MCPcopy
hub / github.com/postmanlabs/httpbin / digest_challenge_response

Function digest_challenge_response

httpbin/helpers.py:453–475  ·  view source on GitHub ↗
(app, qop, algorithm, stale = False)

Source from the content-addressed store, hash-verified

451
452
453def digest_challenge_response(app, qop, algorithm, stale = False):
454 response = app.make_response('')
455 response.status_code = 401
456
457 # RFC2616 Section4.2: HTTP headers are ASCII. That means
458 # request.remote_addr was originally ASCII, so I should be able to
459 # encode it back to ascii. Also, RFC2617 says about nonces: "The
460 # contents of the nonce are implementation dependent"
461 nonce = H(b''.join([
462 getattr(request, 'remote_addr', u'').encode('ascii'),
463 b':',
464 str(time.time()).encode('ascii'),
465 b':',
466 os.urandom(10)
467 ]), algorithm)
468 opaque = H(os.urandom(10), algorithm)
469
470 auth = WWWAuthenticate("digest")
471 auth.set_digest('me@kennethreitz.com', nonce, opaque=opaque,
472 qop=('auth', 'auth-int') if qop is None else (qop,), algorithm=algorithm)
473 auth.stale = stale
474 response.headers['WWW-Authenticate'] = auth.to_header()
475 return response

Callers 1

digest_authFunction · 0.85

Calls 1

HFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…