diff options
Diffstat (limited to 'wsgitools/digest.py')
-rw-r--r-- | wsgitools/digest.py | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/wsgitools/digest.py b/wsgitools/digest.py index cbb902e..53b7dea 100644 --- a/wsgitools/digest.py +++ b/wsgitools/digest.py @@ -720,11 +720,8 @@ class AuthDigestMiddleware: if response is None or response != credresponse: raise AuthenticationRequired("wrong response") - except StaleNonce: - return self.authorization_required(environ, start_response, - stale=True) - except AuthenticationRequired: - return self.authorization_required(environ, start_response) + except AuthenticationRequired, exc: + return self.authorization_required(environ, start_response, exc) else: environ["REMOTE_USER"] = credentials["username"] def modified_start_response(status, headers, exc_info=None): @@ -773,18 +770,28 @@ class AuthDigestMiddleware: dig.insert(0, a1h) return self.algorithms[algo](":".join(dig)) - def authorization_required(self, environ, start_response, stale=False): - """internal method implementing wsgi interface, serving 401 page""" + def www_authenticate(self, exception): + """Generates a WWW-Authenticate header. + + @type exception: AuthenticationRequired + @param exception: reason for generating the header + @rtype: (str, str) + @returns: the header as (part_before_colon, part_after_colon) + """ digest = dict(nonce=self.noncestore.newnonce(), realm=self.gentoken.realm, algorithm="md5", qop="auth") - if stale: + if isinstance(exception, StaleNonce): digest["stale"] = "TRUE" challenge = ", ".join(map('%s="%s"'.__mod__, digest.items())) + return ("WWW-Authenticate", "Digest %s" % challenge) + + def authorization_required(self, environ, start_response, exception): + """internal method implementing wsgi interface, serving 401 page""" status = "401 Not authorized" headers = [("Content-type", "text/html"), - ("WWW-Authenticate", "Digest %s" % challenge)] + self.www_authenticate(exception)] data = "<html><head><title>401 Not authorized</title></head><body><h1>" data += "401 Not authorized</h1></body></html>" headers.append(("Content-length", str(len(data)))) |