particle-os/debian-koji
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

conditional evaluation of proxyauthtype

Browse source
This commit is contained in:
Tomas Kopecek 2021-09-23 09:55:24 +02:00 committed by Yu Ming Zhu
parent 24e5c0cb45
commit ac8e83e3ac
1 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

18
koji/auth.py
View file

@ -374,15 +374,15 @@ class Session(object):
else:
raise koji.AuthError('%s is not authorized to login other users' % client_dn)
# in this point we can continue with proxied user in same way as if it is not proxied
if proxyauthtype is not None:
if not context.opts['ProxyAuthType']:
raise koji.AuthError("Proxy must use same auth mechanism as hub "
"(behaviour can be overriden via ProxyAuthType hub option)")
if proxyauthtype not in (koji.AUTHTYPE_GSSAPI, koji.AUTHTYPE_SSL):
raise koji.AuthError(
"Proxied authtype %s is not valid for sslLogin" % proxyauthtype)
authtype = proxyauthtype
# in this point we can continue with proxied user in same way as if it is not proxied
if proxyauthtype is not None:
if not context.opts['ProxyAuthType']:
raise koji.AuthError("Proxy must use same auth mechanism as hub (behaviour "
"can be overriden via ProxyAuthType hub option)")
if proxyauthtype not in (koji.AUTHTYPE_GSSAPI, koji.AUTHTYPE_SSL):
raise koji.AuthError(
"Proxied authtype %s is not valid for sslLogin" % proxyauthtype)
authtype = proxyauthtype
if authtype == koji.AUTHTYPE_GSSAPI and '@' in username:
user_id = self.getUserIdFromKerberos(username)