- fixed logic/definition problem /w multi-entry headers;

__call__ now always returns a string value - renamed resolve to values in HTTPHeader to better reflect the public-interface for this (esp for multi-entry headers) - a few bugs in mult-entry headers - added common CGI headers to httpheaders; I know they don't really belong here, but error checking is nice - updated auth.digest and auth.basic to use httpheaders (this is what prompted the above changes) - added WWW_AUTHENTICATe header which will build a response to a digest challenge - fixed capitalization error in fileapp and added corresponding test
author: cce <devnull@localhost> 2006-01-01 20:58:49 +0000
committer: cce <devnull@localhost> 2006-01-01 20:58:49 +0000
commit: 71e140a32dfaa515e1ae204ec5cd0f84ccac7a51 (patch)
tree: 825af9f12fe67f0b703f2d99f31f12a12d8c087d /paste/auth
parent: 6c3cf1e9c877b1b0af5cf7fde1d9a43c7fadae6c (diff)
download: paste-71e140a32dfaa515e1ae204ec5cd0f84ccac7a51.tar.gz
3 files changed, 21 insertions, 36 deletions
diff --git a/paste/auth/basic.py b/paste/auth/basic.py
index a255c59..cfacb28 100644
--- a/paste/auth/basic.py
+++ b/paste/auth/basic.py
@@ -12,7 +12,7 @@ use ``digest`` authentication.
 
 >>> from paste.wsgilib import dump_environ
 >>> from paste.util.httpserver import serve
->>> from paste.auth.basic import AuthBasicHandler
+>>> # from paste.auth.basic import AuthBasicHandler
 >>> realm = 'Test Realm'
 >>> def authfunc(username, password):
 ...     return username == password
@@ -22,6 +22,7 @@ serving on...
 .. [1] http://www.w3.org/Protocols/HTTP/1.0/draft-ietf-http-spec.html#BasicAA
 """
 from paste.httpexceptions import HTTPUnauthorized
+from paste.httpheaders import *
 
 class AuthBasicAuthenticator:
     """
@@ -33,17 +34,18 @@ class AuthBasicAuthenticator:
         self.authfunc = authfunc
 
     def build_authentication(self):
-        head = [('WWW-Authenticate','Basic realm="%s"' % self.realm)]
+        head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm)
         return HTTPUnauthorized(headers=head)
 
-    def authenticate(self, authorization):
+    def authenticate(self, environ):
+        authorization = AUTHORIZATION(environ)
         if not authorization:
             return self.build_authentication()
-        (authmeth, auth) = authorization.split(" ",1)
+        (authmeth, auth) = authorization.split(' ',1)
         if 'basic' != authmeth.lower():
             return self.build_authentication()
         auth = auth.strip().decode('base64')
-        username, password = auth.split(':')
+        username, password = auth.split(':',1)
         if self.authfunc(username, password):
             return username
         return self.build_authentication()
@@ -82,13 +84,12 @@ class AuthBasicHandler:
         self.authenticate = AuthBasicAuthenticator(realm, authfunc)
 
     def __call__(self, environ, start_response):
-        username = environ.get('REMOTE_USER','')
+        username = REMOTE_USER(environ)
         if not username:
-            authorization = environ.get('HTTP_AUTHORIZATION','')
-            result = self.authenticate(authorization)
+            result = self.authenticate(environ)
             if isinstance(result, str):
-                environ['AUTH_TYPE'] = 'basic'
-                environ['REMOTE_USER'] = result
+                AUTH_TYPE.update(environ, 'basic')
+                REMOTE_USER.update(environ, result)
             else:
                 return result.wsgi_application(environ, start_response)
         return self.application(environ, start_response)
diff --git a/paste/auth/cookie.py b/paste/auth/cookie.py
index b2f93f0..e53f23d 100644
--- a/paste/auth/cookie.py
+++ b/paste/auth/cookie.py
@@ -19,6 +19,7 @@ cookie.
 >>> from paste.util.httpserver import serve
 >>> from paste.fileapp import DataApp
 >>> from paste.httpexceptions import *
+>>> # from paste.auth.cookie import AuthCookiehandler
 >>> from paste.wsgilib import parse_querystring
 >>> def testapp(environ, start_response):
 ...     user = dict(parse_querystring(environ)).get('user','')
diff --git a/paste/auth/digest.py b/paste/auth/digest.py
index 4fcef65..b8005c3 100644
--- a/paste/auth/digest.py
+++ b/paste/auth/digest.py
@@ -14,7 +14,7 @@ module has been tested with several common browsers "out-in-the-wild".
 
 >>> from paste.wsgilib import dump_environ
 >>> from paste.util.httpserver import serve
->>> from paste.auth.digest import digest_password, AuthDigestHandler
+>>> # from paste.auth.digest import digest_password, AuthDigestHandler
 >>> realm = 'Test Realm'
 >>> def authfunc(realm, username):
 ...     return digest_password(username, realm, username)
@@ -30,30 +30,13 @@ to use sha would be a good thing.
 .. [1] http://www.faqs.org/rfcs/rfc2617.html
 """
 from paste.httpexceptions import HTTPUnauthorized
+from paste.httpheaders import *
 import md5, time, random, urllib2
 
 def digest_password(username, realm, password):
     """ construct the appropriate hashcode needed for HTTP digest """
     return md5.md5("%s:%s:%s" % (username,realm,password)).hexdigest()
 
-def digest_response(challenge, realm, path, username, password):
-    """
-    builds an authorization response for a given challenge
-    """
-    auth = urllib2.AbstractDigestAuthHandler()
-    auth.add_password(realm,path,username,password)
-    (token,challenge) = challenge.split(' ',1)
-    chal = urllib2.parse_keqv_list(urllib2.parse_http_list(challenge))
-    class FakeRequest:
-       def get_full_url(self):
-           return path
-       def has_data(self):
-           return False
-       def get_method(self):
-           return "GET"
-       get_selector = get_full_url
-    return "Digest %s" % auth.get_authorization(FakeRequest(), chal)
-
 class AuthDigestAuthenticator:
     """ implementation of RFC 2617 - HTTP Digest Authentication """
     def __init__(self, realm, authfunc):
@@ -186,22 +169,22 @@ class AuthDigestHandler:
         self.application = application
 
     def __call__(self, environ, start_response):
-        username = environ.get('REMOTE_USER','')
+        username = REMOTE_USER(environ)
         if not username:
-            method = environ['REQUEST_METHOD']
-            fullpath = environ['SCRIPT_NAME'] + environ["PATH_INFO"]
-            authorization = environ.get('HTTP_AUTHORIZATION','')
+            method = REQUEST_METHOD(environ)
+            fullpath = SCRIPT_NAME(environ) + PATH_INFO(environ)
+            authorization = AUTHORIZATION(environ)
             result = self.authenticate(authorization, fullpath, method)
             if isinstance(result, str):
-                environ['AUTH_TYPE'] = 'digest'
-                environ['REMOTE_USER'] = result
+                AUTH_TYPE.update(environ,'digest')
+                REMOTE_USER.update(environ, result)
             else:
                 return result.wsgi_application(environ, start_response)
         return self.application(environ, start_response)
 
 middleware = AuthDigestHandler
 
-__all__ = ['digest_password', 'digest_response', 'AuthDigestHandler' ]
+__all__ = ['digest_password', 'AuthDigestHandler' ]
 
 if "__main__" == __name__:
     import doctest
author	cce <devnull@localhost>	2006-01-01 20:58:49 +0000
committer	cce <devnull@localhost>	2006-01-01 20:58:49 +0000
commit	71e140a32dfaa515e1ae204ec5cd0f84ccac7a51 (patch)
tree	825af9f12fe67f0b703f2d99f31f12a12d8c087d /paste/auth
parent	6c3cf1e9c877b1b0af5cf7fde1d9a43c7fadae6c (diff)
download	paste-71e140a32dfaa515e1ae204ec5cd0f84ccac7a51.tar.gz