mirror of
https://github.com/kennethreitz/httpbin.git
synced 2026-06-05 23:00:18 +00:00
Kenneth Reitz
+10
-1
@@ -106,7 +106,7 @@ def view_patch():
|
||||
|
||||
@app.route('/delete', methods=('DELETE',))
|
||||
def view_delete():
|
||||
"""Returns DETLETE Data."""
|
||||
"""Returns DELETE Data."""
|
||||
|
||||
return jsonify(get_dict('url', 'args', 'data', 'origin', 'headers', 'json'))
|
||||
|
||||
@@ -149,6 +149,15 @@ def relative_redirect_n_times(n):
|
||||
return response
|
||||
|
||||
|
||||
@app.route('/redirect-to')
|
||||
def redirect_to():
|
||||
""" Redirect to the given URL. """
|
||||
url = request.args.get('url', '/')
|
||||
response = app.make_response('')
|
||||
response.status_code = 302
|
||||
response.headers['Location'] = url.encode('utf-8')
|
||||
return response
|
||||
|
||||
@app.route('/stream/<int:n>')
|
||||
def stream_n_messages(n):
|
||||
"""Stream n JSON messages"""
|
||||
|
||||
+19
-19
@@ -188,7 +188,7 @@ def HA1(realm, username, password):
|
||||
password))
|
||||
|
||||
|
||||
def HA2(credentails, request):
|
||||
def HA2(credentials, request):
|
||||
"""Create HA2 md5 hash
|
||||
|
||||
If the qop directive's value is "auth" or is unspecified, then HA2:
|
||||
@@ -196,9 +196,9 @@ def HA2(credentails, request):
|
||||
If the qop directive's value is "auth-int" , then HA2 is
|
||||
HA2 = md5(A2) = MD5(method:digestURI:MD5(entityBody))
|
||||
"""
|
||||
if credentails.get("qop") == "auth" or credentails.get('qop') is None:
|
||||
if credentials.get("qop") == "auth" or credentials.get('qop') is None:
|
||||
return H("%s:%s" % (request['method'], request['uri']))
|
||||
elif credentails.get("qop") == "auth-int":
|
||||
elif credentials.get("qop") == "auth-int":
|
||||
for k in 'method', 'uri', 'body':
|
||||
if k not in request:
|
||||
raise ValueError("%s required" % k)
|
||||
@@ -208,7 +208,7 @@ def HA2(credentails, request):
|
||||
raise ValueError
|
||||
|
||||
|
||||
def response(credentails, password, request):
|
||||
def response(credentials, password, request):
|
||||
"""Compile digest auth response
|
||||
|
||||
If the qop directive's value is "auth" or "auth-int" , then compute the response as follows:
|
||||
@@ -217,24 +217,24 @@ def response(credentails, password, request):
|
||||
RESPONSE = MD5(HA1:nonce:HA2)
|
||||
|
||||
Arguments:
|
||||
- `credentails`: credentails dict
|
||||
- `credentials`: credentials dict
|
||||
- `password`: request user password
|
||||
- `request`: request dict
|
||||
"""
|
||||
response = None
|
||||
HA1_value = HA1(credentails.get('realm'), credentails.get('username'), password)
|
||||
HA2_value = HA2(credentails, request)
|
||||
if credentails.get('qop') is None:
|
||||
response = H(":".join([HA1_value, credentails.get('nonce'), HA2_value]))
|
||||
elif credentails.get('qop') == 'auth' or credentails.get('qop') == 'auth-int':
|
||||
HA1_value = HA1(credentials.get('realm'), credentials.get('username'), password)
|
||||
HA2_value = HA2(credentials, request)
|
||||
if credentials.get('qop') is None:
|
||||
response = H(":".join([HA1_value, credentials.get('nonce'), HA2_value]))
|
||||
elif credentials.get('qop') == 'auth' or credentials.get('qop') == 'auth-int':
|
||||
for k in 'nonce', 'nc', 'cnonce', 'qop':
|
||||
if k not in credentails:
|
||||
if k not in credentials:
|
||||
raise ValueError("%s required for response H" % k)
|
||||
response = H(":".join([HA1_value,
|
||||
credentails.get('nonce'),
|
||||
credentails.get('nc'),
|
||||
credentails.get('cnonce'),
|
||||
credentails.get('qop'),
|
||||
credentials.get('nonce'),
|
||||
credentials.get('nc'),
|
||||
credentials.get('cnonce'),
|
||||
credentials.get('qop'),
|
||||
HA2_value]))
|
||||
else:
|
||||
raise ValueError("qop value are wrong")
|
||||
@@ -246,12 +246,12 @@ def check_digest_auth(user, passwd):
|
||||
"""Check user authentication using HTTP Digest auth"""
|
||||
|
||||
if request.headers.get('Authorization'):
|
||||
credentails = parse_authorization_header(request.headers.get('Authorization'))
|
||||
if not credentails:
|
||||
credentials = parse_authorization_header(request.headers.get('Authorization'))
|
||||
if not credentials:
|
||||
return
|
||||
response_hash = response(credentails, passwd, dict(uri=request.path,
|
||||
response_hash = response(credentials, passwd, dict(uri=request.path,
|
||||
body=request.data,
|
||||
method=request.method))
|
||||
if credentails['response'] == response_hash:
|
||||
if credentials['response'] == response_hash:
|
||||
return True
|
||||
return False
|
||||
|
||||
@@ -19,6 +19,7 @@
|
||||
<li><a href="/response-headers?Content-Type=text/plain;%20charset=UTF-8&Server=httpbin"><code>/response-headers?key=val</code></a> Returns given response headers.</li>
|
||||
<li><a href="/redirect/6"><code>/redirect/:n</code></a> 302 Redirects <em>n</em> times.</li>
|
||||
<li><a href="/relative-redirect/6"><code>/relative-redirect/:n</code></a> 302 Relative redirects <em>n</em> times.</li>
|
||||
<li><a href="/redirect-to?url=http%3A%2F%2Fwww.google.com"><code>/redirect-to?url=some-url</code></a> 302 Redirects to the given URL.</li>
|
||||
<li><a href="/cookies" data-bare-link="true"><code>/cookies</code></a> Returns cookie data.</li>
|
||||
<li><a href="/cookies/set/key/value"><code>/cookies/set/:name/:value</code></a> Sets a simple cookie.</li>
|
||||
<li><a href="/basic-auth/user/passwd"><code>/basic-auth/:user/:passwd</code></a> Challenges HTTPBasic Auth.</li>
|
||||
|
||||
Reference in New Issue
Block a user