Exemple #1
0
 def test_build_challenge_response(self):
     response = HttpDigestAuthenticator().build_challenge_response()
     self.assertEqual(401, response.status_code)
     self.assertEqual('digest ', response["WWW-Authenticate"][:7].lower())
     parts = parse_parts(response["WWW-Authenticate"][7:])
     self.assertEqual(DEFAULT_REALM, parts['realm'])
     with patch(settings, DIGEST_REALM='CUSTOM'):
         response = HttpDigestAuthenticator().build_challenge_response()
         parts = parse_parts(response["WWW-Authenticate"][7:])
         self.assertEqual('CUSTOM', parts['realm'])
Exemple #2
0
 def test_build_challenge_response(self):
     response = HttpDigestAuthenticator().build_challenge_response()
     self.assertEqual(401, response.status_code)
     self.assertEqual('digest ', response["WWW-Authenticate"][:7].lower())
     parts = parse_parts(response["WWW-Authenticate"][7:])
     self.assertEqual(DEFAULT_REALM, parts['realm'])
     with patch(settings, DIGEST_REALM='CUSTOM'):
         response = HttpDigestAuthenticator().build_challenge_response()
         parts = parse_parts(response["WWW-Authenticate"][7:])
         self.assertEqual('CUSTOM', parts['realm'])
Exemple #3
0
def parse_digest_challenge(authentication_header):
    '''
    Parses the value of a 'WWW-Authenticate' header. Returns an object with properties
    corresponding to each of the recognized parameters in the header.
    '''
    if not is_digest_challenge(authentication_header):
        return None

    parts = parse_parts(authentication_header[7:],
                        defaults={
                            'algorithm': 'MD5',
                            'stale': 'false'
                        })
    if not _check_required_parts(parts, _REQUIRED_DIGEST_CHALLENGE_PARTS):
        return None

    parts['stale'] = parts['stale'].lower() == 'true'

    digest_challenge = DigestChallenge(
        **{
            part_name: part
            for part_name, part in six.iteritems(parts)
            if part_name in _REQUIRED_DIGEST_CHALLENGE_PARTS
        })
    if ('MD5', 'auth') != (digest_challenge.algorithm, digest_challenge.qop):
        return None

    return digest_challenge
Exemple #4
0
def parse_digest_response(digest_response_string):
    '''
    Parse the parameters of a Digest response. The input is a comma separated list of
    token=(token|quoted-string). See RFCs 2616 and 2617 for details.

    Known issue: this implementation will fail if there are commas embedded in quoted-strings.
    '''

    parts = parse_parts(digest_response_string, defaults={'algorithm': 'MD5'})
    if not _check_required_parts(parts, _REQUIRED_DIGEST_RESPONSE_PARTS):
        return None

    if not parts['nc'] or [
            c for c in parts['nc'] if not c in '0123456789abcdefABCDEF'
    ]:
        return None
    parts['nc'] = int(parts['nc'], 16)

    digest_response = DigestResponse(
        **{
            part_name: part
            for part_name, part in six.iteritems(parts)
            if part_name in _REQUIRED_DIGEST_RESPONSE_PARTS
        })
    if ('MD5', 'auth') != (digest_response.algorithm, digest_response.qop):
        return None

    return digest_response
Exemple #5
0
def parse_digest_challenge(authentication_header):
    '''
    Parses the value of a 'WWW-Authenticate' header. Returns an object with properties
    corresponding to each of the recognized parameters in the header.
    '''
    if not is_digest_challenge(authentication_header):
        return None

    parts = parse_parts(authentication_header[7:], defaults={'algorithm': 'MD5',
                                                             'stale': 'false'})
    if not _check_required_parts(parts, _REQUIRED_DIGEST_CHALLENGE_PARTS):
        return None

    parts['stale'] = parts['stale'].lower() == 'true'

    digest_challenge = _build_object_from_parts(parts, _REQUIRED_DIGEST_CHALLENGE_PARTS)
    if ('MD5', 'auth') != (digest_challenge.algorithm, digest_challenge.qop):
        return None

    return digest_challenge
Exemple #6
0
def parse_digest_response(digest_response_string):
    '''
    Parse the parameters of a Digest response. The input is a comma separated list of
    token=(token|quoted-string). See RFCs 2616 and 2617 for details.

    Known issue: this implementation will fail if there are commas embedded in quoted-strings.
    '''

    parts = parse_parts(digest_response_string, defaults={'algorithm': 'MD5'})
    if not _check_required_parts(parts, _REQUIRED_DIGEST_RESPONSE_PARTS):
        return None

    if not parts['nc'] or [c for c in parts['nc'] if not c in '0123456789abcdefABCDEF']:
        return None
    parts['nc'] = int(parts['nc'], 16)

    digest_response = _build_object_from_parts(parts, _REQUIRED_DIGEST_RESPONSE_PARTS)
    if ('MD5', 'auth') != (digest_response.algorithm, digest_response.qop):
        return None
                
    return digest_response