imacat/flask-digestauth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 15 Wiki Activity

Replaced validate_required with assert in the calc_response function, for simplicity.

Browse Source
This commit is contained in:
依瑪貓 2022-12-06 17:44:18 +08:00
parent b6bfb2eae9
commit f9e10ecb2f
1 changed files with 8 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/flask_digest_auth/algo.py
View File

@ -23,8 +23,6 @@ from __future__ import annotations
import typing as t import typing as t
from hashlib import md5 from hashlib import md5
from flask_digest_auth.exception import UnauthorizedException
def make_password_hash(realm: str, username: str, password: str) -> str: def make_password_hash(realm: str, username: str, password: str) -> str:
"""Calculates the password hash for the HTTP digest authentication. """Calculates the password hash for the HTTP digest authentication.
@ -56,31 +54,21 @@ def calc_response(
:param nc: The request counter, which must exists when qop exists. :param nc: The request counter, which must exists when qop exists.
:param body: The request body, which must exists when qop="auth-int". :param body: The request body, which must exists when qop="auth-int".
:return: The response value. :return: The response value.
:raise UnauthorizedException: When cnonce is missing with the :raise AssertionError: When cnonce is missing with the
algorithm="MD5-sess", when body is missing with qop="auth-int", or when algorithm="MD5-sess", when body is missing with qop="auth-int", or when
cnonce or nc is missing with qop exits. cnonce or nc is missing with qop exits.
""" """
def validate_required(field: t.Optional[str], error: str) -> None:
"""Validates a required field.
:param field: The field that is required.
:param error: The error message.
:return: None.
"""
if field is None:
raise UnauthorizedException(error)
def calc_ha1() -> str: def calc_ha1() -> str:
"""Calculates and returns the first hash. """Calculates and returns the first hash.
:return: The first hash. :return: The first hash.
:raise UnauthorizedException: When the cnonce is missing with :raise AssertionError: When cnonce is missing with
algorithm="MD5-sess". algorithm="MD5-sess".
""" """
if algorithm == "MD5-sess": if algorithm == "MD5-sess":
validate_required( assert cnonce is not None,\
cnonce, f"Missing \"cnonce\" with algorithm=\"{algorithm}\"") f"Missing \"cnonce\" with algorithm=\"{algorithm}\""
return md5(f"{password_hash}:{nonce}:{cnonce}".encode("utf8")) \ return md5(f"{password_hash}:{nonce}:{cnonce}".encode("utf8")) \
.hexdigest() .hexdigest()
# algorithm is None or algorithm == "MD5" # algorithm is None or algorithm == "MD5"
@ -90,11 +78,10 @@ def calc_response(
"""Calculates the second hash. """Calculates the second hash.
:return: The second hash. :return: The second hash.
:raise UnauthorizedException: When the body is missing with :raise AssertionError: When body is missing with qop="auth-int".
qop="auth-int".
""" """
if qop == "auth-int": if qop == "auth-int":
validate_required(body, f"Missing \"body\" with qop=\"{qop}\"") assert body is not None, f"Missing \"body\" with qop=\"{qop}\""
return md5( return md5(
f"{method}:{uri}:{md5(body).hexdigest()}".encode("utf8")) \ f"{method}:{uri}:{md5(body).hexdigest()}".encode("utf8")) \
.hexdigest() .hexdigest()
@ -104,8 +91,8 @@ def calc_response(
ha1: str = calc_ha1() ha1: str = calc_ha1()
ha2: str = calc_ha2() ha2: str = calc_ha2()
if qop == "auth" or qop == "auth-int": if qop == "auth" or qop == "auth-int":
validate_required(cnonce, f"Missing \"cnonce\" with the qop=\"{qop}\"") assert cnonce is not None, f"Missing \"cnonce\" with the qop=\"{qop}\""
validate_required(nc, f"Missing \"nc\" with the qop=\"{qop}\"") assert nc is not None, f"Missing \"nc\" with the qop=\"{qop}\""
return md5(f"{ha1}:{nonce}:{nc}:{cnonce}:{qop}:{ha2}".encode("utf8"))\ return md5(f"{ha1}:{nonce}:{nc}:{cnonce}:{qop}:{ha2}".encode("utf8"))\
.hexdigest() .hexdigest()
# qop is None # qop is None