diff options
Diffstat (limited to 'wsgitools/digest.py')
-rwxr-xr-x | wsgitools/digest.py | 38 |
1 files changed, 29 insertions, 9 deletions
diff --git a/wsgitools/digest.py b/wsgitools/digest.py index 0aca584..1339fbb 100755 --- a/wsgitools/digest.py +++ b/wsgitools/digest.py @@ -77,22 +77,27 @@ class NonceStoreBase: """Nonce storage interface.""" def __init__(self): pass - def newnonce(self): + def newnonce(self, ident=None): """ This method is to be overriden and should return new nonces. + @type ident: str + @param ident: is an identifier to be associated with this nonce @rtype: str """ raise NotImplementedError - def isnonce(self, nonce): + def isnonce(self, nonce, ident=None): """ This method is to be overridden and should do a quick check for whether the given nonce has a chance to be a valid one. This function must not return false for a stale nonce. @type nonce: str + @type ident: str + @param ident: it is also checked that the nonce was associated to this + identifier when given @rtype: bool """ raise NotImplementedError - def checknonce(self, nonce, count=1): + def checknonce(self, nonce, count=1, ident=None): """ This method is to be overridden and should do a thorough check for whether the given nonce is a valid as being used count times. @@ -100,6 +105,9 @@ class NonceStoreBase: @type count: int @param count: indicates how often the nonce has been used (including this check) + @type ident: str + @param ident: it is also checked that the nonce was associated to this + identifier when given @rtype: bool """ raise NotImplementedError @@ -140,7 +148,7 @@ class StatelessNonceStore(NonceStoreBase): self.server_secret = ("%066X" % sysrand.getrandbits(33*8) ).decode("hex").encode("base64").strip() - def newnonce(self): + def newnonce(self, ident=None): """ Generates a new nonce string. @rtype: str @@ -149,10 +157,12 @@ class StatelessNonceStore(NonceStoreBase): nonce_value = ("%066X" % sysrand.getrandbits(33*8) ).decode("hex").encode("base64").strip() token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret) + if ident is not None: + token = "%s:%s" % (token, ident) token = md5(token).hexdigest() return "%s:%s:%s" % (nonce_time, nonce_value, token) - def isnonce(self, nonce): + def isnonce(self, nonce, ident=None): """ Do a quick a stateless check for whether the provides string might be a nonce. @@ -164,10 +174,12 @@ class StatelessNonceStore(NonceStoreBase): except ValueError: return False token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret) + if ident is not None: + token = "%s:%s" % (token, ident) token = md5(token).hexdigest() return nonce_hash == token - def checknonce(self, nonce, count=1): + def checknonce(self, nonce, count=1, ident=None): """ Do a thorough check for whether the provided string is a nonce and increase usage count on returning True. @@ -182,6 +194,8 @@ class StatelessNonceStore(NonceStoreBase): except ValueError: return False token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret) + if ident is not None: + token = "%s:%s" % (token, ident) token = md5(token).hexdigest() if token != nonce_hash: return False @@ -218,7 +232,7 @@ class MemoryNonceStore(NonceStoreBase): while self.nonces and self.nonces[0][0] < old: self.nonces.pop(0) - def newnonce(self): + def newnonce(self, ident=None): """ Generates a new nonce string. @rtype: str @@ -229,10 +243,12 @@ class MemoryNonceStore(NonceStoreBase): ).decode("hex").encode("base64").strip() self.nonces.append((nonce_time, nonce_value, 1)) token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret) + if ident is not None: + token = "%s:%s" % (token, ident) token = md5(token).hexdigest() return "%s:%s:%s" % (nonce_time, nonce_value, token) - def isnonce(self, nonce): + def isnonce(self, nonce, ident=None): """ Do a quick a stateless check for whether the provides string might be a nonce. @@ -244,10 +260,12 @@ class MemoryNonceStore(NonceStoreBase): except ValueError: return False token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret) + if ident is not None: + token = "%s:%s" % (nonce, ident) token = md5(token).hexdigest() return nonce_hash == token - def checknonce(self, nonce, count=1): + def checknonce(self, nonce, count=1, ident=None): """ Do a thorough check for whether the provided string is a nonce and increase usage count on returning True. @@ -260,6 +278,8 @@ class MemoryNonceStore(NonceStoreBase): except ValueError: return False token = "%s:%s:%s" % (nonce_time, nonce_value, self.server_secret) + if ident is not None: + token = "%s:%s" % (token, ident) token = md5(token).hexdigest() if token != nonce_hash: return False |