def test_build_challenge_response(self):
response = HttpDigestAuthenticator().build_challenge_response()
self.assertEqual(401, response.status_code)
self.assertEqual('digest ', response["WWW-Authenticate"][:7].lower())
parts = parse_parts(response["WWW-Authenticate"][7:])
self.assertEqual(DEFAULT_REALM, parts['realm'])
with patch(settings, DIGEST_REALM='CUSTOM'):
response = HttpDigestAuthenticator().build_challenge_response()
parts = parse_parts(response["WWW-Authenticate"][7:])
self.assertEqual('CUSTOM', parts['realm'])
def test_build_challenge_response(self):
response = HttpDigestAuthenticator().build_challenge_response()
self.assertEqual(401, response.status_code)
self.assertEqual('digest ', response["WWW-Authenticate"][:7].lower())
parts = parse_parts(response["WWW-Authenticate"][7:])
self.assertEqual(DEFAULT_REALM, parts['realm'])
with patch(settings, DIGEST_REALM='CUSTOM'):
response = HttpDigestAuthenticator().build_challenge_response()
parts = parse_parts(response["WWW-Authenticate"][7:])
self.assertEqual('CUSTOM', parts['realm'])
def parse_digest_challenge(authentication_header):
'''
Parses the value of a 'WWW-Authenticate' header. Returns an object with properties
corresponding to each of the recognized parameters in the header.
'''
if not is_digest_challenge(authentication_header):
return None
parts = parse_parts(authentication_header[7:],
defaults={
'algorithm': 'MD5',
'stale': 'false'
})
if not _check_required_parts(parts, _REQUIRED_DIGEST_CHALLENGE_PARTS):
return None
parts['stale'] = parts['stale'].lower() == 'true'
digest_challenge = DigestChallenge(
**{
part_name: part
for part_name, part in six.iteritems(parts)
if part_name in _REQUIRED_DIGEST_CHALLENGE_PARTS
})
if ('MD5', 'auth') != (digest_challenge.algorithm, digest_challenge.qop):
return None
return digest_challenge
def parse_digest_response(digest_response_string):
'''
Parse the parameters of a Digest response. The input is a comma separated list of
token=(token|quoted-string). See RFCs 2616 and 2617 for details.
Known issue: this implementation will fail if there are commas embedded in quoted-strings.
'''
parts = parse_parts(digest_response_string, defaults={'algorithm': 'MD5'})
if not _check_required_parts(parts, _REQUIRED_DIGEST_RESPONSE_PARTS):
return None
if not parts['nc'] or [
c for c in parts['nc'] if not c in '0123456789abcdefABCDEF'
]:
return None
parts['nc'] = int(parts['nc'], 16)
digest_response = DigestResponse(
**{
part_name: part
for part_name, part in six.iteritems(parts)
if part_name in _REQUIRED_DIGEST_RESPONSE_PARTS
})
if ('MD5', 'auth') != (digest_response.algorithm, digest_response.qop):
return None
return digest_response
def parse_digest_challenge(authentication_header):
'''
Parses the value of a 'WWW-Authenticate' header. Returns an object with properties
corresponding to each of the recognized parameters in the header.
'''
if not is_digest_challenge(authentication_header):
return None
parts = parse_parts(authentication_header[7:], defaults={'algorithm': 'MD5',
'stale': 'false'})
if not _check_required_parts(parts, _REQUIRED_DIGEST_CHALLENGE_PARTS):
return None
parts['stale'] = parts['stale'].lower() == 'true'
digest_challenge = _build_object_from_parts(parts, _REQUIRED_DIGEST_CHALLENGE_PARTS)
if ('MD5', 'auth') != (digest_challenge.algorithm, digest_challenge.qop):
return None
return digest_challenge
def parse_digest_response(digest_response_string):
'''
Parse the parameters of a Digest response. The input is a comma separated list of
token=(token|quoted-string). See RFCs 2616 and 2617 for details.
Known issue: this implementation will fail if there are commas embedded in quoted-strings.
'''
parts = parse_parts(digest_response_string, defaults={'algorithm': 'MD5'})
if not _check_required_parts(parts, _REQUIRED_DIGEST_RESPONSE_PARTS):
return None
if not parts['nc'] or [c for c in parts['nc'] if not c in '0123456789abcdefABCDEF']:
return None
parts['nc'] = int(parts['nc'], 16)
digest_response = _build_object_from_parts(parts, _REQUIRED_DIGEST_RESPONSE_PARTS)
if ('MD5', 'auth') != (digest_response.algorithm, digest_response.qop):
return None
return digest_response