[Twisted-Python] Missing Interface?

Kevin Horn kevin.horn at gmail.com
Thu Jul 30 23:49:47 MDT 2009


On Fri, Jul 31, 2009 at 12:23 AM, Glyph Lefkowitz
<glyph at twistedmatrix.com>wrote:

> On Fri, Jul 31, 2009 at 12:31 AM, Kevin Horn <kevin.horn at gmail.com> wrote:
>
>> the following classes:
>>
>> twisted.cred.credentials.CramMD5Credentials
>> twisted.mail.imap4.PLAINCredentials
>> twisted.mail.imap4.LOGINCredentials
>>
>> all seem to implement the same interface, yet there is no Interface
>> defined for these objects.
>>
>
> It would be great if there were such an interface.
>

Seems pretty simple, since teh de facto interface is already there.  What
should such an interface be called?  Where should it live?


> "But Kevin", you might be thinking, "They all implement
>> twisted.cred.credentials.IUsernameHashedPassword or
>> t.c.c.IUsernamePassword".  That's true, but they all have additional methods
>> which make them useful for handling SASL authentication in various
>> protocols.  And those methods aren't included in those interfaces.
>>
>
> Aaah, SASL.  There has been *quite* a bit of discussion of this, which
> resulted in a branch that looked near completion but eventually stalled,
> here:  http://twistedmatrix.com/trac/ticket/2015
>
> I don't think that unifying this interface would *necessarily* require the
> resolution of this ticket, but it would at least be useful to see where
> things have been.
>

Great, I'll try to take a look at this.


>
> So, should there be an Interface which describes the interface that these
>> objects implement?
>
>
> Sounds good to me, but then, I haven't done a lot of work with SASL.
>
>
>> And why are two of these in the IMAP package and the third in cred?  Why
>> not in the same place?
>>
>
> LOGIN and PLAIN authentication methods were implemented specifically for
> IMAP, since as with all things IMAP it had special requirements.  The
> general idea of hashed passwords was around before that in cred, but as you
> can see in the changeset that introduced it —
> http://twistedmatrix.com/trac/changeset/8290 — something was apparently
> (and, I suspect, naughtily) expecting to call moreChallenges and setResponse
> on an IUsernameHashedPassword.
>
>
LOGIN I can understand, since it's basically IMAP-specific, but it seems to
me that PLAIN should be more general, since it's a SASL mechanism that's
used (or at least can be used) in several protocols.

It might be worth pointing out though, that something very similar to the
IMAP LOGIN mechanism is implemented in the Infotrope ACAP server (just about
he only open source ACAP server out there...something I'm trying to
remedy...which is how I got interested in all this in the first place) so
maybe LOGIN could be generalized as well.  Probably not necessary, though.

As for the changeset you referenced, it looks like the intent was to expand
the IUsernameHashedPassword interface, which I'm not sure is the right
approach.  Of course I'm not sure it's NOT the right approach, either.
Perhaps a new interface that inherits from IUsernameHashedPassword?

Kevin Horn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20090731/f3ccda77/attachment.html>


More information about the Twisted-Python mailing list