def test_auth_good_get_with_vars(self): pwdhash = calculate_pwdhash("tester", "testing", "test") policy = DigestAuthenticationPolicy("test", get_pwdhash=lambda u, r: pwdhash) request = make_request(REQUEST_METHOD="GET", PATH_INFO="/hi?who=me") params = get_challenge(policy, request) build_response(params, request, "tester", "testing") self.assertNotEquals(policy.authenticated_userid(request), None)
def _authenticate(self, request, params): """Authenticate digest-auth params against known passwords. This method checks the provided response digest to authenticate the request, using either the "get_password" or "get_pwdhash" callback to obtain the user's verifier. """ username = params["username"] realm = params["realm"] response = params["response"] # Quick check if we've already validated these params. if request.environ.get(_ENVKEY_VALID_RESPONSE) == response: return True # Obtain the pwdhash via one of the callbacks. if self.get_pwdhash is not None: pwdhash = self.get_pwdhash(username, realm) elif self.get_password is not None: password = self.get_password(username) pwdhash = calculate_pwdhash(username, password, realm) else: return False # Validate the digest response. if not check_digest_response(params, request, pwdhash=pwdhash): return False # Cache the successful authentication. request.environ[_ENVKEY_VALID_RESPONSE] = response return True
def get_pwdhash(username, realm): return calculate_pwdhash(username, username, realm)