def _get_digest_header(self, username, password, method, uri, digest_challenge): return python_digest.build_authorization_request( username, method.upper(), uri, 1, # nonce_count digest_challenge=digest_challenge, password=password)
def _get_digest_header(self, username, password, method, uri, digest_challenge): return python_digest.build_authorization_request( username, method.upper(), uri, 1, # nonce_count digest_challenge=digest_challenge, password=password )
def _get_http_auth_header(username, password, uri): return build_authorization_request( username, 'GET', uri, 3, nonce=calculate_nonce(time.time(), settings.SECRET_KEY), realm='DJANGO', opaque='myopaque', password=password, )
def http_auth_digest_headers(self, **kwargs): username, password = self.wsock.auth yield 'Authorization', build_authorization_request( username=username.encode('utf-8'), method='GET', uri=self.wsock.location, nonce_count=0, realm=kwargs['realm'], nonce=kwargs['nonce'], opaque=kwargs['opaque'], password=password.encode('utf-8'))
def handle_digest_auth(self, response: str) -> None: wsuri = self._wsuri challenge = parse_digest_challenge(response) if challenge is None: raise AuthenticationRequest(response) kd = build_authorization_request(wsuri.user_info[0], 'GET', wsuri.resource_name, 1, challenge, password=wsuri.user_info[1]) return kd
def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request['WWW-Authenticate'].find('Digest'), 0) self.assertEqual( auth_request['WWW-Authenticate'].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find(' opaque=') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find('nonce=') > 0, True) # Wrong basic auth details. request.META['HTTP_AUTHORIZATION'] = 'abcdefg' auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel:pass') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username='******') request.META[ 'HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( john_doe.username, request.method, '/', # uri 1, # nonce_count digest_challenge=auth_request['WWW-Authenticate'], password=john_doe.api_key.key) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)
def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # Simulate sending the signal. john_doe = User.objects.get(username='******') create_api_key(User, instance=john_doe, created=True) # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request['WWW-Authenticate'].find('Digest'), 0) self.assertEqual(auth_request['WWW-Authenticate'].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find(' opaque=') > 0, True) self.assertEqual(auth_request['WWW-Authenticate'].find('nonce=') > 0, True) # Wrong basic auth details. request.META['HTTP_AUTHORIZATION'] = 'abcdefg' auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META['HTTP_AUTHORIZATION'] = base64.b64encode('daniel:pass') auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username='******') request.META['HTTP_AUTHORIZATION'] = python_digest.build_authorization_request( john_doe.username, request.method, '/', # uri 1, # nonce_count digest_challenge=auth_request['WWW-Authenticate'], password=john_doe.api_key.key ) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)
def test_is_authenticated(self): auth = DigestAuthentication() request = HttpRequest() # No HTTP Basic auth details should fail. auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # HttpUnauthorized with auth type and realm self.assertEqual(auth_request["WWW-Authenticate"].find("Digest"), 0) self.assertEqual(auth_request["WWW-Authenticate"].find(' realm="django-tastypie"') > 0, True) self.assertEqual(auth_request["WWW-Authenticate"].find(" opaque=") > 0, True) self.assertEqual(auth_request["WWW-Authenticate"].find("nonce=") > 0, True) # Wrong basic auth details. request.META["HTTP_AUTHORIZATION"] = "abcdefg" auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # No password. request.META["HTTP_AUTHORIZATION"] = base64.b64encode("daniel") auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Wrong user/password. request.META["HTTP_AUTHORIZATION"] = base64.b64encode("daniel:pass") auth_request = auth.is_authenticated(request) self.assertEqual(isinstance(auth_request, HttpUnauthorized), True) # Correct user/password. john_doe = User.objects.get(username="******") john_doe.set_password("pass") create_api_key(User, instance=john_doe, created=True) request.META["HTTP_AUTHORIZATION"] = python_digest.build_authorization_request( john_doe.username, request.method, "/", # uri 1, # nonce_count digest_challenge=auth_request["WWW-Authenticate"], password=john_doe.api_key.key, ) auth_request = auth.is_authenticated(request) self.assertEqual(auth_request, True)
def create_mock_request(self, username='******', realm=None, method='GET', uri='/dummy/uri', nonce=None, request_digest=None, algorithm=None, opaque='dummy-opaque', qop='auth', nonce_count=1, client_nonce=None, password='******', request_path=None): if not realm: realm = get_setting('DIGEST_REALM', DEFAULT_REALM) if not nonce: nonce=python_digest.calculate_nonce(time.time(), secret=settings.SECRET_KEY) if not request_path: request_path = uri header = python_digest.build_authorization_request( username=username, realm=realm, method=method, uri=uri, nonce=nonce, opaque=opaque, nonce_count=nonce_count, password=password, request_digest=request_digest, client_nonce=client_nonce) request = self.create_mock_request_for_header(header) expect(request.method).result(method) expect(request.path).result(request_path) return request
def authorization(self, request, response): if response is not None: challenges = self._authenticate_headers(response) if 'Digest' not in challenges: raise WWWAuthenticateError( 'Digest authentication unsupported for %s to %r.' % (response.request['REQUEST_METHOD'], response.request['PATH_INFO']) ) self.digest_challenge = challenges['Digest'] elif self.digest_challenge is None: return self.nonce_count += 1 return build_authorization_request( username=self.username, method=request['REQUEST_METHOD'], uri=quote(request['PATH_INFO']), nonce_count=self.nonce_count, digest_challenge=self.digest_challenge, password=self.password )