twisted.cred.credentials.DigestCredentialFactory(object) class documentationtwisted.cred.credentials
View Source
(View In Hierarchy)
Support for RFC2617 HTTP Digest Authentication
| Parameters | algorithm | Case insensitive string specifying the hash algorithm to use. Must be
either 'md5' or 'sha'. 'md5-sess'
is not supported. (type: bytes) |
| authenticationRealm | case sensitive string that specifies the realm portion of the challenge (type: bytes) |
| Class Variable | CHALLENGE_LIFETIME_SECS | The number of seconds for which an opaque should be valid. |
| Instance Variable | privateKey | A random string used for generating the secure opaque. (type: bytes) |
| Method | __init__ | Undocumented |
| Method | getChallenge | Generate the challenge for use in the WWW-Authenticate header. |
| Method | decode | Decode the given response and attempt to generate a DigestedCredentials
from it. |
| Method | _generateNonce | Create a random value suitable for use as the nonce parameter of a WWW-Authenticate challenge. |
| Method | _getTime | Parameterize the time based seed used in _generateOpaque so
we can deterministically unittest it's behavior. |
| Method | _generateOpaque | Generate an opaque to be returned to the client. This is a unique string that can be returned to us and verified. |
| Method | _verifyOpaque | Given the opaque and nonce from the request, as well as the client IP that made the request, verify that the opaque was generated by us. And that it's not too old. |
Generate the challenge for use in the WWW-Authenticate header.
| Parameters | address | The client address to which this challenge is being sent. |
| Returns | The dict
that can be used to generate a WWW-Authenticate header. | |
Create a random value suitable for use as the nonce parameter of a WWW-Authenticate challenge.
| Returns | (type: bytes) | |
Parameterize the time based seed used in _generateOpaque so
we can deterministically unittest it's behavior.
Generate an opaque to be returned to the client. This is a unique string that can be returned to us and verified.
Given the opaque and nonce from the request, as well as the client IP that made the request, verify that the opaque was generated by us. And that it's not too old.
| Parameters | opaque | The opaque value from the Digest response |
| nonce | The nonce value from the Digest response | |
| clientip | The remote IP address of the client making the request or None
if the request was submitted over a channel where this does not make sense. | |
| Returns | True if the opaque was successfully verified. | |
| Raises | error.LoginFailed | if opaque could not be parsed or contained the wrong values. |
Decode the given response and attempt to generate a DigestedCredentials
from it.
| Parameters | response | A string of comma separated key=value pairs (type: bytes) |
| method | The action requested to which this response is addressed (GET, POST,
INVITE, OPTIONS, etc). (type: bytes) | |
| host | The address the request was sent from. (type: bytes) | |
| Returns | DigestedCredentials | |
| Raises | error.LoginFailed | If the response does not contain a username, a nonce, an opaque, or if the opaque is invalid. |