API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 5th, 2016
134
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 7.29 KB | None | 0 0
raw download clone embed print report
  1. '''
  2. requests.auth
  3. ~~~~~~~~~~~~~
  4.  
  5. This module contains the authentication handlers for Requests.
  6. '''
  7. import os
  8. import re
  9. import time
  10. import hashlib
  11. import threading
  12. from base64 import b64encode
  13. from compat import urlparse, str
  14. from cookies import extract_cookies_to_jar
  15. from utils import parse_dict_header, to_native_string
  16. from status_codes import codes
  17. CONTENT_TYPE_FORM_URLENCODED = 'application/x-www-form-urlencoded'
  18. CONTENT_TYPE_MULTI_PART = 'multipart/form-data'
  19.  
  20. def _basic_auth_str(username, password):
  21.     '''Returns a Basic Auth string.'''
  22.     authstr = 'Basic ' + to_native_string(b64encode(('%s:%s' % (username, password)).encode('latin1')).strip())
  23.     return authstr
  24.  
  25.  
  26. class AuthBase(object):
  27.     __qualname__ = 'AuthBase'
  28.     __doc__ = 'Base class that all auth implementations derive from'
  29.    
  30.     def __call__(self, r):
  31.         raise NotImplementedError('Auth hooks must be callable.')
  32.  
  33.  
  34.  
  35. class HTTPBasicAuth(AuthBase):
  36.     __qualname__ = 'HTTPBasicAuth'
  37.     __doc__ = 'Attaches HTTP Basic Authentication to the given Request object.'
  38.    
  39.     def __init__(self, username, password):
  40.         self.username = username
  41.         self.password = password
  42.  
  43.    
  44.     def __eq__(self, other):
  45.         return all([
  46.             self.username == getattr(other, 'username', None),
  47.             self.password == getattr(other, 'password', None)])
  48.  
  49.    
  50.     def __ne__(self, other):
  51.         return not (self == other)
  52.  
  53.    
  54.     def __call__(self, r):
  55.         r.headers['Authorization'] = _basic_auth_str(self.username, self.password)
  56.         return r
  57.  
  58.  
  59.  
  60. class HTTPProxyAuth(HTTPBasicAuth):
  61.     __qualname__ = 'HTTPProxyAuth'
  62.     __doc__ = 'Attaches HTTP Proxy Authentication to a given Request object.'
  63.    
  64.     def __call__(self, r):
  65.         r.headers['Proxy-Authorization'] = _basic_auth_str(self.username, self.password)
  66.         return r
  67.  
  68.  
  69.  
  70. class HTTPDigestAuth(AuthBase):
  71.     __qualname__ = 'HTTPDigestAuth'
  72.     __doc__ = 'Attaches HTTP Digest Authentication to the given Request object.'
  73.    
  74.     def __init__(self, username, password):
  75.         self.username = username
  76.         self.password = password
  77.         self._thread_local = threading.local()
  78.  
  79.    
  80.     def init_per_thread_state(self):
  81.         if not hasattr(self._thread_local, 'init'):
  82.             self._thread_local.init = True
  83.             self._thread_local.last_nonce = ''
  84.             self._thread_local.nonce_count = 0
  85.             self._thread_local.chal = { }
  86.             self._thread_local.pos = None
  87.             self._thread_local.num_401_calls = None
  88.  
  89.    
  90.     def build_digest_header(self, method, url):
  91.         realm = self._thread_local.chal['realm']
  92.         nonce = self._thread_local.chal['nonce']
  93.         qop = self._thread_local.chal.get('qop')
  94.         algorithm = self._thread_local.chal.get('algorithm')
  95.         opaque = self._thread_local.chal.get('opaque')
  96.         hash_utf8 = None
  97.         if algorithm is None:
  98.             _algorithm = 'MD5'
  99.         else:
  100.             _algorithm = algorithm.upper()
  101.         if _algorithm == 'MD5' or _algorithm == 'MD5-SESS':
  102.            
  103.             def md5_utf8(x):
  104.                 if isinstance(x, str):
  105.                     x = x.encode('utf-8')
  106.                 return hashlib.md5(x).hexdigest()
  107.  
  108.             hash_utf8 = md5_utf8
  109.         elif _algorithm == 'SHA':
  110.            
  111.             def sha_utf8(x):
  112.                 if isinstance(x, str):
  113.                     x = x.encode('utf-8')
  114.                 return hashlib.sha1(x).hexdigest()
  115.  
  116.             hash_utf8 = sha_utf8
  117.        
  118.         KD = lambda s, d: hash_utf8('%s:%s' % (s, d))
  119.         if hash_utf8 is None:
  120.             return None
  121.         entdig = (None,)
  122.         p_parsed = urlparse(url)
  123.         if not p_parsed.path:
  124.             pass
  125.         path = '/'
  126.         if p_parsed.query:
  127.             path += '?' + p_parsed.query
  128.         A1 = '%s:%s:%s' % (self.username, realm, self.password)
  129.         A2 = '%s:%s' % (method, path)
  130.         HA1 = hash_utf8(A1)
  131.         HA2 = hash_utf8(A2)
  132.         if nonce == self._thread_local.last_nonce:
  133.             self._thread_local.nonce_count += 1
  134.         else:
  135.             self._thread_local.nonce_count = 1
  136.         ncvalue = '%08x' % self._thread_local.nonce_count
  137.         s = str(self._thread_local.nonce_count).encode('utf-8')
  138.         s += nonce.encode('utf-8')
  139.         s += time.ctime().encode('utf-8')
  140.         s += os.urandom(8)
  141.         cnonce = hashlib.sha1(s).hexdigest()[:16]
  142.         if _algorithm == 'MD5-SESS':
  143.             HA1 = hash_utf8('%s:%s:%s' % (HA1, nonce, cnonce))
  144.         if not qop:
  145.             respdig = KD(HA1, '%s:%s' % (nonce, HA2))
  146.         elif qop == 'auth' or 'auth' in qop.split(','):
  147.             noncebit = '%s:%s:%s:%s:%s' % (nonce, ncvalue, cnonce, 'auth', HA2)
  148.             respdig = KD(HA1, noncebit)
  149.         else:
  150.             return None
  151.         self._thread_local.last_nonce = None
  152.         base = 'username="%s", realm="%s", nonce="%s", uri="%s", response="%s"' % (self.username, realm, nonce, path, respdig)
  153.         if opaque:
  154.             base += ', opaque="%s"' % opaque
  155.         if algorithm:
  156.             base += ', algorithm="%s"' % algorithm
  157.         if entdig:
  158.             base += ', digest="%s"' % entdig
  159.         if qop:
  160.             base += ', qop="auth", nc=%s, cnonce="%s"' % (ncvalue, cnonce)
  161.         return 'Digest %s' % base
  162.  
  163.    
  164.     def handle_redirect(self, r, **kwargs):
  165.         '''Reset num_401_calls counter on redirects.'''
  166.         if r.is_redirect:
  167.             self._thread_local.num_401_calls = 1
  168.  
  169.    
  170.     def handle_401(self, r, **kwargs):
  171.         '''Takes the given response and tries digest-auth, if needed.'''
  172.         if self._thread_local.pos is not None:
  173.             r.request.body.seek(self._thread_local.pos)
  174.         s_auth = r.headers.get('www-authenticate', '')
  175.         if 'digest' in s_auth.lower() and self._thread_local.num_401_calls < 2:
  176.             self._thread_local.num_401_calls += 1
  177.             pat = re.compile('digest ', flags = re.IGNORECASE)
  178.             self._thread_local.chal = parse_dict_header(pat.sub('', s_auth, count = 1))
  179.             r.close()
  180.             prep = r.request.copy()
  181.             extract_cookies_to_jar(prep._cookies, r.request, r.raw)
  182.             prep.prepare_cookies(prep._cookies)
  183.             prep.headers['Authorization'] = self.build_digest_header(prep.method, prep.url)
  184.             _r = r.connection.send(prep, **None)
  185.             _r.history.append(r)
  186.             _r.request = prep
  187.             return _r
  188.         self._thread_local.num_401_calls = None
  189.         return r
  190.  
  191.    
  192.     def __call__(self, r):
  193.         self.init_per_thread_state()
  194.         if self._thread_local.last_nonce:
  195.             r.headers['Authorization'] = self.build_digest_header(r.method, r.url)
  196.        
  197.         try:
  198.             self._thread_local.pos = r.body.tell()
  199.         except AttributeError:
  200.             self._thread_local.pos = None
  201.  
  202.         r.register_hook('response', self.handle_401)
  203.         r.register_hook('response', self.handle_redirect)
  204.         self._thread_local.num_401_calls = 1
  205.         return r
  206.  
  207.    
  208.     def __eq__(self, other):
  209.         return all([
  210.             self.username == getattr(other, 'username', None),
  211.             self.password == getattr(other, 'password', None)])
  212.  
  213.    
  214.     def __ne__(self, other):
  215.         return not (self == other)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!