class DigestCredentialFactory: (source)
Constructor: DigestCredentialFactory(algorithm, authenticationRealm)
Support for RFC2617 HTTP Digest Authentication
Parameters | |
algorithm | Case insensitive string specifying the hash algorithm to use. Must be either 'md5' or 'sha'. 'md5-sess' is not supported. |
authentication | case sensitive string that specifies the realm portion of the challenge |
Method | __init__ |
Undocumented |
Method | decode |
Decode the given response and attempt to generate a DigestedCredentials from it. |
Method | get |
Generate the challenge for use in the WWW-Authenticate header. |
Constant | CHALLENGE |
The number of seconds for which an opaque should be valid. |
Class Variable | scheme |
Undocumented |
Instance Variable | algorithm |
Undocumented |
Instance Variable | authentication |
Undocumented |
Instance Variable | private |
A random string used for generating the secure opaque. |
Method | _generate |
Create a random value suitable for use as the nonce parameter of a WWW-Authenticate challenge. |
Method | _generate |
Generate an opaque to be returned to the client. This is a unique string that can be returned to us and verified. |
Method | _get |
Parameterize the time based seed used in _generateOpaque so we can deterministically unittest it's behavior. |
Method | _verify |
Given the opaque and nonce from the request, as well as the client IP that made the request, verify that the opaque was generated by us. And that it's not too old. |
Class Variable | _parseparts |
Undocumented |
Decode the given response and attempt to generate a DigestedCredentials
from it.
Parameters | |
response:bytes | A string of comma separated key=value pairs |
method:bytes | The action requested to which this response is addressed (GET, POST, INVITE, OPTIONS, etc). |
host:bytes | The address the request was sent from. |
Returns | |
DigestedCredentials | |
Raises | |
error.LoginFailed | If the response does not contain a username, a nonce, an opaque, or if the opaque is invalid. |
Generate the challenge for use in the WWW-Authenticate header.
Parameters | |
address | The client address to which this challenge is being sent. |
Returns | |
The dict that can be used to generate a WWW-Authenticate header. |
Create a random value suitable for use as the nonce parameter of a WWW-Authenticate challenge.
Returns | |
bytes | Undocumented |
Generate an opaque to be returned to the client. This is a unique string that can be returned to us and verified.
Parameterize the time based seed used in _generateOpaque so we can deterministically unittest it's behavior.
Given the opaque and nonce from the request, as well as the client IP that made the request, verify that the opaque was generated by us. And that it's not too old.
Parameters | |
opaque | The opaque value from the Digest response |
nonce | The nonce value from the Digest response |
clientip | The remote IP address of the client making the request or None if the request was submitted over a channel where this does not make sense. |
Returns | |
True if the opaque was successfully verified. | |
Raises | |
error.LoginFailed | if opaque could not be parsed or contained the wrong values. |