def __init__(self, auth_header, http_method, debug = False): self.http_method = http_method self.debug = debug scheme, params = auth_header.split(' ', 1) self.scheme = scheme.lower() if self.scheme != 'digest': raise ValueError('Authorization scheme is not "Digest"') self.auth_header = auth_header items = parse_http_list(params) paramsd = parse_keqv_list(items) self.realm = paramsd.get('realm') self.username = paramsd.get('username') self.nonce = paramsd.get('nonce') self.uri = paramsd.get('uri') self.method = paramsd.get('method') self.response = paramsd.get('response') self.algorithm = paramsd.get('algorithm', 'MD5') self.cnonce = paramsd.get('cnonce') self.opaque = paramsd.get('opaque') self.qop = paramsd.get('qop') self.nc = paramsd.get('nc') if self.algorithm not in valid_algorithms: raise ValueError(self.errmsg("Unsupported value for algorithm: '%s'" % self.algorithm)) has_reqd = self.username and self.realm and self.nonce and self.uri and self.response if not has_reqd: raise ValueError(self.errmsg('Not all required parameters are present.')) if self.qop: if self.qop not in valid_qops: raise ValueError(self.errmsg("Unsupported value for qop: '%s'" % self.qop)) if not (self.cnonce and self.nc): raise ValueError(self.errmsg('If qop is sent then cnonce and nc MUST be present')) elif self.cnonce or self.nc: raise ValueError(self.errmsg('If qop is not sent, neither cnonce nor nc can be present'))
def _parseDigestAuthorization(auth_params): items = parse_http_list(auth_params) params = parse_keqv_list(items) required = ['username', 'realm', 'nonce', 'uri', 'response'] for k in required: if k not in params: return None if 'qop' in params and not ('cnonce' in params and 'nc' in params): return None if ('cnonce' in params or 'nc' in params) and 'qop' not in params: return None return params
def __init__(self, auth_header, http_method, debug=False): self.http_method = http_method self.debug = debug scheme, params = auth_header.split(" ", 1) self.scheme = scheme.lower() if self.scheme != "digest": raise ValueError('Authorization scheme is not "Digest"') self.auth_header = auth_header # make a dict of the params items = parse_http_list(params) paramsd = parse_keqv_list(items) self.realm = paramsd.get("realm") self.username = paramsd.get("username") self.nonce = paramsd.get("nonce") self.uri = paramsd.get("uri") self.method = paramsd.get("method") self.response = paramsd.get("response") # the response digest self.algorithm = paramsd.get("algorithm", "MD5").upper() self.cnonce = paramsd.get("cnonce") self.opaque = paramsd.get("opaque") self.qop = paramsd.get("qop") # qop self.nc = paramsd.get("nc") # nonce count # perform some correctness checks if self.algorithm not in valid_algorithms: raise ValueError(self.errmsg("Unsupported value for algorithm: '%s'" % self.algorithm)) has_reqd = self.username and self.realm and self.nonce and self.uri and self.response if not has_reqd: raise ValueError(self.errmsg("Not all required parameters are present.")) if self.qop: if self.qop not in valid_qops: raise ValueError(self.errmsg("Unsupported value for qop: '%s'" % self.qop)) if not (self.cnonce and self.nc): raise ValueError(self.errmsg("If qop is sent then " "cnonce and nc MUST be present")) else: if self.cnonce or self.nc: raise ValueError(self.errmsg("If qop is not sent, " "neither cnonce nor nc can be present"))
def _parseDigestAuthorization(auth_params): # Convert the auth params to a dict items = parse_http_list(auth_params) params = parse_keqv_list(items) # Now validate the params # Check for required parameters required = ['username', 'realm', 'nonce', 'uri', 'response'] for k in required: if k not in params: return None # If qop is sent then cnonce and nc MUST be present if 'qop' in params and not ('cnonce' in params and 'nc' in params): return None # If qop is not sent, neither cnonce nor nc can be present if ('cnonce' in params or 'nc' in params) and 'qop' not in params: return None return params
def _parseDigestAuthorization(auth_params): # Convert the auth params to a dict items = parse_http_list(auth_params) params = parse_keqv_list(items) # Now validate the params # Check for required parameters required = ["username", "realm", "nonce", "uri", "response"] for k in required: if k not in params: return None # If qop is sent then cnonce and nc MUST be present if "qop" in params and not ("cnonce" in params and "nc" in params): return None # If qop is not sent, neither cnonce nor nc can be present if ("cnonce" in params or "nc" in params) and \ "qop" not in params: return None return params
def _parseDigestAuthorization(auth_params): # Convert the auth params to a dict items = parse_http_list(auth_params) params = parse_keqv_list(items) # Now validate the params # Check for required parameters required = ['username', 'realm', 'nonce', 'uri', 'response'] for k in required: if k not in params: return None # If qop is sent then cnonce and nc MUST be present if 'qop' in params and not ('cnonce' in params and 'nc' in params): return None # If qop is not sent, neither cnonce nor nc can be present if ('cnonce' in params or 'nc' in params) and \ 'qop' not in params: return None return params