def test_parse_authorization_header(self):
control = dict((('username', "Mufasa"),
('realm', "*****@*****.**"),
('nonce', "dcd98b7102dd2f0e8b11d0f600bfb0c093"),
('uri', "/dir/index.html"),
('nc', '00000001'),
('cnonce', "0a4f113b"),
('response', "e966c932a9242554e42c8ee200cec7f6"),
('opaque', "5ccc069c403ebaf9f0171e9517f40e41")))
parsed_authorization_header = parse_authorization_header(self.authorization_value)
self.assertTrue(isinstance(parsed_authorization_header, Authorization))
self.assertEqual(parsed_authorization_header._auth_type.lower(), 'digest')
for k, v in control.items():
self.assertEqual(parsed_authorization_header[k], v)
parsed_authorization_header2 = Authorization.from_string(self.authorization_value)
self.assertTrue(isinstance(parsed_authorization_header2, Authorization))
self.assertEqual(parsed_authorization_header2._auth_type.lower(), 'digest')
for k, v in control.items():
self.assertEqual(parsed_authorization_header2[k], v)
compiled_header_value = parsed_authorization_header.to_header()
for k, v in control.items():
self.assertTrue('%s="%s"' % (k, v) in compiled_header_value)
def get(self, username, password):
try:
auth = self.request.headers.get("Authorization")
if auth is None:
return self._request_auth()
else:
try:
authorization_info = Authorization.from_string(auth)
except Exception:
self._request_auth()
if not auth.startswith("Basic "):
return self._request_auth()
## Request authorization header
## Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
if authorization_info['username'] == username and \
authorization_info['password'] == password:
self.json_response({"authenticated": True,
'password': password,
'username': username,
'auth-type': 'basic'})
else:
self._request_auth()
except Exception:
self._request_auth()
def get(self, username, password, qop=None):
if qop not in ('auth', 'auth-int'):
qop = None
## Response no authenticated header
## WWW-Authenticate: Digest realm="*****@*****.**",
## qop="auth,auth-int",
## nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
## opaque="5ccc069c403ebaf9f0171e9517f40e41"
##
## HTTP Digest auth request header
## Authorization:Digest username="******",
## realm="mapbender_registry",
## nonce="1c6437cc7cba6c72df4d50c46cff2f15",
## uri="/http_auth/24150",
## response="6bd4212340a437c7486184d362c6e946",
## opaque="b28db91512b288b4a97030aa968487d5",
## qop=auth,
## nc=00000002,
## cnonce="8a2782a5b869595d"
try:
auth = self.request.headers.get("Authorization")
if auth is None:
return self._request_auth(qop)
else:
try:
authorization_info = Authorization.from_string(auth)
except Exception:
self._request_auth(qop)
else:
request_info = dict()
request_info['uri'] = self.request.uri
request_info['body'] = self.request.body
request_info['method'] = self.request.method
response_hash = response(authorization_info, password, request_info)
if response_hash == authorization_info['response']:
self.json_response({"authenticated": True,
'password': password,
'username': username,
'auth-type': 'digest'})
else:
self.set_status(403)
self.finish()
except Exception:
print(sys.exc_info()[1])
self._request_auth(qop)
def get_authorization(self):
auth = self.request.headers.get("Authorization")
if auth:
authorization = Authorization.from_string(auth)
for k in self.REQUIRED_FIELDS:
if k not in authorization.keys():
self._request_auth()
self.finish()
else:
d = {}
for k in self.REQUIRED_FIELDS:
if k not in self.request.arguments.keys():
self._request_auth()
self.finish()
d[k] = self.request.arguments.get(k)[0]
authorization = Authorization('OAuth', d)
return authorization
