Ñò ô†³Kc @södZddklZddkTyddklZWn#ej oddklZnXddkZddkZd„Z de fd„ƒYZ d e fd „ƒYZ e Z d d gZd „Zd ejo#ddkZeideiƒndS(s Digest HTTP/1.1 Authentication This module implements ``Digest`` authentication as described by RFC 2617 [1]_ . Basically, you just put this module before your application, and it takes care of requesting and handling authentication requests. This module has been tested with several common browsers "out-in-the-wild". >>> from paste.wsgilib import dump_environ >>> from paste.httpserver import serve >>> # from paste.auth.digest import digest_password, AuthDigestHandler >>> realm = 'Test Realm' >>> def authfunc(environ, realm, username): ... return digest_password(realm, username, username) >>> serve(AuthDigestHandler(dump_environ, realm, authfunc)) serving on... This code has not been audited by a security expert, please use with caution (or better yet, report security holes). At this time, this implementation does not provide for further challenges, nor does it support Authentication-Info header. It also uses md5, and an option to use sha would be a good thing. .. [1] http://www.faqs.org/rfcs/rfc2617.html iÿÿÿÿ(tHTTPUnauthorized(t*(tmd5NcCstd|||fƒiƒS(s; construct the appropriate hashcode needed for HTTP digest s%s:%s:%s(Rt hexdigest(trealmtusernametpassword((s5/usr/lib/python2.6/site-packages/paste/auth/digest.pytdigest_password(stAuthDigestAuthenticatorcBs;eZdZd„Zdd„Zd„Zd„ZeZRS(s9 implementation of RFC 2617 - HTTP Digest Authentication cCsh|_||_||_dS(N(tnoncetauthfuncR(tselfRR ((s5/usr/lib/python2.6/site-packages/paste/auth/digest.pyt__init__.s  tc Cs÷tdtiƒtiƒfƒiƒ}tdtiƒtiƒfƒiƒ}d|i| hashcode This module provides a 'digest_password' helper function which can help construct the hashcode; it is recommended that the hashcode is stored in a database, not the user's actual password (since you only need the hashcode). cCst||ƒ|_||_dS(N(RRCt application(R RIRR ((s5/usr/lib/python2.6/site-packages/paste/auth/digest.pyR ®scCszt|ƒ}|pW|i|ƒ}t|tƒo$ti|dƒti||ƒqj|i||ƒSn|i||ƒS(NR-(t REMOTE_USERRCt isinstancetstrt AUTH_TYPEtupdatetwsgi_applicationRI(R R;tstart_responseRtresult((s5/usr/lib/python2.6/site-packages/paste/auth/digest.pyRG²s (RDRERFR RG(((s5/usr/lib/python2.6/site-packages/paste/auth/digest.pyRH~s/ RcKsUddkl}ddk}||ƒ}t||iƒp td‚t|||ƒS(sÔ Grant access via digest authentication Config looks like this:: [filter:grant] use = egg:Paste#auth_digest realm=myrealm authfunc=somepackage.somemodule:somefunction iÿÿÿÿ(t eval_importNs#authfunc must resolve to a function(tpaste.util.import_stringRRttypesRKt FunctionTypeR:RH(tappt global_confRR tkwRRRT((s5/usr/lib/python2.6/site-packages/paste/auth/digest.pyt make_digestÁs   t__main__t optionflags(RFtpaste.httpexceptionsRtpaste.httpheadersthashlibRt ImportErrorRRRtobjectRRHt middlewaret__all__RYRDtdoctestttestmodtELLIPSIS(((s5/usr/lib/python2.6/site-packages/paste/auth/digest.pyts   R?