Example #1
0
 def digest_auth_header(self,
                        realm=None,
                        nonce=None,
                        qop=None,
                        opaque=None,
                        algorithm=None,
                        stale=None):
     options = {}
     if nonce is None:
         nonce = hexmd5(to_bytes('%d' % time.time()) + os.urandom(10))
         if opaque is None:
             opaque = hexmd5(os.urandom(10))
     if stale:
         options['stale'] = 'TRUE'
     if opaque is not None:
         options['opaque'] = opaque
     if algorithm is not None:
         options['algorithm'] = algorithm
     if qop is None:
         qop = ('auth', )
     return self._auth_header('digest',
                              realm=realm,
                              nonce=nonce,
                              qop=', '.join(qop),
                              **options)
Example #2
0
 def request_challenge_digest_auth(self, environ, bits):
     if len(bits) == 3:
         auth = environ.get('HTTP_AUTHORIZATION')
         if auth and auth.authenticated(environ, *bits[1:]):
             data = jsonbytes({'autheinticated': True,
                               'username': auth.username})
             return self.response(data)
         nonce = hexmd5(to_bytes('%d' % time.time()) + os.urandom(10))
         digest = WWWAuthenticate.digest("Fake Realm", nonce,
                                         opaque=hexmd5(os.urandom(10)),
                                         qop=bits[:1])
         raise HttpException(status=401,
                             headers=[('WWW-Authenticate', str(digest))])
     else:
         raise HttpException(status=404)
Example #3
0
 def hex(self, x):
     if self.algorithm == 'MD5':
         return hexmd5(x)
     elif self.algorithm == 'SHA1':
         return hexsha1(x)
     else:
         raise ValueError('Unknown algorithm %s' % self.algorithm)
Example #4
0
 def hex(self, x):
     if self.algorithm == 'MD5':
         return hexmd5(x)
     elif self.algorithm == 'SHA1':
         return hexsha1(x)
     else:
         raise ValueError('Unknown algorithm %s' % self.algorithm)
Example #5
0
 def digest_auth_header(self, realm=None, nonce=None, qop=None, opaque=None,
                        algorithm=None, stale=None):
     options = {}
     if nonce is None:
         nonce = hexmd5(to_bytes('%d' % time.time()) + os.urandom(10))
         if opaque is None:
             opaque = hexmd5(os.urandom(10))
     if stale:
         options['stale'] = 'TRUE'
     if opaque is not None:
         options['opaque'] = opaque
     if algorithm is not None:
         options['algorithm'] = algorithm
     if qop is None:
         qop = ('auth',)
     return self._auth_header('digest', realm=realm, nonce=nonce,
                              qop=', '.join(qop), **options)
Example #6
0
 def authenticated(self, environ, username=None, password=None, **params):
     '''Called by the server to check if client is authenticated.'''
     if username != self.username:
         return False
     o = self.options
     qop = o.get('qop')
     method = environ['REQUEST_METHOD']
     uri = environ.get('PATH_INFO', '')
     ha1 = self.ha1(o['realm'], password)
     ha2 = self.ha2(qop, method, uri)
     if qop is None:
         response = hexmd5(":".join((ha1, self.nonce, ha2)))
     elif qop == 'auth' or qop == 'auth-int':
         response = hexmd5(":".join(
             (ha1, o['nonce'], o['nc'], o['cnonce'], qop, ha2)))
     else:
         raise ValueError("qop value are wrong")
     return o['response'] == response
Example #7
0
 def authenticated(self, environ, username=None, password=None, **params):
     '''Called by the server to check if client is authenticated.'''
     if username != self.username:
         return False
     o = self.options
     qop = o.get('qop')
     method = environ['REQUEST_METHOD']
     uri = environ.get('PATH_INFO', '')
     ha1 = self.ha1(o['realm'], password)
     ha2 = self.ha2(qop, method, uri)
     if qop is None:
         response = hexmd5(":".join((ha1, self.nonce, ha2)))
     elif qop == 'auth' or qop == 'auth-int':
         response = hexmd5(":".join((ha1, o['nonce'], o['nc'],
                                     o['cnonce'], qop, ha2)))
     else:
         raise ValueError("qop value are wrong")
     return o['response'] == response