particle-os/debian-koji
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

further fixes (will be squashed before merge)

Browse source
This commit is contained in:
Tomas Kopecek 2021-09-20 11:31:25 +02:00 committed by Yu Ming Zhu
parent b6ccafafeb
commit 24e5c0cb45
4 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
koji/auth.py
View file

@ -324,6 +324,9 @@ class Session(object):
value for different handling. Typical case is proxying kerberos user via
web ui which itself is authenticated via SSL certificate. (See kojiweb
for usage).
proxyauthtype is working only if ProxyAuthType option is set to 'On' in
the hub.conf
"""
if self.logged_in:
raise koji.AuthError("Already logged in")
@ -373,6 +376,9 @@ class Session(object):
# in this point we can continue with proxied user in same way as if it is not proxied
if proxyauthtype is not None:
if not context.opts['ProxyAuthType']:
raise koji.AuthError("Proxy must use same auth mechanism as hub "
"(behaviour can be overriden via ProxyAuthType hub option)")
if proxyauthtype not in (koji.AUTHTYPE_GSSAPI, koji.AUTHTYPE_SSL):
raise koji.AuthError(
"Proxied authtype %s is not valid for sslLogin" % proxyauthtype)