imacat/flask-digestauth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 16 Wiki Activity

Compare commits

base: imacat:14b90de05919db183b5d974e913c2254442bc400
Branches Tags
imacat:main
imacat:v0.7.1
imacat:v0.7.0
imacat:v0.6.2
imacat:v0.6.1
imacat:v0.6.0
imacat:v0.5.0
imacat:v0.4.0
imacat:v0.3.1
imacat:v0.3.0
imacat:v0.2.4
imacat:v0.2.3
imacat:v0.2.2
imacat:v0.2.1
imacat:v0.2.0
imacat:v0.1.1
imacat:v0.1.0
..
compare: imacat:b348c872dc61ea1af52c53f07dbba650af248b59
Branches Tags
imacat:main
imacat:v0.7.1
imacat:v0.7.0
imacat:v0.6.2
imacat:v0.6.1
imacat:v0.6.0
imacat:v0.5.0
imacat:v0.4.0
imacat:v0.3.1
imacat:v0.3.0
imacat:v0.2.4
imacat:v0.2.3
imacat:v0.2.2
imacat:v0.2.1
imacat:v0.2.0
imacat:v0.1.1
imacat:v0.1.0

No commits in common. "14b90de05919db183b5d974e913c2254442bc400" and "b348c872dc61ea1af52c53f07dbba650af248b59" have entirely different histories.
14b90de059 ... b348c872dc

1 changed files with 13 additions and 21 deletions
Show Stats Expand all files Collapse all files

34
src/flask_digest_auth/auth.py
View File

@ -41,23 +41,15 @@ class DigestAuth:
:param realm: The realm.
"""
self.__serializer: URLSafeTimedSerializer \
= URLSafeTimedSerializer(token_urlsafe(32))
self.secret_key: str = token_urlsafe(32)
self.serializer: URLSafeTimedSerializer \
= URLSafeTimedSerializer(self.secret_key)
self.realm: str = "" if realm is None else realm
"""The realm. Default is an empty string."""
self.algorithm: t.Optional[str] = None
"""The algorithm, either None, ``MD5``, or ``MD5-sess``. Default is
None."""
self.use_opaque: bool = True
"""Whether to use an opaque. Default is True."""
self.__domain: t.List[str] = []
"""A list of directories that this username and password applies to.
Default is empty."""
self.__qop: t.List[str] = ["auth", "auth-int"]
"""A list of supported quality of protection supported, either
``qop``, ``auth-int``, both, or empty. Default is both."""
self.domain: t.List[str] = []
self.qop: t.List[str] = ["auth", "auth-int"]
self.app: t.Optional[Flask] = None
"""The current Flask application."""
self.__get_password_hash: BasePasswordHashGetter \
= BasePasswordHashGetter()
self.__get_user: BaseUserGetter = BaseUserGetter()
@ -161,7 +153,7 @@ class DigestAuth:
raise UnauthorizedException(
"Missing \"opaque\" in the Authorization header")
try:
self.__serializer.loads(
self.serializer.loads(
authorization.opaque, salt="opaque", max_age=1800)
except BadData:
raise UnauthorizedException("Invalid opaque")
@ -182,7 +174,7 @@ class DigestAuth:
state.stale = False
raise UnauthorizedException("Incorrect response value")
try:
self.__serializer.loads(
self.serializer.loads(
authorization.nonce,
salt="nonce" if authorization.opaque is None
else f"nonce-{authorization.opaque}")
@ -206,16 +198,16 @@ class DigestAuth:
return None
if state.opaque is not None:
return state.opaque
return self.__serializer.dumps(randbits(32), salt="opaque")
return self.serializer.dumps(randbits(32), salt="opaque")
opaque: t.Optional[str] = get_opaque()
nonce: str = self.__serializer.dumps(
nonce: str = self.serializer.dumps(
randbits(32),
salt="nonce" if opaque is None else f"nonce-{opaque}")
header: str = f"Digest realm=\"{self.realm}\""
if len(self.__domain) > 0:
domain_list: str = ",".join(self.__domain)
if len(self.domain) > 0:
domain_list: str = ",".join(self.domain)
header += f", domain=\"{domain_list}\""
header += f", nonce=\"{nonce}\""
if opaque is not None:
@ -224,8 +216,8 @@ class DigestAuth:
header += f", stale=TRUE" if state.stale else f", stale=FALSE"
if self.algorithm is not None:
header += f", algorithm=\"{self.algorithm}\""
if len(self.__qop) > 0:
qop_list: str = ",".join(self.__qop)
if len(self.qop) > 0:
qop_list: str = ",".join(self.qop)
header += f", qop=\"{qop_list}\""
return header