def test_digest_auth_login_invalid2(self): response = self.client.get('/digest') self.assertEqual(response.status_code, 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = 'david:' + 'Authentication Required' + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest', headers={ 'Authorization': 'Digest username="******",realm="{0}",' 'nonce="{1}",uri="/digest",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertTrue(re.match(r'^Digest realm="Authentication Required",' r'nonce="[0-9a-f]+",opaque="[0-9a-f]+"$', response.headers['WWW-Authenticate']))
def test_digest_auth_login_bad_realm(self): response = self.client.get('/digest') self.assertTrue(response.status_code == 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = 'john:' + 'Wrong Realm' + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest', headers={ 'Authorization': 'Digest username="******",realm="{0}",' 'nonce="{1}",uri="/digest",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertTrue(re.match(r'^Digest realm="Authentication Required",' r'nonce="[0-9a-f]+",opaque="[0-9a-f]+"$', response.headers['WWW-Authenticate']))
def test_digest_auth_login_valid(self): response = self.client.get("/digest") self.assertTrue(response.status_code == 401) header = response.headers.get("WWW-Authenticate") auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = "john:" + d["realm"] + ":bye" ha1 = md5(a1).hexdigest() a2 = "GET:/digest" ha2 = md5(a2).hexdigest() a3 = ha1 + ":" + d["nonce"] + ":" + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( "/digest", headers={ "Authorization": 'Digest username="******",realm="' + d["realm"] + '",nonce="' + d["nonce"] + '",uri="/digest",response="' + auth_response + '",opaque="' + d["opaque"] + '"' }, ) self.assertTrue(response.data == b"digest_auth:john")
def _test_digest_response_for_auth_request(self, header, username, password, qop, uri, body, nc=1, nonce=None): auth_type, auth_info = header.split(None, 1) self.assertEqual(auth_type, 'Digest') d = parse_dict_header(auth_info) nonce = nonce or d['nonce'] realm = d['realm'] opaque = d['opaque'] if qop : self.assertIn(qop, [x.strip() for x in d['qop'].split(',')], 'Challenge should contains expected qop') algorithm = d['algorithm'] cnonce, nc = (_hash(os.urandom(10), "MD5"), '{:08}'.format(nc)) if qop in ('auth', 'auth-int') else (None, None) auth_header = _make_digest_auth_header( username, password, 'GET', uri, nonce, realm, opaque, algorithm, qop, cnonce, nc, body) # make second request return self.app.get( uri, environ_base={ # httpbin's digest auth implementation uses the remote addr to # build the nonce 'REMOTE_ADDR': '127.0.0.1', }, headers={ 'Authorization': auth_header, }, data=body ), nonce
def test_digest_custom_nonce_checker(self): @self.digest_auth.generate_nonce def noncemaker(): return 'not a good nonce' @self.digest_auth.generate_opaque def opaquemaker(): return 'some opaque' verify_nonce_called = [] @self.digest_auth.verify_nonce def verify_nonce(provided_nonce): verify_nonce_called.append(provided_nonce) return True verify_opaque_called = [] @self.digest_auth.verify_opaque def verify_opaque(provided_opaque): verify_opaque_called.append(provided_opaque) return True response = self.client.get('/digest') self.assertEqual(response.status_code, 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) self.assertEqual(d['nonce'], 'not a good nonce') self.assertEqual(d['opaque'], 'some opaque') a1 = 'john:' + d['realm'] + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest', headers={ 'Authorization': 'Digest username="******",realm="{0}",' 'nonce="{1}",uri="/digest",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque']) }) self.assertEqual(response.data, b'digest_auth:john') self.assertEqual(verify_nonce_called, ['not a good nonce'], "Should have verified the nonce.") self.assertEqual(verify_opaque_called, ['some opaque'], "Should have verified the opaque.")
def test_digest_custom_nonce_checker(self): @self.digest_auth.generate_nonce def noncemaker(): return 'not a good nonce' @self.digest_auth.generate_opaque def opaquemaker(): return 'some opaque' verify_nonce_called = [] @self.digest_auth.verify_nonce def verify_nonce(provided_nonce): verify_nonce_called.append(provided_nonce) return True verify_opaque_called = [] @self.digest_auth.verify_opaque def verify_opaque(provided_opaque): verify_opaque_called.append(provided_opaque) return True response = self.client.get('/digest') self.assertEqual(response.status_code, 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) self.assertEqual(d['nonce'], 'not a good nonce') self.assertEqual(d['opaque'], 'some opaque') a1 = 'john:' + d['realm'] + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest', headers={ 'Authorization': 'Digest username="******",realm="{0}",' 'nonce="{1}",uri="/digest",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) self.assertEqual(response.data, b'digest_auth:john') self.assertEqual(verify_nonce_called, ['not a good nonce'], "Should have verified the nonce.") self.assertEqual(verify_opaque_called, ['some opaque'], "Should have verified the opaque.")
def _test_digest_auth(self, username, password, qop=None, algorithm=None, body=None): uri = '/digest-auth/{0}/{1}/{2}'.format(qop or 'wrong-qop', username, password) if algorithm: uri += '/' + algorithm unauthorized_response = self.app.get( uri, environ_base={ # digest auth uses the remote addr to build the nonce 'REMOTE_ADDR': '127.0.0.1', }) # make sure it returns a 401 self.assertEqual(unauthorized_response.status_code, 401) header = unauthorized_response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) self.assertEqual(auth_type, 'Digest') d = parse_dict_header(auth_info) nonce = d['nonce'] realm = d['realm'] opaque = d['opaque'] cnonce, nc = (_hash(os.urandom(10), "MD5"), '00000001') if qop in ('auth', 'auth-int') else (None, None) auth_header = _make_digest_auth_header(username, password, 'GET', uri, nonce, realm, opaque, algorithm, qop, cnonce, nc, body) # make second request authorized_response = self.app.get( uri, environ_base={ # httpbin's digest auth implementation uses the remote addr to # build the nonce 'REMOTE_ADDR': '127.0.0.1', }, headers={ 'Authorization': auth_header, }, data=body) # done! self.assertEqual(authorized_response.status_code, 200)
def encode(self, val): val = http.parse_dict_header(val) _v = '' for k,v in val.items(): _v += '_' # simulate flags _v += self.enc_uvarint(len(k)) _v += k value = self.attempt_decode(v) if not value is None: _v += self.enc_uvarint(len(value)) _v += value else: _v += self.enc_uvarint(0) return _v
def enc_cookie(val, type='req'): val = http.parse_dict_header(val) _v = '' for k, v in val.items(): _v += '_' # simulate flags _v += enc_uvarint(len(k)) _v += k value = attempt_decode(v) if not value is None: _v += enc_uvarint(len(value)) _v += value else: _v += enc_uvarint(0) return _v
def enc_cookie(val, type='req'): val = http.parse_dict_header(val) _v = '' for k,v in val.items(): _v += '_' # simulate flags _v += enc_uvarint(len(k)) _v += k value = attempt_decode(v) if not value is None: _v += enc_uvarint(len(value)) _v += value else: _v += enc_uvarint(0) return _v
def encode(self, val): val = http.parse_dict_header(val) _v = '' for k, v in val.items(): _v += '_' # simulate flags _v += self.enc_uvarint(len(k)) _v += k value = self.attempt_decode(v) if not value is None: _v += self.enc_uvarint(len(value)) _v += value else: _v += self.enc_uvarint(0) return _v
def test_digest_auth(self): # make first request unauthorized_response = self.app.get( "/digest-auth/auth/user/passwd", environ_base={ # digest auth uses the remote addr to build the nonce "REMOTE_ADDR": "127.0.0.1" }, ) # make sure it returns a 401 self.assertEqual(unauthorized_response.status_code, 401) header = unauthorized_response.headers.get("WWW-Authenticate") auth_type, auth_info = header.split(None, 1) # Begin crappy digest-auth implementation d = parse_dict_header(auth_info) a1 = b"user:"******"realm"].encode("utf-8") + b":passwd" ha1 = md5(a1).hexdigest().encode("utf-8") a2 = b"GET:/digest-auth/auth/user/passwd" ha2 = md5(a2).hexdigest().encode("utf-8") a3 = ha1 + b":" + d["nonce"].encode("utf-8") + b":" + ha2 auth_response = md5(a3).hexdigest() auth_header = ( 'Digest username="******",realm="' + d["realm"] + '",nonce="' + d["nonce"] + '",uri="/digest-auth/auth/user/passwd",response="' + auth_response + '",opaque="' + d["opaque"] + '"' ) # make second request authorized_response = self.app.get( "/digest-auth/auth/user/passwd", environ_base={ # httpbin's digest auth implementation uses the remote addr to # build the nonce "REMOTE_ADDR": "127.0.0.1" }, headers={"Authorization": auth_header}, ) # done! self.assertEqual(authorized_response.status_code, 200)
def test_digest_auth_login_valid(self): response = self.client.get('/digest') self.assertTrue(response.status_code == 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = 'john:' + d['realm'] + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get('/digest', headers = { 'Authorization': 'Digest username="******",realm="' + d['realm'] + '",nonce="' + d['nonce'] + '",uri="/digest",response="' + auth_response + '",opaque="' + d['opaque'] + '"' }) self.assertTrue(response.data == b'digest_auth:john')
def test_digest_auth(self): # make first request unauthorized_response = self.app.get( '/digest-auth/auth/user/passwd', environ_base={ # digest auth uses the remote addr to build the nonce 'REMOTE_ADDR': '127.0.0.1', } ) # make sure it returns a 401 self.assertEqual(unauthorized_response.status_code, 401) header = unauthorized_response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) # Begin crappy digest-auth implementation d = parse_dict_header(auth_info) a1 = b'user:'******'realm'].encode('utf-8') + b':passwd' ha1 = md5(a1).hexdigest().encode('utf-8') a2 = b'GET:/digest-auth/auth/user/passwd' ha2 = md5(a2).hexdigest().encode('utf-8') a3 = ha1 + b':' + d['nonce'].encode('utf-8') + b':' + ha2 auth_response = md5(a3).hexdigest() auth_header = 'Digest username="******",realm="' + \ d['realm'] + \ '",nonce="' + \ d['nonce'] + \ '",uri="/digest-auth/auth/user/passwd",response="' + \ auth_response + \ '",opaque="' + \ d['opaque'] + '"' # make second request authorized_response = self.app.get( '/digest-auth/auth/user/passwd', environ_base={ # httpbin's digest auth implementation uses the remote addr to # build the nonce 'REMOTE_ADDR': '127.0.0.1', }, headers={ 'Authorization': auth_header, } ) # done! self.assertEqual(authorized_response.status_code, 200)
def test_digest_auth(self): # make first request unauthorized_response = self.app.get( '/digest-auth/auth/user/passwd/MD5', environ_base={ # digest auth uses the remote addr to build the nonce 'REMOTE_ADDR': '127.0.0.1', } ) # make sure it returns a 401 self.assertEqual(unauthorized_response.status_code, 401) header = unauthorized_response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) # Begin crappy digest-auth implementation d = parse_dict_header(auth_info) a1 = b'user:'******'realm'].encode('utf-8') + b':passwd' ha1 = md5(a1).hexdigest().encode('utf-8') a2 = b'GET:/digest-auth/auth/user/passwd/MD5' ha2 = md5(a2).hexdigest().encode('utf-8') a3 = ha1 + b':' + d['nonce'].encode('utf-8') + b':' + ha2 auth_response = md5(a3).hexdigest() auth_header = 'Digest username="******",realm="' + \ d['realm'] + \ '",nonce="' + \ d['nonce'] + \ '",uri="/digest-auth/auth/user/passwd/MD5",response="' + \ auth_response + \ '",opaque="' + \ d['opaque'] + '"' # make second request authorized_response = self.app.get( '/digest-auth/auth/user/passwd/MD5', environ_base={ # httpbin's digest auth implementation uses the remote addr to # build the nonce 'REMOTE_ADDR': '127.0.0.1', }, headers={ 'Authorization': auth_header, } ) # done! self.assertEqual(authorized_response.status_code, 200)
def _test_digest_auth(self, username, password, qop=None, algorithm=None, body=None): uri = '/digest-auth/{0}/{1}/{2}'.format(qop or 'wrong-qop', username, password) if algorithm: uri += '/' + algorithm unauthorized_response = self.app.get( uri, environ_base={ # digest auth uses the remote addr to build the nonce 'REMOTE_ADDR': '127.0.0.1', } ) # make sure it returns a 401 self.assertEqual(unauthorized_response.status_code, 401) header = unauthorized_response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) self.assertEqual(auth_type, 'Digest') d = parse_dict_header(auth_info) nonce = d['nonce'] realm = d['realm'] opaque = d['opaque'] cnonce, nc = (_hash(os.urandom(10), "MD5"), '00000001') if qop in ('auth', 'auth-int') else (None, None) auth_header = _make_digest_auth_header( username, password, 'GET', uri, nonce, realm, opaque, algorithm, qop, cnonce, nc, body) # make second request authorized_response = self.app.get( uri, environ_base={ # httpbin's digest auth implementation uses the remote addr to # build the nonce 'REMOTE_ADDR': '127.0.0.1', }, headers={ 'Authorization': auth_header, }, data=body ) # done! self.assertEqual(authorized_response.status_code, 200)
def test_digest_auth_login_bad_realm(self): response = self.client.get('/digest') self.assertTrue(response.status_code == 401) header = response.headers.get("WWW-Authenticate") auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = "john:" + 'Wrong Realm' + ":bye" ha1 = md5(a1).hexdigest() a2 = "GET:/digest" ha2 = md5(a2).hexdigest() a3 = ha1 + ":" + d['nonce'] + ":" + ha2 auth_response = md5(a3).hexdigest() response = self.client.get('/digest', headers = { "Authorization": 'Digest username="******",realm="' + d['realm'] + '",nonce="' + d['nonce'] + '",uri="/digest",response="' + auth_response + '",opaque="' + d['opaque'] + '"' }) self.assertTrue(response.status_code == 401) self.assertTrue("WWW-Authenticate" in response.headers) self.assertTrue(re.match(r'^Digest realm="Authentication Required",nonce="[0-9a-f]+",opaque="[0-9a-f]+"$', response.headers["WWW-Authenticate"]))
def _test_digest_response_for_auth_request(self, header, username, password, qop, uri, body, nc=1, nonce=None): auth_type, auth_info = header.split(None, 1) self.assertEqual(auth_type, 'Digest') d = parse_dict_header(auth_info) nonce = nonce or d['nonce'] realm = d['realm'] opaque = d['opaque'] if qop: self.assertIn(qop, [x.strip() for x in d['qop'].split(',')], 'Challenge should contains expected qop') algorithm = d['algorithm'] cnonce, nc = (_hash(os.urandom(10), "MD5"), '{:08}'.format(nc)) if qop in ('auth', 'auth-int') else (None, None) auth_header = _make_digest_auth_header(username, password, 'GET', uri, nonce, realm, opaque, algorithm, qop, cnonce, nc, body) # make second request return self.app.get( uri, environ_base={ # httpbin's digest auth implementation uses the remote addr to # build the nonce 'REMOTE_ADDR': '127.0.0.1', }, headers={ 'Authorization': auth_header, }, data=body), nonce
def _get_seconds_until_expire(cls, head_response: Mapping[str, Any]) -> float: """ Get the number of seconds before a cached manifest is past its expiration. :param head_response: A storage service object header dict :return: time to expiration in seconds """ # example Expiration: 'expiry-date="Fri, 21 Dec 2012 00:00:00 GMT", rule-id="Rule for testfile.txt"' now = datetime.now(timezone.utc) expiration = parse_dict_header(head_response['Expiration']) expiry_datetime = email.utils.parsedate_to_datetime(expiration['expiry-date']) expiry_seconds = (expiry_datetime - now).total_seconds() # Verify that 'Expiration' matches value calculated from 'LastModified' last_modified = head_response['LastModified'] expected_expiry_date: datetime = last_modified + timedelta(days=config.manifest_expiration) expected_expiry_seconds = (expected_expiry_date - now).total_seconds() if abs(expiry_seconds - expected_expiry_seconds) > cls._date_diff_margin: logger.error('The actual object expiration (%s) does not match expected value (%s)', expiration, expected_expiry_date) else: logger.debug('Manifest object expires in %s seconds, on %s', expiry_seconds, expiry_datetime) return expiry_seconds
def test_digest_ha1_pw_auth_login_valid(self): response = self.client.get('/digest_ha1_pw') self.assertTrue(response.status_code == 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = 'john:' + d['realm'] + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest_ha1_pw' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest', headers={ 'Authorization': 'Digest username="******",realm="{0}",' 'nonce="{1}",uri="/digest_ha1_pw",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) self.assertEqual(response.data, b'digest_auth:john')
def test_digest_auth_login_valid(self): response = self.client.get('/digest') self.assertTrue(response.status_code == 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = 'john:' + d['realm'] + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest', headers={ 'Authorization': 'Digest username="******",realm="' + d['realm'] + '",nonce="' + d['nonce'] + '",uri="/digest",response="' + auth_response + '",opaque="' + d['opaque'] + '"' }) self.assertTrue(response.data == b'digest_auth:john')
def _test_digest_response_for_auth_request(session, header, username, password, qop, uri, body, nc=1, nonce=None): auth_type, auth_info = header.split(None, 1) assert auth_type == 'Digest' d = parse_dict_header(auth_info) nonce = nonce or d['nonce'] realm = d['realm'] opaque = d['opaque'] algorithm = d['algorithm'] if qop: expected = [x.strip() for x in d['qop'].split(',')] assert qop in expected, 'Challenge should contains expected qop' if qop in ('auth', 'auth-int'): cnonce, nc = (_hash(os.urandom(10), "MD5"), '{0:08}'.format(nc)) else: cnonce, nc = (None, None) auth_header = _make_digest_auth_header(username, password, 'GET', uri, nonce, realm, opaque, algorithm, qop, cnonce, nc, body) # make second request response = session.get(url(uri), headers={'Authorization': auth_header}, data=body) return response, nonce
def enc_p3p(val, type='req'): val = http.parse_dict_header(val) _v = '' # policy refs if 'policyref' in val: _v += enc_uvarint(len(val['policyref'])) _v += val['policyref'] else: _v += enc_uvarint(0) cp = '' if 'CP' in val: tokens = val['CP'].split(' ') for token in tokens: # check for the fake P3P profiles like google produces... will ignore those nil values for now if not token[:3] in p3p_table: cp = '' break q = (p3p_table.index(token[:3])+1) << 2 if len(token) == 4: q |= ['a','i','o'].index(token[-1]) cp += struct.pack('!B',q) if len(cp) > 0: _v += cp return _v
def enc_p3p(val, type='req'): val = http.parse_dict_header(val) _v = '' # policy refs if 'policyref' in val: _v += enc_uvarint(len(val['policyref'])) _v += val['policyref'] else: _v += enc_uvarint(0) cp = '' if 'CP' in val: tokens = val['CP'].split(' ') for token in tokens: # check for the fake P3P profiles like google produces... will ignore those nil values for now if not token[:3] in p3p_table: cp = '' break q = (p3p_table.index(token[:3]) + 1) << 2 if len(token) == 4: q |= ['a', 'i', 'o'].index(token[-1]) cp += struct.pack('!B', q) if len(cp) > 0: _v += cp return _v
def test_dict_header(self): d = http.parse_dict_header('foo="bar baz", blah=42') self.assert_equal(d, {'foo': 'bar baz', 'blah': '42'})
def test_dict_header(self): d = http.parse_dict_header('foo="bar baz", blah=42') assert d == {"foo": "bar baz", "blah": "42"}
def test_dict_header(self): d = http.parse_dict_header('foo="bar baz", blah=42') assert d == {'foo': 'bar baz', 'blah': '42'}
def login(client, method, json_dict=None, url=None): response = client.get('/user') assert (response.status_code == 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = 'admin:' + d['realm'] + ':1234' ha1 = md5(a1).hexdigest() if((method == "post") and (json_dict != None)): a2 = 'POST:/user' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = client.post('/user', data=json.dumps(json_dict), content_type='application/json', headers={ 'Authorization': 'Digest username="******",realm="{0}",' 'nonce="{1}",uri="/user",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) elif(method == "get"): if(url != None): a2 = 'GET:' + url ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = client.get(url, headers={ 'Authorization': 'Digest username="******",realm="{0}",' 'nonce="{1}",uri={4},response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'], url)}) else: a2 = 'GET:/user' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = client.get('/user', headers={ 'Authorization': 'Digest username="******",realm="{0}",' 'nonce="{1}",uri="/user",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) elif((method == "delete") and (url != None)): a2 = 'DELETE:' + url ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = client.delete(url, data=json.dumps(json_dict), content_type='application/json', headers={ 'Authorization': 'Digest username="******",realm="{0}",' 'nonce="{1}",uri={4},response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'], url)}) elif((method == "put") and (url != None) and (json_dict != None)): a2 = 'PUT:' + url ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = client.put(url, data=json.dumps(json_dict), content_type='application/json', headers={ 'Authorization': 'Digest username="******",realm="{0}",' 'nonce="{1}",uri={4},response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'], url)}) else: raise ValueError("Check the given paremeters") return response
def test_dict_header(self): d = http.parse_dict_header('foo="bar baz", blah=42') self.assert_equal(d, {"foo": "bar baz", "blah": "42"})
def custom_header_value_matcher(actual: str, expected: str) -> bool: actual_scheme, _, actual_dict_str = actual.partition(' ') expected_scheme, _, expected_dict_str = expected.partition(' ') actual_dict = parse_dict_header(actual_dict_str) expected_dict = parse_dict_header(expected_dict_str) return actual_scheme == expected_scheme and actual_dict == expected_dict