Merge pull request postmanlabs#401 from linuxlizard/master

add SHA-512 authentication
kennethreitz · Nov 19, 2017 · 194df2e · 194df2e
2 parents d9678da + f0f3da7
commit 194df2e
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 6 deletions.
diff --git a/httpbin/core.py b/httpbin/core.py
@@ -469,7 +469,7 @@ def digest_auth(qop=None, user='user', passwd='passwd', algorithm='MD5', stale_a
     """Prompts the user for authorization using HTTP Digest auth"""
     require_cookie_handling = (request.args.get('require-cookie', '').lower() in
                                ('1', 't', 'true'))
-    if algorithm not in ('MD5', 'SHA-256'):
+    if algorithm not in ('MD5', 'SHA-256', 'SHA-512'):
         algorithm = 'MD5'
 
     if qop not in ('auth', 'auth-int'):

diff --git a/httpbin/helpers.py b/httpbin/helpers.py
@@ -12,7 +12,7 @@
 import re
 import time
 import os
-from hashlib import md5, sha256
+from hashlib import md5, sha256, sha512
 from werkzeug.http import parse_authorization_header
 from werkzeug.datastructures import WWWAuthenticate
 
@@ -270,6 +270,8 @@ def check_basic_auth(user, passwd):
 def H(data, algorithm):
     if algorithm == 'SHA-256':
         return sha256(data).hexdigest()
+    elif algorithm == 'SHA-512':
+        return sha512(data).hexdigest()
     else:
         return md5(data).hexdigest()
 

diff --git a/test_httpbin.py b/test_httpbin.py
@@ -7,7 +7,7 @@
 import six
 import json
 from werkzeug.http import parse_dict_header
-from hashlib import md5, sha256
+from hashlib import md5, sha256, sha512
 from six import BytesIO
 
 import httpbin
@@ -41,6 +41,8 @@ def _hash(data, algorithm):
     """Encode binary data according to specified algorithm, use MD5 by default"""
     if algorithm == 'SHA-256':
         return sha256(data).hexdigest()
+    elif algorithm == 'SHA-512':
+        return sha512(data).hexdigest()
     else:
         return md5(data).hexdigest()
 
@@ -65,7 +67,7 @@ def _make_digest_auth_header(username, password, method, uri, nonce,
     assert nonce
     assert method
     assert uri
-    assert algorithm in ('MD5', 'SHA-256', None)
+    assert algorithm in ('MD5', 'SHA-256', 'SHA-512', None)
 
     a1 = ':'.join([username, realm or '', password])
     ha1 = _hash(a1.encode('utf-8'), algorithm)
@@ -282,7 +284,7 @@ def test_digest_auth(self):
         username = 'user'
         password = 'passwd'
         for qop in None, 'auth', 'auth-int',:
-            for algorithm in None, 'MD5', 'SHA-256':
+            for algorithm in None, 'MD5', 'SHA-256', 'SHA-512':
                 for body in None, b'', b'request payload':
                     for stale_after in (None, 1, 4) if algorithm else (None,) :
                         self._test_digest_auth(username, password, qop, algorithm, body, stale_after)
@@ -371,7 +373,7 @@ def test_digest_auth_wrong_pass(self):
         username = 'user'
         password = 'passwd'
         for qop in None, 'auth', 'auth-int',:
-            for algorithm in None, 'MD5', 'SHA-256':
+            for algorithm in None, 'MD5', 'SHA-256', 'SHA-512':
                 for body in None, b'', b'request payload':
                     self._test_digest_auth_wrong_pass(username, password, qop, algorithm, body, 3)