Changeset 117

Show
Ignore:
Timestamp:
09/22/07 18:31:32
Author:
thejimmyg
Message:

Fixed the digest authentication bug in IE7, closes #31

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • AuthKit/branches/0.4/CHANGELOG

    r78 r117  
    66*** AS A RESULT OF THESE CHANGES THE DOCS ARE CURRENTLY OUT OF DATE *** 
    77 
     8* Fixed the IE7 bug in digest middleware 
    89* Adding SSO sub-directory, redirecting API, and CAS auth handler. 
    910* Fixed binding check to return none, instead of throwing an Exception (for 

  • AuthKit/branches/0.4/authkit/authenticate/digest.py

    r114 r117  
    4949   AuthKitUserSetter, AuthKitAuthHandler 
    5050 
     51# Setting up logging 
     52import logging 
     53log = logging.getLogger('authkit.authenticate.digest') 
     54     
     55 
    5156def digest_password(realm, username, password): 
    5257    """ construct the appropriate hashcode needed for HTTP digest """ 
     
    6570        opaque = md5.md5("%s:%s" % (time.time(),random.random())).hexdigest() 
    6671        self.nonce[nonce] = None 
    67         # XXX JG: I think adding '"auth"' here would fix the IE7 bug. 
    6872        parts = { 'realm': self.realm, 'qop': 'auth', 
    6973                  'nonce': nonce, 'opaque': opaque } 
     
    113117        """ 
    114118        if not authorization: 
     119            log.debug("No authorization specified: %s", authorization) 
    115120            return self.build_authentication() 
    116121        (authmeth, auth) = authorization.split(" ",1) 
    117122        if 'digest' != authmeth.lower(): 
     123            log.debug("Method was not digest, it was: %s", authmeth.lower()) 
    118124            return self.build_authentication() 
    119125        amap = {} 
    120         for itm in auth.split(", "): 
    121             (k,v) = [s.strip() for s in itm.split("=",1)] 
     126        amap = {} 
     127        for itm in auth.split(","): 
     128            (k,v) = [s.strip() for s in itm.strip().split("=",1)] 
    122129            amap[k] = v.replace('"','') 
    123130        try: 
     
    136143                assert nonce and nc 
    137144        except: 
     145            log.debug("Couldn't authenticate. %s", sys.exc_info()[1]) 
    138146            return self.build_authentication() 
    139147        ha1 = self.authfunc(environ,realm,username) 
     
    202210            return authenitcation.wsgi_application(environ, start_response) 
    203211        else: 
    204             method = REQUEST_METHOD(environ) 
    205             fullpath = SCRIPT_NAME(environ) + PATH_INFO(environ) 
    206             authorization = AUTHORIZATION(environ) 
    207             result = self.authenticate(environ, authorization, fullpath, method) 
    208             return result.wsgi_application(environ, start_response) 
    209          
     212            raise Exception("Bug: Not called via the multihandler") 
     213 
    210214class DigestUserSetter(object): 
    211215    def __init__(self, application, realm, authfunc, users):