def test_rfc2617_example(self): plugin = DigestAuthPlugin("*****@*****.**", nonce_manager=EasyNonceManager()) # Calculate the response according to the RFC example parameters. password = "******" params = { "username": "******", "realm": "*****@*****.**", "nonce": "dcd98b7102dd2f0e8b11d0f600bfb0c093", "uri": "/dir/index.html", "qop": "auth", "nc": "00000001", "cnonce": "0a4f113b", "opaque": "5ccc069c403ebaf9f0171e9517f40e41", "request-method": "GET", } resp = calculate_digest_response(params, password=password) # Check that it's as expected self.assertEquals(resp, "6629fae49393a05397450978507c4ef1") # Check that we can auth using it. params["response"] = resp authz = ",".join('%s="%s"' % v for v in params.iteritems()) environ = make_environ(REQUEST_METHOD="GET", PATH_INFO="/dir/index.html", HTTP_AUTHORIZATION="Digest " + authz) identity = plugin.identify(environ) self.assertEquals(identity["username"], "Mufasa")
def build_response(environ, params, username, password, **kwds): """Build a response to the digest-auth challenge.""" params = params.copy() params["request-method"] = environ["REQUEST_METHOD"] params["content-md5"] = environ.get("HTTP_CONTENT_MD5") # remove qop from the challenge parameters. params.pop("qop", None) params.update(kwds) params.setdefault("username", username) params.setdefault("uri", wsgiref.util.request_uri(environ)) # do qop=auth unless specified otherwise in kwds params.setdefault("qop", "auth") if not params["qop"]: del params["qop"] else: params.setdefault("cnonce", os.urandom(8).encode("hex")) params.setdefault("nc", "0000001") resp = calculate_digest_response(params, password=password) params["response"] = resp authz = ",".join('%s="%s"' % v for v in params.iteritems()) environ["HTTP_AUTHORIZATION"] = "Digest " + authz return params