Python calculate_partial_digest Examples

Example #1

File: views.py Project: XemaCobra/Cycles

def hello_with_digest_auth(request):
    auth = request.META.get('HTTP_AUTHORIZATION', None)
    if auth is None:
        return _digest_unauthenticated(request)
        
    try:
        method, data = auth.split(' ', 1)
        if 'digest' != method.lower():
            return _digest_unauthenticated(request)
    except:
        raise
        return _digest_unauthenticated(request)
    
    digest_response = python_digest.parse_digest_credentials(auth)
    expected = python_digest.calculate_request_digest(
        request.method,
        python_digest.calculate_partial_digest(digest_response.username, 'DEV', '12345'),
        digest_response)

    if digest_response.response != expected:
        return _digest_unauthenticated(request)

    return HttpResponse('Hello World')



    
    

Example #2

File: models.py Project: dimagi/bhoma

def _prepare_partial_digests(user, raw_password):
    realm = get_setting('DIGEST_REALM', DEFAULT_REALM)
    partial_digests = []
    for (confirmed, factory_method) in ((True, _confirmed_logins),
                                        (False, _unconfirmed_logins)):
        partial_digests += [(login, calculate_partial_digest(login, realm,
                                                             raw_password), confirmed)
                            for login in factory_method(user)]

    password_hash = user.password
    _postponed_partial_digests[password_hash] = partial_digests

Example #3

def _prepare_partial_digests(user, raw_password):
    if raw_password is None:
        return
    realm = get_setting('DIGEST_REALM', DEFAULT_REALM)
    partial_digests = []
    for (confirmed, factory_method) in ((True, _confirmed_logins),
                                        (False, _unconfirmed_logins)):
        partial_digests += [(login, calculate_partial_digest(login, realm,
                                                             raw_password), confirmed)
                            for login in factory_method(user)]

    password_hash = user.password
    _postponed_partial_digests[password_hash] = partial_digests

Example #4

    def is_authenticated(self, request, **kwargs):
        """
        Finds the user and checks their API key.

        Should return either ``True`` if allowed, ``False`` if not or an
        ``HttpResponse`` if you need something custom.
        """
        if not request.META.get('HTTP_AUTHORIZATION'):
            return self._unauthorized()

        try:
            (auth_type,
             data) = request.META['HTTP_AUTHORIZATION'].split(' ', 1)

            if auth_type.lower() != 'digest':
                return self._unauthorized()
        except:
            return self._unauthorized()

        digest_response = python_digest.parse_digest_credentials(
            request.META['HTTP_AUTHORIZATION'])

        # FIXME: Should the nonce be per-user?
        if not python_digest.validate_nonce(
                digest_response.nonce, getattr(settings, 'SECRET_KEY', '')):
            return self._unauthorized()

        user = self.get_user(digest_response.username)
        api_key = self.get_key(user)

        if user is False or api_key is False:
            return self._unauthorized()

        expected = python_digest.calculate_request_digest(
            request.method,
            python_digest.calculate_partial_digest(digest_response.username,
                                                   self.realm, api_key),
            digest_response)

        if not digest_response.response == expected:
            return self._unauthorized()

        if not self.check_active(user):
            return False

        request.user = user
        return True

Example #5

File: authentication.py Project: mahendra/django-tastypie

    def is_authenticated(self, request, **kwargs):
        """
        Finds the user and checks their API key.

        Should return either ``True`` if allowed, ``False`` if not or an
        ``HttpResponse`` if you need something custom.
        """
        if not request.META.get('HTTP_AUTHORIZATION'):
            return self._unauthorized()

        try:
            (auth_type, data) = request.META['HTTP_AUTHORIZATION'].split(
                ' ', 1)

            if auth_type.lower() != 'digest':
                return self._unauthorized()
        except:
            return self._unauthorized()

        digest_response = python_digest.parse_digest_credentials(
            request.META['HTTP_AUTHORIZATION'])

        # FIXME: Should the nonce be per-user?
        if not python_digest.validate_nonce(
                digest_response.nonce, getattr(settings, 'SECRET_KEY', '')):
            return self._unauthorized()

        user = self.get_user(digest_response.username)
        api_key = self.get_key(user)

        if user is False or api_key is False:
            return self._unauthorized()

        expected = python_digest.calculate_request_digest(
            request.method,
            python_digest.calculate_partial_digest(digest_response.username,
                                                   self.realm, api_key),
            digest_response)

        if not digest_response.response == expected:
            return self._unauthorized()

        if not self.check_active(user):
            return False

        request.user = user
        return True

Example #6

File: authentication.py Project: mattbriancon/django-tastypie

    def is_authenticated(self, request, **kwargs):
        """
        Finds the user and checks their API key.

        Should return either ``True`` if allowed, ``False`` if not or an
        ``HttpResponse`` if you need something custom.
        """
        try:
            self.get_authorization_data(request)
        except ValueError:
            return self._unauthorized()

        digest_response = python_digest.parse_digest_credentials(request.META["HTTP_AUTHORIZATION"])

        # FIXME: Should the nonce be per-user?
        if not python_digest.validate_nonce(digest_response.nonce, settings.SECRET_KEY):
            return self._unauthorized()

        user = self.get_user(digest_response.username)
        api_key = self.get_key(user)

        if user is False or api_key is False:
            return self._unauthorized()

        expected = python_digest.calculate_request_digest(
            request.method,
            python_digest.calculate_partial_digest(digest_response.username, self.realm, api_key),
            digest_response,
        )

        if not digest_response.response == expected:
            return self._unauthorized()

        if not self.check_active(user):
            return False

        request.user = user
        return True

Example #7

def hello_with_digest_auth(request):
    auth = request.META.get('HTTP_AUTHORIZATION', None)
    if auth is None:
        return _digest_unauthenticated(request)

    try:
        method, data = auth.split(' ', 1)
        if 'digest' != method.lower():
            return _digest_unauthenticated(request)
    except:
        raise
        return _digest_unauthenticated(request)

    digest_response = python_digest.parse_digest_credentials(auth)
    expected = python_digest.calculate_request_digest(
        request.method,
        python_digest.calculate_partial_digest(digest_response.username, 'DEV',
                                               '12345'), digest_response)

    if digest_response.response != expected:
        return _digest_unauthenticated(request)

    return HttpResponse('Hello World')

Example #8

File: users.py Project: Education-Numerique/api

 def setDigest(self, password):
     self.digest = python_digest.calculate_partial_digest(
         self.login.lower(), self.realm, password)

Example #9

File: authentication.py Project: garbados/piecrust

 def calculate_request_digest(self, request, digest_response, username, api_key):
     return python_digest.calculate_request_digest(
         request.method,
         python_digest.calculate_partial_digest(username, self.realm, api_key),
         digest_response)