A Python library to aid in implementing HTTP Digest Authentication.
Project description
Visit http://bitbucket.org/akoha/python-digest/ for further information.
This library was written to aid in the implementation of HTTP Digest Authentication for
Python web frameworks.
It may be used as follows:
>>> import time
>>> import python_digest
>>>
>>> secret = 'b_wy%h=ts0ii3g0ulqbx8q%w(72zh%4hslu7js&(^q+_s49jj-'
>>>
>>> www_authenticate_header = python_digest.build_digest_challenge(time.time(), secret, 'API', 'ADAC33E813C0CE930F4744C90E02396E', False)
>>> www_authenticate_header
'Digest nonce="1263192256.57:c6b7a75bf9a3b925cb01f91d298b7204", realm="API", algorithm="MD5", opaque="ADAC33E813C0CE930F4744C90E02396E", qop="auth", stale="false"'
>>>
>>> # Send the 'WWW-Authenticate' header to the client
>>> # ...
>>>
>>> # Receive the 'Authorization' header from the client
>>> http_authorization_header = 'Digest username="erik", realm="API", nonce="1263174643.19:7f936796976b235aa92ea05333d36483", uri="/site_media/static/pinax/css/facebox.css", algorithm=MD5, response="18824d23aa8649c6231978d3e8532528", opaque="ADAC33E813C0CE930F4744C90E02396E", qop=auth, nc=00000004, cnonce="54a4b93a966e882b"'
>>> digest_response = python_digest.parse_digest_credentials(http_authorization_header)
>>> python_digest.validate_nonce(digest_response.nonce, secret)
True
>>> expected_request_digest = python_digest.calculate_request_digest('GET', python_digest.calculate_partial_digest('erik', 'API', 'test'), digest_response)
>>> expected_request_digest == digest_response.response
True
You may choose to only accept nonces that have been generated within some time period -
get_nonce_timestamp() may be used to extract the timestamp from the client-provided nonce.
You may also choose to enforce the uniqueness of nonce-counts by storing the last seen nonce
count in (for example) a database and verifying it after checking the request-digest.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
pydigest-1.8.tar.gz
(11.4 kB
view details)
Built Distribution
pydigest-1.8-py3-none-any.whl
(12.9 kB
view details)
File details
Details for the file pydigest-1.8.tar.gz.
File metadata
- Download URL: pydigest-1.8.tar.gz
- Upload date:
- Size: 11.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.9.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e53d3b15cf4196d7a8430065839b455b7e8f20a5c6a03dc1b60cf0ab755bde3c |
|
| MD5 | f755d3738f56189f5a9387c7c33e5464 |
|
| BLAKE2b-256 | 043c285bdc543fd7d420a8d269b245600cb0959e53a7596640d63f22da5aa8e8 |
File details
Details for the file pydigest-1.8-py3-none-any.whl.
File metadata
- Download URL: pydigest-1.8-py3-none-any.whl
- Upload date:
- Size: 12.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.9.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 3aa5938021ef16bc95d57afa77570288668559393cede6d6dec4918f6d8ffd30 |
|
| MD5 | f88b3063cd893beb846186ce973949e3 |
|
| BLAKE2b-256 | 8a5098c4b0d42c2233fd3048dca8aadeb751cda1874e8a977b4d66bd52def73e |
