def test_digest_auth_login_valid(self, generate_random_mock):
        generate_random_mock.side_effect = [
            "9549bf6d4fd6206e2945e8501481ddd5",
            "47c67cc7bedf6bc754f044f77f32b99e"
        ]
        req, response = self.client.get("/digest")
        self.assertTrue(response.status_code == 401)
        header = response.headers.get("WWW-Authenticate")
        auth_type, auth_info = header.split(None, 1)
        d = parse_dict_header(auth_info)

        auth_response = "21ca18e29c5dcc5c418d95fe8bef9477"

        req, response = self.client.get(
            "/digest",
            headers={
                "Authorization":
                'Digest username="******",realm="{0}",'
                'nonce="{1}",uri="/digest",response="{2}",'
                'opaque="{3}", nc="00000001",cnonce="5fd0a782"'.format(
                    d["realm"], d["nonce"], auth_response, d["opaque"])
            },
        )
        print(response.content)
        self.assertEqual(response.content, b"digest_auth:john")
    def test_digest_auth_login_bad_realm(self):
        req, response = self.client.get("/digest")
        self.assertTrue(response.status_code == 401)
        self.assertTrue(response.cookies is not None)
        header = response.headers.get("WWW-Authenticate")
        auth_type, auth_info = header.split(None, 1)
        d = parse_dict_header(auth_info)

        auth_response = md5("Authentication").hexdigest()

        req, response = self.client.get(
            "/digest",
            headers={
                "Authorization":
                'Digest username="******",realm="{0}",'
                'nonce="{1}",qop= "auth",uri="/digest",response="{2}",'
                'opaque="{3}"'.format(d["realm"], d["nonce"], auth_response,
                                      d["opaque"])
            },
        )
        self.assertEqual(response.status_code, 401)
        self.assertTrue("WWW-Authenticate" in response.headers)
        self.assertTrue(
            re.match(
                r'^Digest realm="Authentication Required", '
                r'nonce="[0-9a-f]+", qop="auth", opaque="[0-9a-f]+"$',
                response.headers["WWW-Authenticate"],
            ))
コード例 #3
0
    def test_digest_ha1_pw_auth_login_valid(self):
        req, response = self.client.get("/digest_ha1_pw")
        self.assertTrue(response.status_code == 401)
        header = response.headers.get("WWW-Authenticate")
        auth_type, auth_info = header.split(None, 1)
        d = parse_dict_header(auth_info)

        a1 = "john:" + d["realm"] + ":bye"
        ha1 = md5(a1).hexdigest()
        a2 = "GET:/digest_ha1_pw"
        ha2 = md5(a2).hexdigest()
        a3 = ha1 + ":" + d["nonce"] + ":" + ha2
        auth_response = md5(a3).hexdigest()

        req, response = self.client.get(
            "/digest_ha1_pw",
            headers={
                "Authorization":
                'Digest username="******",realm="{0}",'
                'nonce="{1}",uri="/digest_ha1_pw",'
                'response="{2}",'
                'opaque="{3}"'.format(d["realm"], d["nonce"], auth_response,
                                      d["opaque"])
            },
            cookies={"test_session": response.cookies.get("test_session")},
        )
        self.assertEqual(response.content, b"digest_auth_ha1_pw:john")
コード例 #4
0
    def test_digest_auth_login_invalid2(self):
        req, response = self.client.get("/digest")
        self.assertEqual(response.status_code, 401)
        self.assertTrue(response.cookies.get("test_session") is not None)
        header = response.headers.get("WWW-Authenticate")
        auth_type, auth_info = header.split(None, 1)
        d = parse_dict_header(auth_info)

        a1 = "david:" + "Authentication Required" + ":bye"
        ha1 = md5(a1).hexdigest()
        a2 = "GET:/digest"
        ha2 = md5(a2).hexdigest()
        a3 = ha1 + ":" + d["nonce"] + ":" + ha2
        auth_response = md5(a3).hexdigest()

        req, response = self.client.get(
            "/digest",
            headers={
                "Authorization":
                'Digest username="******",realm="{0}",'
                'nonce="{1}",uri="/digest",response="{2}",'
                'opaque="{3}"'.format(d["realm"], d["nonce"], auth_response,
                                      d["opaque"])
            },
            cookies={"test_session": response.cookies.get("test_session")},
        )
        self.assertEqual(response.status_code, 401)
        self.assertTrue("WWW-Authenticate" in response.headers)
        self.assertTrue(
            re.match(
                r'^Digest realm="Authentication Required", '
                r'nonce="[0-9a-f]+", qop="auth", opaque="[0-9a-f]+"$',
                response.headers["WWW-Authenticate"],
            ))
コード例 #5
0
    def test_digest_auth_login_bad_realm(self):
        req, response = self.client.get("/digest")
        self.assertTrue(response.status_code == 401)
        self.assertTrue(response.cookies.get("test_session") is not None)
        header = (f'Digest realm="Wrong Realm", '
                  f'nonce="9549bf6d4fd6206e2945e8501481ddd5", qop="auth", '
                  f'nc="00000001", cnonce="5fd0a782", '
                  f'opaque="47c67cc7bedf6bc754f044f77f32b99e"')
        response.headers["WWW-Authenticate"] = header
        auth_type, auth_info = header.split(None, 1)
        d = parse_dict_header(auth_info)

        auth_response = ""

        req, response = self.client.get(
            "/digest",
            headers={
                "Authorization":
                'Digest username="******",realm="{0}",'
                'nonce="{1}",uri="/digest",response="{2}",'
                'opaque="{3}"'.format(d["realm"], d["nonce"], auth_response,
                                      d["opaque"])
            },
            cookies={"test_session": response.cookies.get("test_session")},
        )
        self.assertEqual(response.status_code, 401)
        self.assertTrue("WWW-Authenticate" in response.headers)
        self.assertTrue(
            re.match(
                r'^Digest realm="Authentication Required", '
                r'nonce="[0-9a-f]+", qop="auth", opaque="[0-9a-f]+"$',
                response.headers["WWW-Authenticate"],
            ))
コード例 #6
0
    def test_digest_custom_nonce_checker(self):
        @self.digest_auth.generate_nonce
        def noncemaker(request):
            return "not a good nonce"

        @self.digest_auth.generate_opaque
        def opaquemaker(request):
            return "some opaque"

        verify_nonce_called = []

        @self.digest_auth.verify_nonce
        def verify_nonce(request, provided_nonce):
            verify_nonce_called.append(provided_nonce)
            return True

        verify_opaque_called = []

        @self.digest_auth.verify_opaque
        def verify_opaque(request, provided_opaque):
            verify_opaque_called.append(provided_opaque)
            return True

        req, response = self.client.get("/digest")
        self.assertEqual(response.status_code, 401)
        header = response.headers.get("WWW-Authenticate")
        auth_type, auth_info = header.split(None, 1)
        d = parse_dict_header(auth_info)

        self.assertEqual(d["nonce"], "not a good nonce")
        self.assertEqual(d["opaque"], "some opaque")

        a1 = "john:" + d["realm"] + ":bye"
        ha1 = md5(a1).hexdigest()
        a2 = "GET:/digest"
        ha2 = md5(a2).hexdigest()
        a3 = ha1 + ":" + d["nonce"] + ":" + ha2
        auth_response = md5(a3).hexdigest()

        req, response = self.client.get(
            "/digest",
            headers={
                "Authorization":
                'Digest username="******",realm="{0}",'
                'nonce="{1}",uri="/digest",response="{2}",'
                'opaque="{3}"'.format(d["realm"], d["nonce"], auth_response,
                                      d["opaque"])
            },
            cookies={"test_session": response.cookies.get("test_session")},
        )
        self.assertEqual(response.content, b"digest_auth:john")
        self.assertEqual(verify_nonce_called, ["not a good nonce"],
                         "Should have verified the nonce.")
        self.assertEqual(verify_opaque_called, ["some opaque"],
                         "Should have verified the opaque.")
コード例 #7
0
    def test_digest_custom_nonce_checker(self):
        @self.digest_auth.generate_nonce
        def noncemaker(request):
            return "not a good nonce"

        @self.digest_auth.generate_opaque
        def opaquemaker(request):
            return "some opaque"

        verify_nonce_called = []

        @self.digest_auth.verify_nonce
        def verify_nonce(request, provided_nonce):
            verify_nonce_called.append(provided_nonce)
            return True

        verify_opaque_called = []

        @self.digest_auth.verify_opaque
        def verify_opaque(request, provided_opaque):
            verify_opaque_called.append(provided_opaque)
            return True

        req, response = self.client.get("/digest")
        self.assertEqual(response.status_code, 401)
        header = response.headers["WWW-Authenticate"]
        auth_type, auth_info = header.split(None, 1)
        d = parse_dict_header(auth_info)

        self.assertEqual(d["nonce"], "not a good nonce")
        self.assertEqual(d["opaque"], "some opaque")

        auth_response = "648057b3e2e2cfeb838d03dba6bce576"

        req, response = self.client.get(
            "/digest",
            headers={
                "Authorization":
                'Digest username="******",realm="{0}",'
                'nonce="{1}",qop="auth",uri="/digest",response="{2}",'
                'opaque="{3}",nc="00000001",cnonce="5fd0a782"'.format(
                    d["realm"], d["nonce"], auth_response, d["opaque"])
            },
            cookies={"test_session": response.cookies.get("test_session")},
        )
        self.assertEqual(response.content, b"digest_auth:john")
        self.assertEqual(verify_nonce_called, ["not a good nonce"],
                         "Should have verified the nonce.")
        self.assertEqual(verify_opaque_called, ["some opaque"],
                         "Should have verified the opaque.")
コード例 #8
0
    def test_digest_ha1_pw_auth_login_valid(self):
        req, response = self.client.get("/digest_ha1_pw")
        self.assertTrue(response.status_code == 401)
        header = (f'Digest realm="Authentication Required", '
                  f'nonce="9549bf6d4fd6206e2945e8501481ddd5", qop="None", '
                  f'opaque="47c67cc7bedf6bc754f044f77f32b99e"')
        response.headers["WWW-Authenticate"] = header
        auth_type, auth_info = header.split(None, 1)
        d = parse_dict_header(auth_info)

        auth_response = "7afa823fb21430c8acb89ed054a5add6"
        req, response = self.client.get(
            "/digest_ha1_pw",
            headers={
                "Authorization":
                'Digest username="******",realm="{0}",'
                'nonce="{1}",uri="/digest_ha1_pw",'
                'response="{2}",'
                'opaque="{3}"'.format(d["realm"], d["nonce"], auth_response,
                                      d["opaque"])
            },
            cookies={"test_session": response.cookies.get("test_session")},
        )
        self.assertEqual(response.content, b"digest_auth_ha1_pw:john")