def get_challenge(policy, request):
"""Get a new digest-auth challenge from the policy."""
for name, value in policy.forget(request):
if name == "WWW-Authenticate":
req = make_request(HTTP_AUTHORIZATION=value)
return parse_authz_header(req)
raise ValueError("policy didn't issue a challenge")
def get_challenge(policy, request):
"""Get a new digest-auth challenge from the policy."""
for name, value in policy.forget(request):
if name == "WWW-Authenticate":
req = make_request(HTTP_AUTHORIZATION=value)
return parse_authz_header(req)
raise ValueError("policy didn't issue a challenge")
def _get_auth_params(self, request):
"""Extract digest-auth parameters from the request.
This method extracts digest-auth parameters from the Authorization
header and returns them as a dict. If they are missing then None
is returned.
"""
# Parse the Authorization header, using cached version if possible.
if _ENVKEY_PARSED_AUTHZ in request.environ:
params = request.environ[_ENVKEY_PARSED_AUTHZ]
else:
try:
params = parse_authz_header(request)
except ValueError:
params = None
request.environ[_ENVKEY_PARSED_AUTHZ] = params
# Check that they're valid digest-auth parameters.
if params is None:
return None
if params["scheme"].lower() != "digest":
return None
if not validate_digest_parameters(params, self.realm):
return None
# Check that the digest is applied to the correct URI.
if not validate_digest_uri(params, request):
return None
# Check that the provided nonce is valid.
# If this looks like a stale request, mark it in the request
# so we can include that information in the challenge.
if not validate_digest_nonce(params, request, self.nonce_manager):
request.environ[_ENVKEY_STALE_NONCE] = True
return None
return params
def parse_authz_value(authz):
environ = {"HTTP_AUTHORIZATION": authz}
req = DummyRequest(environ=environ)
return parse_authz_header(req)
