diff options
-rw-r--r-- | qpid/python/qpid/client.py | 39 |
1 files changed, 24 insertions, 15 deletions
diff --git a/qpid/python/qpid/client.py b/qpid/python/qpid/client.py index 5fedaa2cb1..5c687898dc 100644 --- a/qpid/python/qpid/client.py +++ b/qpid/python/qpid/client.py @@ -85,10 +85,15 @@ class Client: username=None, password=None, client_properties=None, connection_options=None, sasl_options = None, channel_options=None): + if response is not None and (username is not None or password is not None): + raise RuntimeError("client must not specify both response and (username, password).") + if response is not None: + self.response = response + authzid, self.username, self.password = response.split("\0") + else: + self.username = username + self.password = password self.mechanism = mechanism - self.response = response - self.username = username - self.password = password self.locale = locale self.tune_params = tune_params self.client_properties=get_client_properties_with_defaults(provided_client_properties=client_properties, version_property_key="version") @@ -148,20 +153,24 @@ class ClientDelegate(Delegate): self.client = client def connection_start(self, ch, msg): + if self.client.mechanism is None and self.client.response is not None: + # Supports users passing the response argument + self.client.mechanism = "PLAIN" + serverSupportedMechs = msg.frame.args[3].split() if self.client.mechanism is None: - if self.client.response is not None: - # Supports users passing the response argument alon - self.client.mechanism = "AMQPLAIN" - else: - supportedMechs = msg.frame.args[3].split() - - self.client.sasl = get_sasl_mechanism(supportedMechs, self.client.username, self.client.password, sasl_options=self.client.sasl_options) - - if self.client.sasl == None: - raise SaslException("sasl negotiation failed: no mechanism agreed. Server supports: %s " % supportedMechs) - - self.client.mechanism = self.client.sasl.mechanismName() + self.client.sasl = get_sasl_mechanism(serverSupportedMechs, self.client.username, self.client.password, + sasl_options=self.client.sasl_options) + else: + if self.client.mechanism not in serverSupportedMechs: + raise SaslException("sasl negotiation failed: no mechanism agreed. Client requested: '%s' Server supports: %s" + % (self.client.mechanism, serverSupportedMechs)) + self.client.sasl = get_sasl_mechanism([self.client.mechanism], self.client.username, self.client.password, + sasl_options=self.client.sasl_options) + if self.client.sasl is None: + raise SaslException("sasl negotiation failed: no mechanism agreed. Client requested: '%s' Server supports: %s" + % (self.client.mechanism, serverSupportedMechs)) + self.client.mechanism = self.client.sasl.mechanismName() if self.client.response is None: self.client.response = self.client.sasl.initialResponse() |