def get_challenge(policy, request): """Get a new digest-auth challenge from the policy.""" for name, value in policy.forget(request): if name == "WWW-Authenticate": req = make_request(HTTP_AUTHORIZATION=value) return parse_authz_header(req) raise ValueError("policy didn't issue a challenge")
def _get_auth_params(self, request): """Extract digest-auth parameters from the request. This method extracts digest-auth parameters from the Authorization header and returns them as a dict. If they are missing then None is returned. """ # Parse the Authorization header, using cached version if possible. if _ENVKEY_PARSED_AUTHZ in request.environ: params = request.environ[_ENVKEY_PARSED_AUTHZ] else: try: params = parse_authz_header(request) except ValueError: params = None request.environ[_ENVKEY_PARSED_AUTHZ] = params # Check that they're valid digest-auth parameters. if params is None: return None if params["scheme"].lower() != "digest": return None if not validate_digest_parameters(params, self.realm): return None # Check that the digest is applied to the correct URI. if not validate_digest_uri(params, request): return None # Check that the provided nonce is valid. # If this looks like a stale request, mark it in the request # so we can include that information in the challenge. if not validate_digest_nonce(params, request, self.nonce_manager): request.environ[_ENVKEY_STALE_NONCE] = True return None return params
def parse_authz_value(authz): environ = {"HTTP_AUTHORIZATION": authz} req = DummyRequest(environ=environ) return parse_authz_header(req)