a library of functions for connecting external apps to/from opencore
Project description
A small library of functions useful for integration with opencore.
Contents:
libopencore.auth
================
* get_secret(filename)
Get a shared secret to be used in cookie parsing & construction.
* generate_cookie_value(username, shared_secret)
Use this to set a cookie so that opencore will recognize the user
as logged in.
* authenticate_from_cookie(cookie_string, shared_secret)
Returns (username, hash) for the user identified by the cookie.
Throws a BadCookie exception if the cookie is malformed, or a
NotAuthenticated exception if the cookie is well-formed but not
using the correct shared secret.
libopencore.deliverance_middleware
==================================
* filter_factory / CustomDeliveranceMiddleware
A subclass of Deliverance middleware (v0.3) that carries along
the original request's HTTP_X_OPENPLANS_* headers and cookie,
when making external subrequests. This allows external applications
to properly respect login and context information.
It also hard-codes the necessary Deliverance ruleset, and theme uri.
The theme is served by opencore itself, at a @@theme.html view registered
on the portal. Here, it is fetched by making an external request to the
front of the OpenCore stack, to guarantee that links in the theme are
correct.
libopencore.wsgi
================
* composite_factory / URLDispatcher
A paste.composite_factory that will dispatch requests to
opencore and to other applications (tasktracker and wordpress)
based on the URL.
It will add the necessary request headers before making
subrequests.
libopencore.http_proxy
======================
* app_factory / RemoteProxy
A paste.app_factory that will proxy requests to external HTTP
calls. Pass a ``remote_uri`` with the base href for the app.
If ``is_opencore`` is set, it will rewrite the request to tell
Zope's VirtualHostMonster how links in the response should look.
Changes
=======
0.4
===
Added a simple random-choice load balancer to the http proxy.
To use it for a given backend, pass in a space-separated list
of URLs as `remote_uri`instead of a single URL. Assuming you
have identical applications listening at each URL, proxied
requests will be distributed across those URLs.
(The intended use is for multiple Zope servers talking to the
same ZEO client, though I guess it could also work for any of
the other applications if there was a reason.)
0.3
===
Bugs fixed
----------
* Work around a bug deeper in the stack which causes links in the
response HTML like /foo/my.domain.com/bar/ to be rewritten as
/foo/my.domain.com:80/bar/ if HTTP_HOST is my.domain.com:80
* Previously some proxied WordPress URLs were incorrect and resulting
in 404s. This is now fixed.
Features added
--------------
Added transcluder_middleware module and a ``libopencore#transcluder``
entry point for a paste.filter_factory.
If using transcluder middleware, Transcluder must be installed.
If using transcluder middleware, it should be the outermost wsgi filter
in your stack. This is because Transcluder sometimes makes internal WSGI
subrequests instead of HTTP calls, and calls its inner app. So if you
have routing, security or anything else important outside Transcluder,
you may get strange results.
Added support for proxying to a Twirlip server. Twirlip must be
mounted on /notifications by a regular paste#urlmap (where / is then
mapped to the main libopencore composite app) and it must be wrapped
by transcluder middleware.
To use the Twirlip proxy, install libopencore's `twirlip` extra
requirements (listed in extras_require in setup.py).
To use the Twirlip proxy, use a libopencore#proxy app with the setting
`is_twirlip=true` and a setting `topp_secret_filename` that points to
the absolute path of the shared secret used for authentication. Your
Twirlip proxy will be wrapped in Eyvind middleware which converts
REMOTE_USER into a special HTTP header signed with the shared secret,
which is then decoded by the Twirlip server.
Twirlip and Transcluder are currently used in an OpenCore stack to
provide subscription-based email notifications for wikipage edits and
changes to tasks. But don't try to use these unless you absolutely
need to -- I'm going to replace Twirlip with something simpler before
long.
0.2
===
Added deliverance_middleware, wsgi, and http_proxy modules.
Added a sample paste.ini file showing how to combine these into a frontend app
that proxies to opencore, tasktracker and wordpress, and themes the responses
with deliverance when necessary.
0.1
===
Initial release. Added auth module.
Contents:
libopencore.auth
================
* get_secret(filename)
Get a shared secret to be used in cookie parsing & construction.
* generate_cookie_value(username, shared_secret)
Use this to set a cookie so that opencore will recognize the user
as logged in.
* authenticate_from_cookie(cookie_string, shared_secret)
Returns (username, hash) for the user identified by the cookie.
Throws a BadCookie exception if the cookie is malformed, or a
NotAuthenticated exception if the cookie is well-formed but not
using the correct shared secret.
libopencore.deliverance_middleware
==================================
* filter_factory / CustomDeliveranceMiddleware
A subclass of Deliverance middleware (v0.3) that carries along
the original request's HTTP_X_OPENPLANS_* headers and cookie,
when making external subrequests. This allows external applications
to properly respect login and context information.
It also hard-codes the necessary Deliverance ruleset, and theme uri.
The theme is served by opencore itself, at a @@theme.html view registered
on the portal. Here, it is fetched by making an external request to the
front of the OpenCore stack, to guarantee that links in the theme are
correct.
libopencore.wsgi
================
* composite_factory / URLDispatcher
A paste.composite_factory that will dispatch requests to
opencore and to other applications (tasktracker and wordpress)
based on the URL.
It will add the necessary request headers before making
subrequests.
libopencore.http_proxy
======================
* app_factory / RemoteProxy
A paste.app_factory that will proxy requests to external HTTP
calls. Pass a ``remote_uri`` with the base href for the app.
If ``is_opencore`` is set, it will rewrite the request to tell
Zope's VirtualHostMonster how links in the response should look.
Changes
=======
0.4
===
Added a simple random-choice load balancer to the http proxy.
To use it for a given backend, pass in a space-separated list
of URLs as `remote_uri`instead of a single URL. Assuming you
have identical applications listening at each URL, proxied
requests will be distributed across those URLs.
(The intended use is for multiple Zope servers talking to the
same ZEO client, though I guess it could also work for any of
the other applications if there was a reason.)
0.3
===
Bugs fixed
----------
* Work around a bug deeper in the stack which causes links in the
response HTML like /foo/my.domain.com/bar/ to be rewritten as
/foo/my.domain.com:80/bar/ if HTTP_HOST is my.domain.com:80
* Previously some proxied WordPress URLs were incorrect and resulting
in 404s. This is now fixed.
Features added
--------------
Added transcluder_middleware module and a ``libopencore#transcluder``
entry point for a paste.filter_factory.
If using transcluder middleware, Transcluder must be installed.
If using transcluder middleware, it should be the outermost wsgi filter
in your stack. This is because Transcluder sometimes makes internal WSGI
subrequests instead of HTTP calls, and calls its inner app. So if you
have routing, security or anything else important outside Transcluder,
you may get strange results.
Added support for proxying to a Twirlip server. Twirlip must be
mounted on /notifications by a regular paste#urlmap (where / is then
mapped to the main libopencore composite app) and it must be wrapped
by transcluder middleware.
To use the Twirlip proxy, install libopencore's `twirlip` extra
requirements (listed in extras_require in setup.py).
To use the Twirlip proxy, use a libopencore#proxy app with the setting
`is_twirlip=true` and a setting `topp_secret_filename` that points to
the absolute path of the shared secret used for authentication. Your
Twirlip proxy will be wrapped in Eyvind middleware which converts
REMOTE_USER into a special HTTP header signed with the shared secret,
which is then decoded by the Twirlip server.
Twirlip and Transcluder are currently used in an OpenCore stack to
provide subscription-based email notifications for wikipage edits and
changes to tasks. But don't try to use these unless you absolutely
need to -- I'm going to replace Twirlip with something simpler before
long.
0.2
===
Added deliverance_middleware, wsgi, and http_proxy modules.
Added a sample paste.ini file showing how to combine these into a frontend app
that proxies to opencore, tasktracker and wordpress, and themes the responses
with deliverance when necessary.
0.1
===
Initial release. Added auth module.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
libopencore-0.4.tar.gz
(14.9 kB
view hashes)
