Exemplo n.º 1
0
Arquivo: app.py Projeto: imbolc/httphq
    def get(self, username, password):
        try:
            auth = self.request.headers.get("Authorization")
            if auth is None:
                return self._request_auth()
            else:
                try:
                    authorization_info = Authorization.from_string(auth)
                except Exception, e:
                    self._request_auth()

                if not auth.startswith("Basic "):
                    return self._request_auth()

                ## Request authorization header
                ## Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

                if authorization_info['username'] == username and \
                       authorization_info['password'] == password:
                    self.json_response({"authenticated": True,
                                        'password': password,
                                        'username': username,
                                        'auth-type': 'basic'})
                else:
                    self._request_auth()
        except Exception, e:
            self._request_auth()
Exemplo n.º 2
0
Arquivo: app.py Projeto: imbolc/httphq
    def get(self, username, password, qop=None):
        if qop not in ('auth', 'auth-int'):
            qop = None
        ## Response no authenticated header
        ## WWW-Authenticate: Digest realm="*****@*****.**",
        ##                 qop="auth,auth-int",
        ##                 nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
        ##                 opaque="5ccc069c403ebaf9f0171e9517f40e41"
        ##
        ## HTTP Digest auth request header
        ## Authorization:Digest username="******",
        ##                 realm="mapbender_registry",
        ##                 nonce="1c6437cc7cba6c72df4d50c46cff2f15",
        ##                 uri="/http_auth/24150",
        ##                 response="6bd4212340a437c7486184d362c6e946",
        ##                 opaque="b28db91512b288b4a97030aa968487d5",
        ##                 qop=auth,
        ##                 nc=00000002,
        ##                 cnonce="8a2782a5b869595d"

        try:
            auth = self.request.headers.get("Authorization")
            if auth is None:
                return self._request_auth(qop)
            else:
                try:
                    authorization_info = Authorization.from_string(auth)
                except Exception, e:
                    self._request_auth(qop)
                else:
                    request_info = dict()
Exemplo n.º 3
0
    def test_parse_authorization_header(self):
        control = dict((('username', "Mufasa"),
                        ('realm', "*****@*****.**"),
                        ('nonce', "dcd98b7102dd2f0e8b11d0f600bfb0c093"),
                        ('uri', "/dir/index.html"),
                        ('nc', '00000001'),
                        ('cnonce', "0a4f113b"),
                        ('response', "e966c932a9242554e42c8ee200cec7f6"),
                        ('opaque', "5ccc069c403ebaf9f0171e9517f40e41")))


        parsed_authorization_header = parse_authorization_header(self.authorization_value)

        self.assertTrue(isinstance(parsed_authorization_header, Authorization))
        self.assertEquals(parsed_authorization_header._auth_type.lower(), 'digest')
        for k, v in control.iteritems():
            self.assertEquals(parsed_authorization_header[k], v)

        parsed_authorization_header2 = Authorization.from_string(self.authorization_value)

        self.assertTrue(isinstance(parsed_authorization_header2, Authorization))
        self.assertEquals(parsed_authorization_header2._auth_type.lower(), 'digest')
        for k, v in control.iteritems():
            self.assertEquals(parsed_authorization_header2[k], v)

        compiled_header_value = parsed_authorization_header.to_header()
        for k, v in control.iteritems():
            self.assertTrue('%s="%s"' % (k, v) in compiled_header_value)
Exemplo n.º 4
0
Arquivo: app.py Projeto: imbolc/httphq
    def get_authorization(self):
        auth = self.request.headers.get("Authorization")
        if auth:
            authorization = Authorization.from_string(auth)
            for k in self.REQUIRED_FIELDS:
                if k not in authorization.keys():
                    self._request_auth()
                    return
        else:
            d = {}
            for k in self.REQUIRED_FIELDS:
                if k not in self.request.arguments.keys():
                    self._request_auth()
                    return
                d[k] = self.request.arguments.get(k)[0]
            authorization = Authorization('OAuth', d)

        return authorization