDomainController.require_authenticationks ."!rcTURUS5nURUS5(+$)zReturn true if anonymous access will be granted to the share path. This method is called on start-up to print out info and warnings. Returns: bool N)r4r7)rr*r.s ris_share_anonymous'BaseDomainController.is_share_anonymouss,%%i6..ud;;;rc[e)aCheck request access permissions for realm/user_name/password. Called by http_authenticator for basic authentication requests. Optionally set environment variables: environ["wsgidav.auth.roles"] = (, ...) environ["wsgidav.auth.permissions"] = (, ...) Args: realm (str): user_name (str): password (str): environ (dict): Returns: False if user is not known or not authorized True if user is authorized r2)rr. user_namepasswordr+s rbasic_auth_user$BaseDomainController.basic_auth_users ("!rc[e)zSignal if this DC instance supports the HTTP digest authentication theme. If true, `HTTPAuthenticator` will call `dc.digest_auth_user()`, so this method must be implemented as well. Returns: bool r2rs rsupports_http_digest_auth.BaseDomainController.supports_http_digest_auths "!rc|US-U-S-U-n[[R"U55R5nU$)zGInternal helper for derived classes to compute a digest hash (A1 part).:)rrto_bytes hexdigest)rr.r=r>dataA1s r_compute_http_digest_a1,BaseDomainController._compute_http_digest_a1s;3&,x7 t$ % / / 1 rc[e)ajCheck access permissions for realm/user_name. Called by http_authenticator for basic authentication requests. Compute the HTTP digest hash A1 part. Any domain controller that returns true for `supports_http_digest_auth()` MUST implement this method. Optionally set environment variables: environ["wsgidav.auth.roles"] = (, ...) environ["wsgidav.auth.permissions"] = (, ...) Note that in order to calculate A1, we need either - Access the plain text password of the user. In this case the method `self._compute_http_digest_a1()` can be used for convenience. Or - Return a stored hash value that is associated with the user name (for example from Apache's htdigest files). Args: realm (str): user_name (str): environ (dict): Returns: str: MD5("{usern_name}:{realm}:{password}") or false if user is unknown or rejected r2)rr.r=r+s rdigest_auth_user%BaseDomainController.digest_auth_users D"!r)rrN)r __module__ __qualname____firstlineno__known_permissions known_rolesrrr/rr4r7r:r?rBrJrM__static_attributes__rrr r 2s~K/K.,""(""0 <""* " ": ""rr )__doc__r&abcrrhashlibrwsgidavr __docformat__get_module_loggerrr#r rUrrr\s<#H #"   )y"3y"r