Beispiel #1
0
 def test_get_setting(self):
     with patch(settings,
                A_PRESENT_SETTING='hello',
                AN_ABSENT_SETTING=NotImplemented,
                A_FALSE_SETTING=False):
         self.assertEqual('hello', get_setting('A_PRESENT_SETTING', 'blah'))
         self.assertEqual('blah', get_setting('AN_ABSENT_SETTING', 'blah'))
         self.assertEqual(False, get_setting('A_FALSE_SETTING', 'blah'))
Beispiel #2
0
 def test_get_setting(self):
     with patch(settings,
                A_PRESENT_SETTING='hello',
                AN_ABSENT_SETTING=NotImplemented,
                A_FALSE_SETTING=False):
         self.assertEqual('hello', get_setting('A_PRESENT_SETTING', 'blah'))
         self.assertEqual('blah', get_setting('AN_ABSENT_SETTING', 'blah'))
         self.assertEqual(False, get_setting('A_FALSE_SETTING', 'blah'))
Beispiel #3
0
 def __init__(self,
              account_storage=None,
              nonce_storage=None,
              realm=None,
              timeout=None,
              enforce_nonce_count=None):
     if not enforce_nonce_count == None:
         self._enforce_nonce_count = enforce_nonce_count
     else:
         self._enforce_nonce_count = get_setting('DIGEST_ENFORCE_NONCE_COUNT', True)
     self.realm = realm or get_setting('DIGEST_REALM', DEFAULT_REALM)
     self.timeout = timeout or get_setting('DIGEST_NONCE_TIMEOUT_IN_SECONDS', 5*60)
     self._account_storage = (account_storage or get_backend(
             'DIGEST_ACCOUNT_BACKEND', 'django_digest.backend.db.AccountStorage'))
     self._nonce_storage = (nonce_storage or get_backend(
             'DIGEST_NONCE_BACKEND', 'django_digest.backend.db.NonceStorage'))
     self.secret_key = get_setting('SECRET_KEY')
Beispiel #4
0
 def __init__(self,
              account_storage=None,
              nonce_storage=None,
              realm=None,
              timeout=None,
              enforce_nonce_count=None,
              failure_callback=None):
     if not enforce_nonce_count == None:
         self._enforce_nonce_count = enforce_nonce_count
     else:
         self._enforce_nonce_count = get_setting('DIGEST_ENFORCE_NONCE_COUNT', True)
     self.realm = realm or get_setting('DIGEST_REALM', DEFAULT_REALM)
     self.timeout = timeout or get_setting('DIGEST_NONCE_TIMEOUT_IN_SECONDS', 5*60)
     self._account_storage = (account_storage or get_backend(
             'DIGEST_ACCOUNT_BACKEND', 'django_digest.backend.storage.AccountStorage'))
     self._nonce_storage = (nonce_storage or get_backend(
             'DIGEST_NONCE_BACKEND', 'django_digest.backend.storage.NonceStorage'))
     self.secret_key = get_setting('SECRET_KEY')
     self.failure_callback = failure_callback
Beispiel #5
0
 def __call__(self, request):
     authenticator = HttpDigestAuthenticator()
     if (not authenticator.authenticate(request) and
         (get_setting("DIGEST_REQUIRE_AUTHENTICATION", False) or
          authenticator.contains_digest_credentials(request))):
         return authenticator.build_challenge_response()
     response = self.get_response(request)
     if response.status_code == 401:
         return authenticator.build_challenge_response()
     return response
Beispiel #6
0
def _prepare_partial_digests(user, raw_password):
    realm = get_setting('DIGEST_REALM', DEFAULT_REALM)
    partial_digests = []
    for (confirmed, factory_method) in ((True, _confirmed_logins),
                                        (False, _unconfirmed_logins)):
        partial_digests += [(login, calculate_partial_digest(login, realm,
                                                             raw_password), confirmed)
                            for login in factory_method(user)]

    password_hash = user.password
    _postponed_partial_digests[password_hash] = partial_digests
Beispiel #7
0
def _prepare_partial_digests(user, raw_password):
    if raw_password is None:
        return
    realm = get_setting('DIGEST_REALM', DEFAULT_REALM)
    partial_digests = []
    for (confirmed, factory_method) in ((True, _confirmed_logins),
                                        (False, _unconfirmed_logins)):
        partial_digests += [(login, calculate_partial_digest(login, realm,
                                                             raw_password), confirmed)
                            for login in factory_method(user)]

    password_hash = user.password
    _postponed_partial_digests[password_hash] = partial_digests
Beispiel #8
0
    def create_mock_request(self, username='******', realm=None,
                            method='GET', uri='/dummy/uri', nonce=None, request_digest=None,
                            algorithm=None, opaque='dummy-opaque', qop='auth', nonce_count=1,
                            client_nonce=None, password='******', request_path=None):
        if not realm:
            realm = get_setting('DIGEST_REALM', DEFAULT_REALM)
        if not nonce:
            nonce=python_digest.calculate_nonce(time.time(), secret=settings.SECRET_KEY)
        if not request_path:
            request_path = uri
        header = python_digest.build_authorization_request(
            username=username, realm=realm, method=method, uri=uri, nonce=nonce, opaque=opaque,
            nonce_count=nonce_count, password=password, request_digest=request_digest,
            client_nonce=client_nonce)

        request = self.create_mock_request_for_header(header)

        expect(request.method).result(method)
        expect(request.path).result(request_path)

        return request
Beispiel #9
0
    def create_mock_request(self, username='******', realm=None,
                            method='GET', uri='/dummy/uri', nonce=None, request_digest=None,
                            algorithm=None, opaque='dummy-opaque', qop='auth', nonce_count=1,
                            client_nonce=None, password='******', request_path=None):
        if not realm:
            realm = get_setting('DIGEST_REALM', DEFAULT_REALM)
        if not nonce:
            nonce=python_digest.calculate_nonce(time.time(), secret=settings.SECRET_KEY)
        if not request_path:
            request_path = uri
        header = python_digest.build_authorization_request(
            username=username, realm=realm, method=method, uri=uri, nonce=nonce, opaque=opaque,
            nonce_count=nonce_count, password=password, request_digest=request_digest,
            client_nonce=client_nonce)

        request = self.create_mock_request_for_header(header)

        expect(request.method).result(method)
        expect(request.path).result(request_path)

        return request
Beispiel #10
0
 def __init__(self, require_authentication=None, authenticator=None):
     if require_authentication == None:
         require_authentication = get_setting(
             'DIGEST_REQUIRE_AUTHENTICATION', False)
     self._authenticator = authenticator or HttpDigestAuthenticator()
     self._require_authentication = require_authentication
Beispiel #11
0
 def __init__(self, require_authentication=None, authenticator=None):
     if require_authentication == None:
         require_authentication = get_setting('DIGEST_REQUIRE_AUTHENTICATION',
                                              False)
     self._authenticator = authenticator or HttpDigestAuthenticator()
     self._require_authentication = require_authentication
Beispiel #12
0
import logging
import random
import time

from django.http import HttpResponse

import python_digest

from django_digest.utils import get_backend, get_setting, DEFAULT_REALM

_l = logging.getLogger(__name__)
_l.setLevel(logging.DEBUG)
sh = logging.handlers.SysLogHandler(address=get_setting('DJANGO_DIGEST_LOG_ADDRESS', '/dev/log'))
formatter = logging.Formatter(get_setting('DJANGO_DIGEST_LOG_FORMAT', '%(message)s'))
sh.setFormatter(formatter)
_l.addHandler(sh)


class DefaultLoginFactory(object):
    def confirmed_logins_for_user(self, user):
        return [login for login in
                [user.username, user.username.lower(), user.email,
                 user.email and user.email.lower()] if login]

    def unconfirmed_logins_for_user(self, user):
        return []

class HttpDigestAuthenticator(object):

    def __init__(self,
                 account_storage=None,