diff --git a/apps/authentication/backends/custom.py b/apps/authentication/backends/custom.py index 3f2b05940..77109b1fd 100644 --- a/apps/authentication/backends/custom.py +++ b/apps/authentication/backends/custom.py @@ -5,7 +5,7 @@ from django.utils.translation import gettext_lazy as _ from authentication.signals import user_auth_failed, user_auth_success from common.utils import get_logger -from .base import JMSModelBackend +from .base import JMSBaseAuthBackend logger = get_logger(__file__) @@ -20,9 +20,10 @@ if settings.AUTH_CUSTOM: logger.warning('Import custom auth method failed: {}, Maybe not enabled'.format(e)) -class CustomAuthBackend(JMSModelBackend): +class CustomAuthBackend(JMSBaseAuthBackend): - def is_enabled(self): + @staticmethod + def is_enabled(): return settings.AUTH_CUSTOM and callable(custom_authenticate_method) @staticmethod @@ -35,10 +36,10 @@ class CustomAuthBackend(JMSModelBackend): ) return user, created - def authenticate(self, request, username=None, password=None, **kwargs): + def authenticate(self, request, username=None, password=None): try: userinfo: dict = custom_authenticate_method( - username=username, password=password, **kwargs + username=username, password=password ) user, created = self.get_or_create_user_from_userinfo(userinfo) except Exception as e: diff --git a/apps/authentication/backends/oauth2/backends.py b/apps/authentication/backends/oauth2/backends.py index 98cc52195..a6554c992 100644 --- a/apps/authentication/backends/oauth2/backends.py +++ b/apps/authentication/backends/oauth2/backends.py @@ -18,7 +18,7 @@ from common.exceptions import JMSException from .signals import ( oauth2_create_or_update_user ) -from ..base import JMSModelBackend +from ..base import JMSBaseAuthBackend __all__ = ['OAuth2Backend'] @@ -26,7 +26,7 @@ __all__ = ['OAuth2Backend'] logger = get_logger(__name__) -class OAuth2Backend(JMSModelBackend): +class OAuth2Backend(JMSBaseAuthBackend): @staticmethod def is_enabled(): return settings.AUTH_OAUTH2 @@ -68,7 +68,7 @@ class OAuth2Backend(JMSModelBackend): response_data = response_data['data'] return response_data - def authenticate(self, request, code=None, **kwargs): + def authenticate(self, request, code=None): log_prompt = "Process authenticate [OAuth2Backend]: {}" logger.debug(log_prompt.format('Start')) if code is None: diff --git a/apps/authentication/backends/oidc/backends.py b/apps/authentication/backends/oidc/backends.py index cd27865e7..82a1391ce 100644 --- a/apps/authentication/backends/oidc/backends.py +++ b/apps/authentication/backends/oidc/backends.py @@ -86,7 +86,7 @@ class OIDCAuthCodeBackend(OIDCBaseBackend): """ @ssl_verification - def authenticate(self, request, nonce=None, code_verifier=None, **kwargs): + def authenticate(self, request, nonce=None, code_verifier=None): """ Authenticates users in case of the OpenID Connect Authorization code flow. """ log_prompt = "Process authenticate [OIDCAuthCodeBackend]: {}" logger.debug(log_prompt.format('start')) @@ -233,15 +233,15 @@ class OIDCAuthCodeBackend(OIDCBaseBackend): class OIDCAuthPasswordBackend(OIDCBaseBackend): @ssl_verification - def authenticate(self, request, username=None, password=None, **kwargs): + def authenticate(self, request, username=None, password=None): try: - return self._authenticate(request, username, password, **kwargs) + return self._authenticate(request, username, password) except Exception as e: error = f'Authenticate exception: {e}' logger.error(error, exc_info=True) return - def _authenticate(self, request, username=None, password=None, **kwargs): + def _authenticate(self, request, username=None, password=None): """ https://oauth.net/2/ https://aaronparecki.com/oauth-2-simplified/#password diff --git a/apps/authentication/backends/oidc/decorator.py b/apps/authentication/backends/oidc/decorator.py index e28813de8..e39b9ebf2 100644 --- a/apps/authentication/backends/oidc/decorator.py +++ b/apps/authentication/backends/oidc/decorator.py @@ -4,7 +4,9 @@ import warnings import contextlib import requests +import inspect +from functools import wraps from django.conf import settings from urllib3.exceptions import InsecureRequestWarning @@ -52,6 +54,7 @@ def no_ssl_verification(): def ssl_verification(func): + @wraps(func) def wrapper(*args, **kwargs): if not settings.AUTH_OPENID_IGNORE_SSL_VERIFICATION: return func(*args, **kwargs) diff --git a/apps/authentication/backends/radius/backends.py b/apps/authentication/backends/radius/backends.py index 148e9bac2..95ce1d7b2 100644 --- a/apps/authentication/backends/radius/backends.py +++ b/apps/authentication/backends/radius/backends.py @@ -51,10 +51,10 @@ class RadiusBaseBackend(CreateUserMixin, JMSBaseAuthBackend): class RadiusBackend(RadiusBaseBackend, RADIUSBackend): - def authenticate(self, request, username='', password='', **kwargs): + def authenticate(self, request, username='', password=''): return super().authenticate(request, username=username, password=password) class RadiusRealmBackend(RadiusBaseBackend, RADIUSRealmBackend): - def authenticate(self, request, username='', password='', realm=None, **kwargs): + def authenticate(self, request, username='', password='', realm=None): return super().authenticate(request, username=username, password=password, realm=realm) diff --git a/apps/authentication/backends/saml2/backends.py b/apps/authentication/backends/saml2/backends.py index ac2aa7bb7..52bc79501 100644 --- a/apps/authentication/backends/saml2/backends.py +++ b/apps/authentication/backends/saml2/backends.py @@ -10,14 +10,14 @@ from .signals import ( saml2_create_or_update_user ) from authentication.signals import user_auth_failed, user_auth_success -from ..base import JMSModelBackend +from ..base import JMSBaseAuthBackend __all__ = ['SAML2Backend'] logger = get_logger(__name__) -class SAML2Backend(JMSModelBackend): +class SAML2Backend(JMSBaseAuthBackend): @staticmethod def is_enabled(): return settings.AUTH_SAML2 @@ -42,7 +42,7 @@ class SAML2Backend(JMSModelBackend): ) return user, created - def authenticate(self, request, saml_user_data=None, **kwargs): + def authenticate(self, request, saml_user_data=None): log_prompt = "Process authenticate [SAML2Backend]: {}" logger.debug(log_prompt.format('Start')) if saml_user_data is None: diff --git a/apps/authentication/backends/sso.py b/apps/authentication/backends/sso.py index 5ee17a4ca..cc02b0d0d 100644 --- a/apps/authentication/backends/sso.py +++ b/apps/authentication/backends/sso.py @@ -1,57 +1,41 @@ from django.conf import settings -from .base import JMSModelBackend +from .base import JMSBaseAuthBackend -class SSOAuthentication(JMSModelBackend): - """ - 什么也不做呀😺 - """ - +class SSOAuthentication(JMSBaseAuthBackend): @staticmethod def is_enabled(): return settings.AUTH_SSO - def authenticate(self, request, sso_token=None, **kwargs): + def authenticate(self): pass -class WeComAuthentication(JMSModelBackend): - """ - 什么也不做呀😺 - """ - +class WeComAuthentication(JMSBaseAuthBackend): @staticmethod def is_enabled(): return settings.AUTH_WECOM - def authenticate(self, request, **kwargs): + def authenticate(self): pass -class DingTalkAuthentication(JMSModelBackend): - """ - 什么也不做呀😺 - """ - +class DingTalkAuthentication(JMSBaseAuthBackend): @staticmethod def is_enabled(): return settings.AUTH_DINGTALK - def authenticate(self, request, **kwargs): + def authenticate(self): pass -class FeiShuAuthentication(JMSModelBackend): - """ - 什么也不做呀😺 - """ - +class FeiShuAuthentication(JMSBaseAuthBackend): @staticmethod def is_enabled(): return settings.AUTH_FEISHU - def authenticate(self, request, **kwargs): + def authenticate(self): pass @@ -61,23 +45,15 @@ class LarkAuthentication(FeiShuAuthentication): return settings.AUTH_LARK -class SlackAuthentication(JMSModelBackend): - """ - 什么也不做呀😺 - """ - +class SlackAuthentication(JMSBaseAuthBackend): @staticmethod def is_enabled(): return settings.AUTH_SLACK - def authenticate(self, request, **kwargs): + def authenticate(self): pass -class AuthorizationTokenAuthentication(JMSModelBackend): - """ - 什么也不做呀😺 - """ - - def authenticate(self, request, **kwargs): +class AuthorizationTokenAuthentication(JMSBaseAuthBackend): + def authenticate(self): pass diff --git a/apps/authentication/backends/token.py b/apps/authentication/backends/token.py index be9cb9032..8881448de 100644 --- a/apps/authentication/backends/token.py +++ b/apps/authentication/backends/token.py @@ -3,13 +3,17 @@ from django.conf import settings from django.core.exceptions import PermissionDenied from authentication.models import TempToken -from .base import JMSModelBackend +from .base import JMSBaseAuthBackend -class TempTokenAuthBackend(JMSModelBackend): +class TempTokenAuthBackend(JMSBaseAuthBackend): model = TempToken - def authenticate(self, request, username='', password='', *args, **kwargs): + @staticmethod + def is_enabled(): + return settings.AUTH_TEMP_TOKEN + + def authenticate(self, request, username='', password=''): token = self.model.objects.filter(username=username, secret=password).first() if not token: return None @@ -21,6 +25,3 @@ class TempTokenAuthBackend(JMSModelBackend): token.save() return token.user - @staticmethod - def is_enabled(): - return settings.AUTH_TEMP_TOKEN diff --git a/apps/rbac/backends.py b/apps/rbac/backends.py index aac44da36..4e91e818d 100644 --- a/apps/rbac/backends.py +++ b/apps/rbac/backends.py @@ -9,7 +9,7 @@ class RBACBackend(JMSBaseAuthBackend): def is_enabled(): return True - def authenticate(self, *args, **kwargs): + def authenticate(self): return None def username_allow_authenticate(self, username):