kennethreitz/httpbin
1
0
Fork 0
mirror of https://github.com/kennethreitz/httpbin.git synced 2026-06-05 14:50:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improve when stale is reported

Browse Source 
- when authentication fails cookie „last_nonce” is set, this cookie is used to check that next
  authentication is not used for next authentication attempt. If it is challenge response is send
  with stale=true flag.
This commit is contained in:
Marek Ruszczak
2017-07-06 08:14:03 +02:00
parent 791e31cba4
commit 8f93e11699
1 changed files with 25 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
httpbin/core.py
+25 -10
View File
@@ -21,6 +21,7 @@ from six.moves import range as xrange
from werkzeug.datastructures import WWWAuthenticate, MultiDict
from werkzeug.http import http_date
from werkzeug.wrappers import BaseResponse
from werkzeug.http import parse_authorization_header
from raven.contrib.flask import Sentry
from . import filters
@@ -466,26 +467,40 @@ def digest_auth(qop=None, user='user', passwd='passwd', algorithm='MD5', stale_a
qop = None
if 'Authorization' not in request.headers or \
not check_digest_auth(user, passwd) or \
'Cookie' not in request.headers:
'Cookie' not in request.headers:
response = digest_challenge_response(app, qop, algorithm)
response.set_cookie('stale_after', value=stale_after)
return response
if 'stale_after' in request.cookies:
credentails = parse_authorization_header(request.headers.get('Authorization'))
if not credentails :
response = digest_challenge_response(app, qop, algorithm)
response.set_cookie('stale_after', value=stale_after)
return response
current_nonce = credentails.get('nonce')
stale_after_value = None
if 'stale_after' in request.cookies :
stale_after_value = request.cookies.get('stale_after')
if stale_after_value == '0':
response = digest_challenge_response(app, qop, algorithm, True)
response.set_cookie('stale_after', value=stale_after)
return response
if 'last_nonce' in request.cookies and current_nonce == request.cookies.get('last_nonce') or \
stale_after_value == '0' :
response = digest_challenge_response(app, qop, algorithm, True)
response.set_cookie('stale_after', value=stale_after)
response.set_cookie('last_nonce', value=current_nonce)
return response
response = jsonify(authenticated=True, user=user)
response.set_cookie('stale_after', value=next_stale_after_value(stale_after_value))
if not check_digest_auth(user, passwd) :
response = digest_challenge_response(app, qop, algorithm, False)
response.set_cookie('stale_after', value=stale_after)
response.set_cookie('last_nonce', value=current_nonce)
return response
response = jsonify(authenticated=True, user=user)
response.set_cookie('stale_after', value=stale_after)
if stale_after_value :
response.set_cookie('stale_after', value=next_stale_after_value(stale_after_value))
return response