summaryrefslogtreecommitdiff
path: root/wsgitools/digest.py
diff options
context:
space:
mode:
authorHelmut Grohne <helmut@subdivi.de>2008-09-22 18:14:58 +0200
committerHelmut Grohne <helmut@subdivi.de>2008-09-22 18:14:58 +0200
commit2444c54b184a5a9ad89c79d36a456a83e9150d87 (patch)
treeaba830301ecdd3d8c6b0ec01cefdd7e9b4a0c333 /wsgitools/digest.py
parent19a1e48be4de4c2dc08c370ac2a2b941ad28b402 (diff)
downloadwsgitools-2444c54b184a5a9ad89c79d36a456a83e9150d87.tar.gz
improve digest.NonceStoreBase.checknonce interface
Diffstat (limited to 'wsgitools/digest.py')
-rwxr-xr-xwsgitools/digest.py39
1 files changed, 18 insertions, 21 deletions
diff --git a/wsgitools/digest.py b/wsgitools/digest.py
index 8c5bc0f..c943c92 100755
--- a/wsgitools/digest.py
+++ b/wsgitools/digest.py
@@ -90,13 +90,14 @@ class NonceStoreBase:
@rtype: bool
"""
raise NotImplementedError
- def checknonce(self, nonce, qop, nc):
+ def checknonce(self, nonce, count=1):
"""
This method is to be overridden and should do a thorough check for
- whether the given nonce is a valid one taking qop and nc into account.
+ whether the given nonce is a valid as being used count times.
@type nonce: str
- @type qop: str or None
- @type nc: str or None
+ @type count: int
+ @param count: indicates how often the nonce has been used (including
+ this check)
@rtype: bool
"""
raise NotImplementedError
@@ -164,15 +165,16 @@ class StatelessNonceStore(NonceStoreBase):
token = md5(token).hexdigest()
return nonce_hash == token
- def checknonce(self, nonce, qop, nc):
+ def checknonce(self, nonce, count=1):
"""
Do a thorough check for whether the provided string is a nonce and
increase usage count on returning True.
@type nonce: str
- @type qop: str or None
- @type nc: str or None
+ @type count: int
@rtype: bool
"""
+ if count != 1:
+ return False
try:
nonce_time, nonce_value, nonce_hash = nonce.split(':')
except ValueError:
@@ -243,13 +245,12 @@ class MemoryNonceStore(NonceStoreBase):
token = md5(token).hexdigest()
return nonce_hash == token
- def checknonce(self, nonce, qop, nc):
+ def checknonce(self, nonce, count=1):
"""
Do a thorough check for whether the provided string is a nonce and
increase usage count on returning True.
@type nonce: str
- @type qop: str or None
- @type nc: str or None
+ @type count: int
@rtype: bool
"""
try:
@@ -260,13 +261,6 @@ class MemoryNonceStore(NonceStoreBase):
token = md5(token).hexdigest()
if token != nonce_hash:
return False
- if qop is None:
- nc = 1
- else:
- try:
- nc = long(nc, 16)
- except (KeyError, ValueError):
- return False
self._cleanup() # avoid stale nonces
@@ -282,7 +276,7 @@ class MemoryNonceStore(NonceStoreBase):
(nt, nv, uses) = self.nonces[lower]
if nt != nonce_time or nv != nonce_value:
return False
- if nc != uses:
+ if count != uses:
del self.nonces[lower]
return False
if uses >= self.maxuses:
@@ -380,9 +374,12 @@ class AuthDigestMiddleware:
if response is None or response != credentials["response"]:
raise AuthenticationRequired
- if not self.noncestore.checknonce(credentials["nonce"],
- credentials.get("qop"),
- credentials.get("nc")):
+ noncecount = 1
+ if credentials.get("qop") is not None:
+ # raises ValueError
+ noncecount = long(credentials["nc"], 16)
+
+ if not self.noncestore.checknonce(credentials["nonce"], noncecount):
return self.authorization_required(environ, start_response,
stale=True) # stale nonce!