import binascii, hashlib, threading, time
-from . import resp
+import resp
class unauthorized(resp.httperror):
def __init__(self, challenge, message=None, detail=None):
- super().__init__(401, message, detail)
+ super(unauthorized, self).__init__(401, message, detail)
if isinstance(challenge, str):
challenge = [challenge]
self.challenge = challenge
def handle(self, req):
for challenge in self.challenge:
req.ohead.add("WWW-Authenticate", challenge)
- return super().handle(req)
+ return super(unauthorized, self).handle(req)
class forbidden(resp.httperror):
def __init__(self, message=None, detail=None):
- super().__init__(403, message, detail)
+ super(forbidden, self).__init__(403, message, detail)
def parsemech(req):
h = req.ihead.get("Authorization", None)
if mech != "basic":
return None, None
try:
- data = data.encode("us-ascii")
- except UnicodeError:
- return None, None
- try:
raw = binascii.a2b_base64(data)
except binascii.Error:
return None, None
- try:
- raw = raw.decode("utf-8")
- except UnicodeError:
- raw = raw.decode("latin1")
p = raw.find(":")
if p < 0:
return None, None
def _obscure(self, nm, pw):
dig = hashlib.sha256()
- dig.update(self.realm.encode("utf-8"))
- dig.update(nm.encode("utf-8"))
- dig.update(pw.encode("utf-8"))
+ dig.update(self.realm)
+ dig.update(nm)
+ dig.update(pw)
return dig.digest()
def check(self, req):
with lock:
try:
ret = self.auth(req, nm, pw)
- except forbidden as exc:
+ except forbidden, exc:
with self._lock:
self._cache[nm, pwh] = (lock, now, "f", exc)
raise