summaryrefslogtreecommitdiff
path: root/wsgitools/digest.py
diff options
context:
space:
mode:
authorHelmut Grohne <helmut@subdivi.de>2008-10-14 13:54:27 +0200
committerHelmut Grohne <helmut@subdivi.de>2008-10-14 13:54:27 +0200
commitbf0a9387e8d947b9f32d696731082da828059a15 (patch)
tree5ed671a0b4e0c54ded4d1178f9a3c627052eac3a /wsgitools/digest.py
parent93374eaaace42da6c89663f09fcbbf2afcb3637c (diff)
downloadwsgitools-bf0a9387e8d947b9f32d696731082da828059a15.tar.gz
extended digest.NonceStoreBase interface
The methods now take an optional last parameter called ident. It can be used to bind nonces to specific uses within one NonceStore.
Diffstat (limited to 'wsgitools/digest.py')
-rwxr-xr-xwsgitools/digest.py38
1 files changed, 29 insertions, 9 deletions
diff --git a/wsgitools/digest.py b/wsgitools/digest.py
index 0aca584..1339fbb 100755
--- a/wsgitools/digest.py
+++ b/wsgitools/digest.py
@@ -77,22 +77,27 @@ class NonceStoreBase:
"""Nonce storage interface."""
def __init__(self):
pass
- def newnonce(self):
+ def newnonce(self, ident=None):
"""
This method is to be overriden and should return new nonces.
+ @type ident: str
+ @param ident: is an identifier to be associated with this nonce
@rtype: str
"""
raise NotImplementedError
- def isnonce(self, nonce):
+ def isnonce(self, nonce, ident=None):
"""
This method is to be overridden and should do a quick check for whether
the given nonce has a chance to be a valid one. This function must not
return false for a stale nonce.
@type nonce: str
+ @type ident: str
+ @param ident: it is also checked that the nonce was associated to this
+ identifier when given
@rtype: bool
"""
raise NotImplementedError
- def checknonce(self, nonce, count=1):
+ def checknonce(self, nonce, count=1, ident=None):
"""
This method is to be overridden and should do a thorough check for
whether the given nonce is a valid as being used count times.
@@ -100,6 +105,9 @@ class NonceStoreBase:
@type count: int
@param count: indicates how often the nonce has been used (including
this check)
+ @type ident: str
+ @param ident: it is also checked that the nonce was associated to this
+ identifier when given
@rtype: bool
"""
raise NotImplementedError
@@ -140,7 +148,7 @@ class StatelessNonceStore(NonceStoreBase):
self.server_secret = ("%066X" % sysrand.getrandbits(33*8)
).decode("hex").encode("base64").strip()
- def newnonce(self):
+ def newnonce(self, ident=None):
"""
Generates a new nonce string.
@rtype: str
@@ -149,10 +157,12 @@ class StatelessNonceStore(NonceStoreBase):
nonce_value = ("%066X" % sysrand.getrandbits(33*8)
).decode("hex").encode("base64").strip()
token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret)
+ if ident is not None:
+ token = "%s:%s" % (token, ident)
token = md5(token).hexdigest()
return "%s:%s:%s" % (nonce_time, nonce_value, token)
- def isnonce(self, nonce):
+ def isnonce(self, nonce, ident=None):
"""
Do a quick a stateless check for whether the provides string might
be a nonce.
@@ -164,10 +174,12 @@ class StatelessNonceStore(NonceStoreBase):
except ValueError:
return False
token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret)
+ if ident is not None:
+ token = "%s:%s" % (token, ident)
token = md5(token).hexdigest()
return nonce_hash == token
- def checknonce(self, nonce, count=1):
+ def checknonce(self, nonce, count=1, ident=None):
"""
Do a thorough check for whether the provided string is a nonce and
increase usage count on returning True.
@@ -182,6 +194,8 @@ class StatelessNonceStore(NonceStoreBase):
except ValueError:
return False
token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret)
+ if ident is not None:
+ token = "%s:%s" % (token, ident)
token = md5(token).hexdigest()
if token != nonce_hash:
return False
@@ -218,7 +232,7 @@ class MemoryNonceStore(NonceStoreBase):
while self.nonces and self.nonces[0][0] < old:
self.nonces.pop(0)
- def newnonce(self):
+ def newnonce(self, ident=None):
"""
Generates a new nonce string.
@rtype: str
@@ -229,10 +243,12 @@ class MemoryNonceStore(NonceStoreBase):
).decode("hex").encode("base64").strip()
self.nonces.append((nonce_time, nonce_value, 1))
token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret)
+ if ident is not None:
+ token = "%s:%s" % (token, ident)
token = md5(token).hexdigest()
return "%s:%s:%s" % (nonce_time, nonce_value, token)
- def isnonce(self, nonce):
+ def isnonce(self, nonce, ident=None):
"""
Do a quick a stateless check for whether the provides string might
be a nonce.
@@ -244,10 +260,12 @@ class MemoryNonceStore(NonceStoreBase):
except ValueError:
return False
token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret)
+ if ident is not None:
+ token = "%s:%s" % (nonce, ident)
token = md5(token).hexdigest()
return nonce_hash == token
- def checknonce(self, nonce, count=1):
+ def checknonce(self, nonce, count=1, ident=None):
"""
Do a thorough check for whether the provided string is a nonce and
increase usage count on returning True.
@@ -260,6 +278,8 @@ class MemoryNonceStore(NonceStoreBase):
except ValueError:
return False
token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret)
+ if ident is not None:
+ token = "%s:%s" % (token, ident)
token = md5(token).hexdigest()
if token != nonce_hash:
return False