def authenticate(self, request, auth, stored_password_or_ha1): if ( not auth or not auth.username or not auth.realm or not auth.uri or not auth.nonce or not auth.response or not stored_password_or_ha1 ): return False if not (self.verify_nonce_callback(request, auth.nonce)) or not ( self.verify_opaque_callback(request, auth.opaque) ): return False if self.use_ha1_pw: ha1 = stored_password_or_ha1 else: a1 = auth.username + ":" + auth.realm + ":" + stored_password_or_ha1 ha1 = md5(a1.encode("utf-8")).hexdigest() a2 = request.method + ":" + auth.uri ha2 = md5(a2.encode("utf-8")).hexdigest() a3 = ha1 + ":" + auth.nonce + ":" + ha2 response = md5(a3.encode("utf-8")).hexdigest() return safe_str_cmp(response, auth.response)
def authenticate(self, request, auth, stored_password_or_ha1): if (not auth or not auth.username or not auth.realm or not auth.uri or not auth.nonce or not auth.response or not stored_password_or_ha1): return False if not (self.verify_nonce_callback(request, auth.nonce)) or not ( self.verify_opaque_callback(request, auth.opaque)): return False if self.use_ha1_pw: ha1 = stored_password_or_ha1 else: a1 = ":".join([auth.username, auth.realm, stored_password_or_ha1]) ha1 = md5(a1.encode("utf-8")).hexdigest() if self.qop == "auth" or self.qop is None: a2 = ":".join([request.method, auth.uri]) ha2 = md5(a2.encode("utf-8")).hexdigest() elif self.qop == "auth-int": raise NotImplementedError( "Not Implemented digest auth with qop auth-int") if self.qop == "auth" or self.qop == "auth-int": a3 = ":".join( [ha1, auth.nonce, auth.nc, auth.cnonce, self.qop, ha2]) response = md5(a3.encode("utf-8")).hexdigest() else: a3 = ":".join([ha1, auth.nonce, ha2]) response = md5(a3.encode("utf-8")).hexdigest() return safe_str_cmp(response, auth.response)
def default_verify_nonce(request, nonce): if use_session: session_nonce = request.ctx.session.get("auth_nonce") else: session_nonce = self.nonce if nonce is None or session_nonce is None: return False return safe_str_cmp(nonce, session_nonce)
def default_verify_opaque(request, opaque): if not self.use_opaque: return True if use_session: session_opaque = request.ctx.session.get("auth_opaque") else: session_opaque = self.opaque if opaque is None or session_opaque is None: return False return safe_str_cmp(opaque, session_opaque)
def authenticate(self, request, auth, stored_password_or_ha1): if (not auth or not auth.username or not auth.realm or not auth.uri or not auth.nonce or not auth.response or not stored_password_or_ha1): return False if not (self.verify_nonce_callback(request, auth.nonce)) or not ( self.verify_opaque_callback(request, auth.opaque)): return False if self.use_ha1_pw: ha1 = stored_password_or_ha1 else: a1 = ":".join([auth.username, auth.realm, stored_password_or_ha1]) ha1 = md5(a1.encode("utf-8")).hexdigest() a2 = ":".join([request.method, auth.uri]) ha2 = md5(a2.encode("utf-8")).hexdigest() a3 = ":".join([ha1, auth.nonce, ha2]) response = md5(a3.encode("utf-8")).hexdigest() return safe_str_cmp(response, auth.response)
def authenticate(self, request, auth, stored_password): if auth: username = auth.username client_password = auth.password else: username = "" client_password = "" if self.verify_password_callback: return self.verify_password_callback(username, client_password) if not auth: return False if self.hash_password_callback: try: client_password = self.hash_password_callback(client_password) except TypeError: client_password = self.hash_password_callback( username, client_password) return (client_password is not None and stored_password is not None and safe_str_cmp(client_password, stored_password))
def default_verify_opaque(request, opaque): session_opaque = request["session"].get("auth_opaque") if opaque is None or session_opaque is None: return False return safe_str_cmp(opaque, session_opaque)
def default_verify_nonce(request, nonce): session_nonce = request["session"].get("auth_nonce") if nonce is None or session_nonce is None: return False return safe_str_cmp(nonce, session_nonce)