def build_response(params, request, username, password, **kwds): """Build a response to the digest-auth challenge.""" def random_cnonce(): cn = os.urandom(8) if six.PY3: import binascii return binascii.hexlify(cn).decode('utf-8') else: return cn.encode('hex') params = params.copy() # remove qop from the challenge parameters. params.pop("qop", None) params.update(kwds) params.setdefault("username", username) params.setdefault("uri", wsgiref.util.request_uri(request.environ)) # do qop=auth unless specified otherwise in kwds params.setdefault("qop", "auth") if not params["qop"]: del params["qop"] else: params.setdefault("cnonce", random_cnonce()) params.setdefault("nc", "0000001") resp = utils.calculate_digest_response(params, request, password=password) params["response"] = resp set_authz_header(request, params) return params
def test_rfc2617_example(self): password = "******" params = {"username": "******", "realm": "*****@*****.**", "nonce": "dcd98b7102dd2f0e8b11d0f600bfb0c093", "uri": "/dir/index.html", "qop": "auth", "nc": "00000001", "cnonce": "0a4f113b", "opaque": "5ccc069c403ebaf9f0171e9517f40e41"} http_auth_policy = HttpAuthPolicy("*****@*****.**", 'digest', get_password=lambda usr: '******') scheme = HttpDigestScheme(http_auth_policy, nonce_manager=EasyNonceManager()) # Calculate the response according to the RFC example parameters. request = make_request(REQUEST_METHOD="GET", PATH_INFO="/dir/index.html") resp = utils.calculate_digest_response(params, request, password=password) # Check that it's as expected from the RFC example section. self.assertEquals(resp, "6629fae49393a05397450978507c4ef1") # Check that we can auth using it. params["response"] = resp set_authz_header(request, params) self.assertEquals(scheme.unauthenticated_userid(request), "Mufasa") self.assertEquals(scheme.authenticated_userid(request), "Mufasa")
def test_rfc2617_example(self): password = "******" params = { "username": "******", "realm": "*****@*****.**", "nonce": "dcd98b7102dd2f0e8b11d0f600bfb0c093", "uri": "/dir/index.html", "qop": "auth", "nc": "00000001", "cnonce": "0a4f113b", "opaque": "5ccc069c403ebaf9f0171e9517f40e41" } http_auth_policy = HttpAuthPolicy( "*****@*****.**", 'digest', get_password=lambda usr: '******') scheme = HttpDigestScheme(http_auth_policy, nonce_manager=EasyNonceManager()) # Calculate the response according to the RFC example parameters. request = make_request(REQUEST_METHOD="GET", PATH_INFO="/dir/index.html") resp = utils.calculate_digest_response(params, request, password=password) # Check that it's as expected from the RFC example section. self.assertEquals(resp, "6629fae49393a05397450978507c4ef1") # Check that we can auth using it. params["response"] = resp set_authz_header(request, params) self.assertEquals(scheme.unauthenticated_userid(request), "Mufasa") self.assertEquals(scheme.authenticated_userid(request), "Mufasa")