Bitbucket is a code hosting site with unlimited public and private repositories. We're also free for small teams!


Visit for further information.

This library was written to aid in the implementation of HTTP Digest Authentication for Python web frameworks.

It may be used as follows:

>>> import time
>>> import python_digest
>>> secret = 'b_wy%h=ts0ii3g0ulqbx8q%w(72zh%4hslu7js&(^q+_s49jj-'
>>> www_authenticate_header = python_digest.build_digest_challenge(time.time(), secret, 'API', 'ADAC33E813C0CE930F4744C90E02396E', False)
>>> www_authenticate_header
'Digest nonce="1263192256.57:c6b7a75bf9a3b925cb01f91d298b7204", realm="API", algorithm="MD5", opaque="ADAC33E813C0CE930F4744C90E02396E", qop="auth", stale="false"'
>>> # Send the 'WWW-Authenticate' header to the client
>>> # ...
>>> # Receive the 'Authorization' header from the client
>>> http_authorization_header = 'Digest username="erik", realm="API", nonce="1263174643.19:7f936796976b235aa92ea05333d36483", uri="/site_media/static/pinax/css/facebox.css", algorithm=MD5, response="18824d23aa8649c6231978d3e8532528", opaque="ADAC33E813C0CE930F4744C90E02396E", qop=auth, nc=00000004, cnonce="54a4b93a966e882b"'
>>> digest_response = python_digest.parse_digest_credentials(http_authorization_header)
>>> python_digest.validate_nonce(digest_response.nonce, secret)
>>> expected_request_digest = python_digest.calculate_request_digest('GET', digest_response, python_digest.calculate_partial_digest('erik', 'API', 'test'))
>>> expected_request_digest == digest_response.response

You may choose to only accept nonces that have been generated within some time period - get_nonce_timestamp() may be used to extract the timestamp from the client-provided nonce.

You may also choose to enforce the uniqueness of nonce-counts by storing the last seen nonce count in (for example) a database and verifying it after checking the request-digest.

Recent activity

Nothing to see here, move along.

Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.