def _decorator(request, *args, **kwargs):
if request.META.has_key("HTTP_HOST"):
realm = request.META["HTTP_HOST"]
else:
realm = Site.objects.get_current().name
digestor = Digestor(method=request.method, path=request.get_full_path(), realm=realm)
if request.META.has_key("HTTP_AUTHORIZATION"):
logger.debug("request meta: %s" % request.META["HTTP_AUTHORIZATION"])
try:
parsed_header = digestor.parse_authorization_header(request.META["HTTP_AUTHORIZATION"])
if parsed_header["realm"] == realm:
odk_access = ODKAccess.objects.get(user_identifier=parsed_header["username"], is_active=True)
# interviewer = Interviewer.objects.get(mobile_number=parsed_header['username'], is_blocked=False)
authenticator = SimpleHardcodedAuthenticator(
server_realm=realm,
server_username=odk_access.user_identifier,
server_password=odk_access.odk_token,
)
if authenticator.secret_passed(digestor):
request.user = odk_access.interviewer
return func(request, *args, **kwargs)
except ODKAccess.DoesNotExist:
return OpenRosaResponseNotFound()
except ValueError, err:
return OpenRosaResponseBadRequest()
def _wrapper(request, *args, **kwargs):
digestor = Digestor(method=request.method,
path=request.path,
realm=realm)
if request.META.has_key('HTTP_AUTHORIZATION'):
try:
parsed_header = digestor.parse_authorization_header(
request.META['HTTP_AUTHORIZATION'])
except ValueError, err:
return HttpResponseBadRequest(err)
authenticator = ModelAuthenticator(realm=realm)
logging.info(
"###################### Try authorization as auth user=%s"
% (digestor.get_client_username()))
if authenticator.secret_passed(digestor):
#kwargs['userName'] = digestor.get_client_username() :
return function(request,
user=digestor.get_client_username(),
*args,
**kwargs)
def _wrapper(request, *args, **kwargs):
digestor = Digestor(method=request.method,
path=request.get_full_path(),
realm=realm)
if request.META.has_key('HTTP_AUTHORIZATION'):
try:
parsed_header = digestor.parse_authorization_header(
request.META['HTTP_AUTHORIZATION'])
except ValueError, err:
return HttpResponseBadRequest(err)
if parsed_header['realm'] == realm:
if password_field:
authenticator = ClearTextModelAuthenticator(
model=model,
realm=realm,
realm_field=realm_field,
username_field=username_field,
password_field=password_field)
else:
authenticator = ModelAuthenticator(
model=model,
realm=realm,
realm_field=realm_field,
username_field=username_field,
secret_field=secret_field)
if authenticator.secret_passed(digestor):
return function(request, *args, **kwargs)
def _decorator(request, *args, **kwargs):
if request.META.has_key('HTTP_HOST'):
realm = request.META['HTTP_HOST']
else:
realm = Site.objects.get_current().name
digestor = Digestor(method=request.method,
path=request.get_full_path(), realm=realm)
if request.META.has_key('HTTP_AUTHORIZATION'):
logger.debug('request meta: %s' %
request.META['HTTP_AUTHORIZATION'])
try:
parsed_header = digestor.parse_authorization_header(
request.META['HTTP_AUTHORIZATION'])
if parsed_header['realm'] == realm:
odk_access = ODKAccess.objects.get(user_identifier=parsed_header[
'username'], is_active=True)
# interviewer = Interviewer.objects.get(mobile_number=parsed_header['username'], is_blocked=False)
authenticator = SimpleHardcodedAuthenticator(server_realm=realm,
server_username=odk_access.user_identifier,
server_password=odk_access.odk_token)
if authenticator.secret_passed(digestor):
request.user = odk_access.interviewer
return func(request, *args, **kwargs)
except ODKAccess.DoesNotExist:
return OpenRosaResponseNotFound()
except Exception, err:
return OpenRosaResponseBadRequest()
class TestDigestor(UnitTestCase):
""" Test digestor, our wrapping class for handling digests """
def setUp(self):
self.digestor = Digestor(realm="testrealm", method="GET", path="/testapi/simpleprotected/")
self.auth_string = 'Digest username="******", realm="extproject", nonce="1cc6ab869fca869c2c085d78a3729a66", uri="/extproject/project/fc8afe5e-da35-4fe2-a991-7b26c829cde5/user/rpgpedia/salt/", response="69ead146a246cd51bbd076244d2e455b", opaque="ToDoMoveThisToSettings", algorithm="MD5", qop=auth, nc=00000001, cnonce="a84f8e6cfcd50a75"'
def _assertKeyEquals(self, key, value):
parsed_header = self.digestor.parse_authorization_header(self.auth_string)
self.assertTrue(parsed_header.has_key(key))
self.assertEquals(value, parsed_header[key])
def test_get_digest_challenge(self):
challenge = self.digestor.get_digest_challenge()
# check our challenge is compatible with urllib2's resolving
if re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+realm="([^"]*)"', re.I).match(challenge):
pass
else:
self.fail("Challenge %s does not match urllib2's regexp" % challenge)
def test_proper_parsing_username(self):
self._assertKeyEquals("username", "rpgpedia")
def test_proper_parsing_realm(self):
self._assertKeyEquals("realm", "extproject")
def test_proper_parsing_nonce(self):
self._assertKeyEquals("nonce", "1cc6ab869fca869c2c085d78a3729a66")
def test_proper_parsing_uri(self):
self._assertKeyEquals("uri", "/extproject/project/fc8afe5e-da35-4fe2-a991-7b26c829cde5/user/rpgpedia/salt/")
def test_proper_parsing_response(self):
self._assertKeyEquals("response", "69ead146a246cd51bbd076244d2e455b")
def test_proper_parsing_opaque(self):
self._assertKeyEquals("opaque", "ToDoMoveThisToSettings")
def test_proper_parsing_algorithm(self):
self._assertKeyEquals("algorithm", "MD5")
def test_proper_parsing_qop(self):
self._assertKeyEquals("qop", "auth")
def test_proper_parsing_nc(self):
self._assertKeyEquals("nc", "00000001")
def test_proper_parsing_cnonce(self):
self._assertKeyEquals("cnonce", "a84f8e6cfcd50a75")
def test_bad_parsing_missing_digest(self):
auth_string = 'username="******", realm="extproject", nonce="1cc6ab869fca869c2c085d78a3729a66", uri="/extproject/project/fc8afe5e-da35-4fe2-a991-7b26c829cde5/user/rpgpedia/salt/", response="69ead146a246cd51bbd076244d2e455b", opaque="ToDoMoveThisToSettings", algorithm="MD5", qop=auth, nc=00000001, cnonce="a84f8e6cfcd50a75"'
self.assertRaises(ValueError, lambda: self.digestor.parse_authorization_header(auth_string))
def _wrapper(request, *args, **kwargs):
digestor = Digestor(method=request.method, path=request.get_full_path(), realm=realm)
if request.META.has_key('HTTP_AUTHORIZATION'):
try:
parsed_header = digestor.parse_authorization_header(request.META['HTTP_AUTHORIZATION'])
except ValueError, err:
return HttpResponseBadRequest(err)
if parsed_header['realm'] == realm:
authenticator = SimpleHardcodedAuthenticator(server_realm=realm, server_username=username, server_password=password)
if authenticator.secret_passed(digestor):
return function(request, *args, **kwargs)
def _wrapper(request, *args, **kwargs):
digestor = Digestor(method=request.method, path=request.path, realm=realm)
if request.META.has_key('HTTP_AUTHORIZATION'):
try:
parsed_header = digestor.parse_authorization_header(request.META['HTTP_AUTHORIZATION'])
except ValueError, err:
return HttpResponseBadRequest(err)
authenticator = ModelAuthenticator(realm=realm)
logging.info( "###################### Try authorization as auth user=%s"%(digestor.get_client_username() ) )
if authenticator.secret_passed(digestor):
#kwargs['userName'] = digestor.get_client_username() :
return function(request, user=digestor.get_client_username(), *args, **kwargs)
def _wrapper(request, *args, **kwargs):
digestor = Digestor(method=request.method, path=request.get_full_path(), realm=realm)
if request.META.has_key('HTTP_AUTHORIZATION'):
try:
parsed_header = digestor.parse_authorization_header(request.META['HTTP_AUTHORIZATION'])
except ValueError, err:
return HttpResponseBadRequest(err)
if parsed_header['realm'] == realm:
if password_field:
authenticator = ClearTextModelAuthenticator(model=model, realm=realm, realm_field=realm_field, username_field=username_field, password_field=password_field)
else:
authenticator = ModelAuthenticator(model=model, realm=realm, realm_field=realm_field, username_field=username_field, secret_field=secret_field)
if authenticator.secret_passed(digestor):
return function(request, *args, **kwargs)
def _wrapper(request, *args, **kwargs):
digestor = Digestor(method=request.method,
path=request.get_full_path(),
realm=realm)
if request.META.has_key('HTTP_AUTHORIZATION'):
try:
parsed_header = digestor.parse_authorization_header(
request.META['HTTP_AUTHORIZATION'])
except ValueError, err:
return HttpResponseBadRequest(err)
if parsed_header['realm'] == realm:
authenticator = SimpleHardcodedAuthenticator(
server_realm=realm,
server_username=username,
server_password=password)
if authenticator.secret_passed(digestor):
return function(request, *args, **kwargs)
def setUp(self):
self.digestor = Digestor(realm="testrealm", method="GET", path="/testapi/simpleprotected/")
self.auth_string = 'Digest username="******", realm="extproject", nonce="1cc6ab869fca869c2c085d78a3729a66", uri="/extproject/project/fc8afe5e-da35-4fe2-a991-7b26c829cde5/user/rpgpedia/salt/", response="69ead146a246cd51bbd076244d2e455b", opaque="ToDoMoveThisToSettings", algorithm="MD5", qop=auth, nc=00000001, cnonce="a84f8e6cfcd50a75"'
def setUp(self):
self.digestor = Digestor(realm='testrealm',
method='GET',
path='/testapi/simpleprotected/')
self.auth_string = 'Digest username="******", realm="extproject", nonce="1cc6ab869fca869c2c085d78a3729a66", uri="/extproject/project/fc8afe5e-da35-4fe2-a991-7b26c829cde5/user/rpgpedia/salt/", response="69ead146a246cd51bbd076244d2e455b", opaque="ToDoMoveThisToSettings", algorithm="MD5", qop=auth, nc=00000001, cnonce="a84f8e6cfcd50a75"'
class TestDigestor(UnitTestCase):
""" Test digestor, our wrapping class for handling digests """
def setUp(self):
self.digestor = Digestor(realm='testrealm',
method='GET',
path='/testapi/simpleprotected/')
self.auth_string = 'Digest username="******", realm="extproject", nonce="1cc6ab869fca869c2c085d78a3729a66", uri="/extproject/project/fc8afe5e-da35-4fe2-a991-7b26c829cde5/user/rpgpedia/salt/", response="69ead146a246cd51bbd076244d2e455b", opaque="ToDoMoveThisToSettings", algorithm="MD5", qop=auth, nc=00000001, cnonce="a84f8e6cfcd50a75"'
def _assertKeyEquals(self, key, value):
parsed_header = self.digestor.parse_authorization_header(
self.auth_string)
self.assertTrue(parsed_header.has_key(key))
self.assertEquals(value, parsed_header[key])
def test_get_digest_challenge(self):
challenge = self.digestor.get_digest_challenge()
# check our challenge is compatible with urllib2's resolving
if re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+realm="([^"]*)"',
re.I).match(challenge):
pass
else:
self.fail("Challenge %s does not match urllib2's regexp" %
challenge)
def test_proper_parsing_username(self):
self._assertKeyEquals('username', 'rpgpedia')
def test_proper_parsing_realm(self):
self._assertKeyEquals('realm', 'extproject')
def test_proper_parsing_nonce(self):
self._assertKeyEquals('nonce', '1cc6ab869fca869c2c085d78a3729a66')
def test_proper_parsing_uri(self):
self._assertKeyEquals(
'uri',
'/extproject/project/fc8afe5e-da35-4fe2-a991-7b26c829cde5/user/rpgpedia/salt/'
)
def test_proper_parsing_response(self):
self._assertKeyEquals('response', '69ead146a246cd51bbd076244d2e455b')
def test_proper_parsing_opaque(self):
self._assertKeyEquals('opaque', 'ToDoMoveThisToSettings')
def test_proper_parsing_algorithm(self):
self._assertKeyEquals('algorithm', 'MD5')
def test_proper_parsing_qop(self):
self._assertKeyEquals('qop', 'auth')
def test_proper_parsing_nc(self):
self._assertKeyEquals('nc', '00000001')
def test_proper_parsing_cnonce(self):
self._assertKeyEquals('cnonce', 'a84f8e6cfcd50a75')
def test_bad_parsing_missing_digest(self):
auth_string = 'username="******", realm="extproject", nonce="1cc6ab869fca869c2c085d78a3729a66", uri="/extproject/project/fc8afe5e-da35-4fe2-a991-7b26c829cde5/user/rpgpedia/salt/", response="69ead146a246cd51bbd076244d2e455b", opaque="ToDoMoveThisToSettings", algorithm="MD5", qop=auth, nc=00000001, cnonce="a84f8e6cfcd50a75"'
self.assertRaises(
ValueError,
lambda: self.digestor.parse_authorization_header(auth_string))
