Commits

Lukas Linhart  committed 5d7b199

Support for cleartext models without realm

  • Participants
  • Parent commits dbafebe

Comments (0)

Files changed (6)

File djangohttpdigest/authentication.py

     
     def get_a1(self, digestor):
         try:
-            inst = self.model.objects.get(**{
-                self.realm_field : self.realm,
-                self.username_field : digestor.get_client_username()
-            })
+            username = digestor.get_client_username()
+            pars = {
+                self.username_field : username
+            }
+            if self.realm_field:
+                pars[self.realm_field] = self.realm
+            inst = self.model.objects.get(**pars)
             self.a1 = getattr(inst, self.secret_field)
             return self.a1
         
     def get_a1(self, digestor):
         try:
             username = digestor.get_client_username()
-            inst = self.model.objects.get(**{
-                self.realm_field : self.realm,
+            pars = {
                 self.username_field : username
-            })
+            }
+            if self.realm_field:
+                pars[self.realm_field] = self.realm
+            inst = self.model.objects.get(**pars)
             password = getattr(inst, self.password_field)
             self.a1 = md5("%s:%s:%s" % (username, self.realm, password)).hexdigest()
             return self.a1

File djangohttpdigest/decorators.py

                 except ValueError, err:
                     return HttpResponseBadRequest(err)
 
-                authenticator = SimpleHardcodedAuthenticator(server_realm=realm, server_username=username, server_password=password)
-                
-                if authenticator.secret_passed(digestor):
-                    return function(request, *args, **kwargs)
+                if parsed_header['realm'] == realm:
+                    authenticator = SimpleHardcodedAuthenticator(server_realm=realm, server_username=username, server_password=password)
+
+                    if authenticator.secret_passed(digestor):
+                        return function(request, *args, **kwargs)
                 
             # nothing received, return challenge
             response = HttpResponseNotAuthorized("Not Authorized")
         def _wrapper(request, *args, **kwargs):
             
             digestor = Digestor(method=request.method, path=request.path, realm=realm)
-            
             if request.META.has_key('HTTP_AUTHORIZATION'):
                 try:
                     parsed_header = digestor.parse_authorization_header(request.META['HTTP_AUTHORIZATION'])
                 except ValueError, err:
                     return HttpResponseBadRequest(err)
-                
-                if password_field:
-                    authenticator = ClearTextModelAuthenticator(model=model, realm=realm, realm_field=realm_field, username_field=username_field, password_field=password_field)
-                else:
-                    authenticator = ModelAuthenticator(model=model, realm=realm, realm_field=realm_field, username_field=username_field, secret_field=secret_field)
 
-                if authenticator.secret_passed(digestor):
-                    return function(request, *args, **kwargs)
+                if parsed_header['realm'] == realm:
+                    if password_field:
+                        print realm_field
+                        authenticator = ClearTextModelAuthenticator(model=model, realm=realm, realm_field=realm_field, username_field=username_field, password_field=password_field)
+                    else:
+                        authenticator = ModelAuthenticator(model=model, realm=realm, realm_field=realm_field, username_field=username_field, secret_field=secret_field)
+
+                    if authenticator.secret_passed(digestor):
+                        return function(request, *args, **kwargs)
                 
             # nothing received, return challenge
             response = HttpResponseNotAuthorized("Not Authorized")

File testproject/testapi/models.py

     realm = models.CharField(max_length=30)
     username = models.CharField(max_length=30)
     password = models.CharField(max_length=30)
-    
+
+class ClearTextModelWithDefaultRealm(models.Model):
+    realm = models.CharField(max_length=30)
+    username = models.CharField(max_length=30)
+    password = models.CharField(max_length=30)
+
 class ModelWithDefaultRealm(models.Model):
     username = models.CharField(max_length=30)
     secret = models.CharField(max_length=50)

File testproject/testapi/urls.py

 from django.conf.urls.defaults import patterns, url
 
 urlpatterns = patterns('testapi.views',
-    url('simpleprotected', 'simpleprotected'),
-    url('modelprotected', 'modelprotected'),
-    url('modelcleartextprotected', 'modelcleartextprotected'),
+    url('simpleprotected/$', 'simpleprotected'),
+    url('modelprotected/$', 'modelprotected'),
+    url('modelcleartextprotected/$', 'modelcleartextprotected'),
+    url('modelcleartextprotectedwithdefaultrealm/$', 'modelcleartextprotectedwithdefaultrealm'),
 )

File testproject/testapi/views.py

 from django.http import HttpResponse
 from djangohttpdigest.decorators import protect_digest, protect_digest_model
 
-from testapi.models import ModelWithRealmSet, ClearTextModel
+from testapi.models import ModelWithRealmSet, ClearTextModel, ClearTextModelWithDefaultRealm
 
 @protect_digest(realm='simple', username='username', password='password')
 def simpleprotected(request):
     Example of model-protected site.
     """
     return HttpResponse('')
+
+@protect_digest_model(realm='simple',
+      model=ClearTextModelWithDefaultRealm,
+      realm_field=None,
+      username_field='username',
+      password_field='password'
+)
+def modelcleartextprotectedwithdefaultrealm(request):
+    """
+    Example of model-protected site.
+    """
+    return HttpResponse('')
+

File testproject/tests/test_simple_digest.py

 
 from djangosanetesting import HttpTestCase
 
-from testapi.models import ModelWithRealmSet, ClearTextModel
+from testapi.models import ModelWithRealmSet, ClearTextModel, ClearTextModelWithDefaultRealm
 
 class TestSimpleDigest(HttpTestCase):
     path = '/testapi/simpleprotected/'
 
     def test_autentization_compatible_model_with_cleartext_field(self):
         # add something to test agains
-        secret = md5("%s:%s:%s" % ("username", "simple", "password")).hexdigest()
-
         ClearTextModel.objects.create(realm='simple', username='username', password='password')
-
         transaction.commit()
 
         self._check_authentication_compatibility(path='/testapi/modelcleartextprotected/')
 
+
+    def test_autentization_compatible_model_with_cleartext_field_without_realm(self):
+        # add something to test agains
+        ClearTextModelWithDefaultRealm.objects.create(username='username', password='password')
+
+        transaction.commit()
+
+        self._check_authentication_compatibility(path='/testapi/modelcleartextprotectedwithdefaultrealm/')
+