(self)
| 33 | self.password = password |
| 34 | |
| 35 | def get(self): |
| 36 | realm = "test" |
| 37 | opaque = "asdf" |
| 38 | # Real implementations would use a random nonce. |
| 39 | nonce = "1234" |
| 40 | |
| 41 | auth_header = self.request.headers.get("Authorization", None) |
| 42 | if auth_header is not None: |
| 43 | auth_mode, params = auth_header.split(" ", 1) |
| 44 | assert auth_mode == "Digest" |
| 45 | param_dict = {} |
| 46 | for pair in params.split(","): |
| 47 | k, v = pair.strip().split("=", 1) |
| 48 | if v[0] == '"' and v[-1] == '"': |
| 49 | v = v[1:-1] |
| 50 | param_dict[k] = v |
| 51 | assert param_dict["realm"] == realm |
| 52 | assert param_dict["opaque"] == opaque |
| 53 | assert param_dict["nonce"] == nonce |
| 54 | assert param_dict["username"] == self.username |
| 55 | assert param_dict["uri"] == self.request.path |
| 56 | h1 = md5(utf8(f"{self.username}:{realm}:{self.password}")).hexdigest() |
| 57 | h2 = md5(utf8(f"{self.request.method}:{self.request.path}")).hexdigest() |
| 58 | digest = md5(utf8(f"{h1}:{nonce}:{h2}")).hexdigest() |
| 59 | if digest == param_dict["response"]: |
| 60 | self.write("ok") |
| 61 | else: |
| 62 | self.write("fail") |
| 63 | else: |
| 64 | self.set_status(401) |
| 65 | self.set_header( |
| 66 | "WWW-Authenticate", |
| 67 | f'Digest realm="{realm}", nonce="{nonce}", opaque="{opaque}"', |
| 68 | ) |
| 69 | |
| 70 | |
| 71 | class CustomReasonHandler(RequestHandler): |
no test coverage detected