summaryrefslogtreecommitdiff
path: root/wsgitools
diff options
context:
space:
mode:
authorHelmut Grohne <helmut@subdivi.de>2007-05-08 23:32:39 +0200
committerHelmut Grohne <helmut@subdivi.de>2007-05-08 23:32:39 +0200
commit1683a4177f2fd8f35fc8004aa4e8e2930bc5aadd (patch)
treee87c2aff6bc2f2bc3e3ea95e596a65d6766e744b /wsgitools
parent65e902ca6c77ffa5e442004f8ef25b6790f9c5a3 (diff)
downloadwsgitools-1683a4177f2fd8f35fc8004aa4e8e2930bc5aadd.tar.gz
rearrange nonce checking to comply with RFC2617 in wsgitools.digest
Diffstat (limited to 'wsgitools')
-rwxr-xr-xwsgitools/digest.py8
1 files changed, 4 insertions, 4 deletions
diff --git a/wsgitools/digest.py b/wsgitools/digest.py
index 244eb98..a0eb973 100755
--- a/wsgitools/digest.py
+++ b/wsgitools/digest.py
@@ -129,16 +129,16 @@ class AuthDigestMiddleware:
if not self.is_nonce(credentials): # riases KeyError, ValueError
raise AuthenticationRequired
- if not self.check_nonce(credentials): # raises KeyError, ValueError
- return self.authorization_required(environ, start_response,
- stale=True) # stale nonce!
-
# raises KeyError, ValueError
response = self.auth_response(credentials,
environ["REQUEST_METHOD"])
if response is None or response != credentials["response"]:
raise AuthenticationRequired
+ if not self.check_nonce(credentials): # raises KeyError, ValueError
+ return self.authorization_required(environ, start_response,
+ stale=True) # stale nonce!
+
except (KeyError, ValueError, AuthenticationRequired):
return self.authorization_required(environ, start_response)
else: