Skip to content
Permalink
Browse files

Work on OD digest

  • Loading branch information
wsanchez committed Jan 3, 2014
1 parent 2fb5625 commit 4b5c6ccbcd2124eeedaf3ae616d2850a04b8adcf
@@ -135,75 +135,3 @@ def requestAvatarId(self, credentials):
returnValue(record)

raise UnauthorizedLogin("Incorrect password")





# class Yuck(object):
# def requestAvatarId(self, credentials):
# odRecord = self._getUserRecord(credentials.username)

# if odRecord is None:
# return fail(UnauthorizedLogin("No such user"))

# if isinstance(credentials, DigestedCredentials):
# try:
# credentials.fields.setdefault("algorithm", "md5")
# challenge = (
# 'Digest realm="{realm}", nonce="{nonce}", '
# 'algorithm={algorithm}'
# .format(**credentials.fields)
# )
# response = credentials.fields["response"]

# except KeyError as e:
# self.log.error(
# "Error authenticating against OpenDirectory: "
# "missing digest response field {field!r} in "
# "{credentials.fields!r}",
# field=e.args[0], credentials=credentials
# )
# return fail(UnauthorizedLogin("Invalid digest challenge"))

# result, m1, m2, error = odRecord.verifyExtendedWithAuthenticationType_authenticationItems_continueItems_context_error_(
# u"dsAuthMethodStandard:dsAuthNodeDIGEST-MD5",
# [
# credentials.username,
# challenge,
# response,
# credentials.method,
# ],
# None, None, None
# )

# if error:
# return fail(UnauthorizedLogin(error))

# if result:
# return succeed(DirectoryRecord(self, odRecord))

# else:
# return fail(UnauthorizedLogin(
# "Unknown credentials type: {0}".format(type(credentials))
# ))

# return fail(UnauthorizedLogin("Unknown authorization failure"))







# from twisted.web.guard import DigestCredentialFactory

# class CustomDigestCredentialFactory(DigestCredentialFactory):
# """
# DigestCredentialFactory without qop, to interop with OD.
# """

# def getChallenge(self, address):
# result = DigestCredentialFactory.getChallenge(self, address)
# del result["qop"]
# return result
@@ -25,11 +25,13 @@
"OpenDirectoryDataError",
"DirectoryService",
"DirectoryRecord",
"NoQOPDigestCredentialFactory",
]


from ._service import (
OpenDirectoryError, OpenDirectoryConnectionError, OpenDirectoryQueryError,
OpenDirectoryDataError,
DirectoryService,
NoQOPDigestCredentialFactory,
)
@@ -25,6 +25,7 @@

from twisted.python.constants import Names, NamedConstant
from twisted.internet.defer import succeed, fail
from twisted.web.guard import DigestCredentialFactory

from twext.python.log import Logger

@@ -584,13 +585,39 @@ def verifyHTTPDigest(
)
)

print("username = {0!r}".format(username))
print("realm = {0!r}".format(realm))
print("uri = {0!r}".format(uri))
print("nonce = {0!r}".format(nonce))
print("cnonce = {0!r}".format(cnonce))
print("algorithm = {0!r}".format(algorithm))
print("nc = {0!r}".format(nc))
print("qop = {0!r}".format(qop))
print("response = {0!r}".format(response))
print("method = {0!r}".format(method))
print("challenge = {0!r}".format(challenge))

result, m1, m2, error = self._odRecord.verifyExtendedWithAuthenticationType_authenticationItems_continueItems_context_error_(
ODAuthMethod.digestMD5.value
ODAuthMethod.digestMD5.value,
[username, challenge, response, method],
None, None, None
)

print(result, m1, m2, error)

if error:
return False

return result



class NoQOPDigestCredentialFactory(DigestCredentialFactory):
"""
DigestCredentialFactory without qop, to interop with OD.
"""

def getChallenge(self, address):
result = DigestCredentialFactory.getChallenge(self, address)
del result["qop"]
return result
@@ -20,13 +20,15 @@ from twisted.cred.portal import Portal
from twisted.web.resource import IResource
from twisted.web.guard import (
HTTPAuthSessionWrapper,
# BasicCredentialFactory,
DigestCredentialFactory,
BasicCredentialFactory,
# DigestCredentialFactory,
)
from twisted.web.static import Data

from twext.who.test.test_xml import xmlService as DirectoryService
# from twext.who.checker import UsernamePasswordCredentialChecker
# from twext.who.test.test_xml import xmlService as DirectoryService
from twext.who.opendirectory import DirectoryService
from twext.who.opendirectory import NoQOPDigestCredentialFactory as DigestCredentialFactory
from twext.who.checker import UsernamePasswordCredentialChecker
from twext.who.checker import HTTPDigestCredentialChecker


@@ -42,7 +44,8 @@ class Realm(object):



directory = DirectoryService("/tmp/auth.xml")
# directory = DirectoryService("/tmp/auth.xml")
directory = DirectoryService()

checkers = [
HTTPDigestCredentialChecker(directory),

0 comments on commit 4b5c6cc

Please sign in to comment.
You can’t perform that action at this time.