Warning

This document is for an in-development version of Galaxy. You can alternatively view this page in the latest release if it exists or view the top of the latest release's documentation.

galaxy.auth.providers package

Created on 15/07/2014

@author: Andrew Robinson

class galaxy.auth.providers.AuthProvider[source]

Bases: object

A base class for all Auth Providers.

plugin_type

Short string providing labelling this plugin

authenticate(email, username, password, options)[source]

Check that the user credentials are correct.

NOTE: Used within auto-registration to check it is ok to register this user.

Parameters:
  • email (str) – the user’s email address
  • username (str) – the user’s username
  • password (str) – the plain text password they typed
  • options (dict) – options provided in auth_config_file
Returns:

True: accept user, False: reject user and None: reject user and don’t try any other providers. str, str are the email and username to register with if accepting. The optional dict may contain other attributes, e.g. roles to assign when autoregistering.

Return type:

(bool, str, str) or (bool, str, str, dict)

authenticate_user(user, password, options)[source]

Same as authenticate() method, except an User object is provided instead of a username.

NOTE: used on normal login to check authentication and update user details if required.

Parameters:
  • user (galaxy.model.User) – the user to authenticate
  • password (str) – the plain text password they typed
  • options (dict) – options provided in auth_config_file
Returns:

True: accept user, False: reject user and None: reject user and don’t try any other providers

Return type:

bool

Submodules

galaxy.auth.providers.alwaysreject module

Created on 16/07/2014

@author: Andrew Robinson

class galaxy.auth.providers.alwaysreject.AlwaysReject[source]

Bases: galaxy.auth.providers.AuthProvider

A simple authenticator that just accepts users (does not care about their password).

plugin_type = 'alwaysreject'
authenticate(email, username, password, options)[source]

See abstract method documentation.

authenticate_user(user, password, options)[source]

See abstract method documentation.

galaxy.auth.providers.ldap_ad module

Created on 15/07/2014

@author: Andrew Robinson

class galaxy.auth.providers.ldap_ad.LDAP[source]

Bases: galaxy.auth.providers.AuthProvider

Attempts to authenticate users against an LDAP server.

If options include search-fields then it will attempt to search LDAP for those fields first. After that it will bind to LDAP with the username (formatted as specified).

plugin_type = 'ldap'
role_search_option = 'auto-register-roles'
__init__()[source]

x.__init__(…) initializes x; see help(type(x)) for signature

check_config(username, email, options)[source]
authenticate(email, username, password, options)[source]

See abstract method documentation.

authenticate_user(user, password, options)[source]

See abstract method documentation.

class galaxy.auth.providers.ldap_ad.ActiveDirectory[source]

Bases: galaxy.auth.providers.ldap_ad.LDAP

Effectively just an alias for LDAP auth, but may contain active directory specific logic in the future.

plugin_type = 'activedirectory'

galaxy.auth.providers.localdb module

Created on 16/07/2014

@author: Andrew Robinson

class galaxy.auth.providers.localdb.LocalDB[source]

Bases: galaxy.auth.providers.AuthProvider

Authenticate users against the local Galaxy database (as per usual).

plugin_type = 'localdb'
authenticate(email, username, password, options)[source]

See abstract method documentation.

authenticate_user(user, password, options)[source]

See abstract method documentation.

galaxy.auth.providers.pam_auth module

Created on 13/07/2015

Author Peter van Heusden (pvh@sanbi.ac.za)

class galaxy.auth.providers.pam_auth.PAM[source]

Bases: galaxy.auth.providers.AuthProvider

plugin_type = 'PAM'
authenticate(email, username, password, options)[source]

Check that the user credentials are correct.

NOTE: Used within auto-registration to check it is ok to register this user.

Parameters:
  • email (str) – the user’s email address
  • username (str) – the user’s username
  • password (str) – the plain text password they typed
  • options (dict) – options provided in auth_config_file
Returns:

True: accept user, False: reject user and None: reject user and don’t try any other providers. str, str are the email and username to register with if accepting. The optional dict may contain other attributes, e.g. roles to assign when autoregistering.

Return type:

(bool, str, str) or (bool, str, str, dict)

authenticate_user(user, password, options)[source]

Same as authenticate() method, except an User object is provided instead of a username.

NOTE: used on normal login to check authentication and update user details if required.

Parameters:
  • user (galaxy.model.User) – the user to authenticate
  • password (str) – the plain text password they typed
  • options (dict) – options provided in auth_config_file
Returns:

True: accept user, False: reject user and None: reject user and don’t try any other providers

Return type:

bool