import binascii, hashlib, threading, time
-import resp
+from . import resp
class unauthorized(resp.httperror):
def __init__(self, challenge, message=None, detail=None):
- super(unauthorized, self).__init__(401, message, detail)
+ super().__init__(401, message, detail)
if isinstance(challenge, str):
challenge = [challenge]
self.challenge = challenge
def handle(self, req):
for challenge in self.challenge:
req.ohead.add("WWW-Authenticate", challenge)
- return super(unauthorized, self).handle(req)
+ return super().handle(req)
class forbidden(resp.httperror):
def __init__(self, message=None, detail=None):
- super(forbidden, self).__init__(403, message, detail)
+ super().__init__(403, message, detail)
def parsemech(req):
h = req.ihead.get("Authorization", None)
if mech != "basic":
return None, None
try:
+ data = data.encode("us-ascii")
+ except UnicodeError:
+ return None, None
+ try:
raw = binascii.a2b_base64(data)
except binascii.Error:
return None, None
+ try:
+ raw = raw.decode("utf-8")
+ except UnicodeError:
+ raw = raw.decode("latin1")
p = raw.find(":")
if p < 0:
return None, None
def _obscure(self, nm, pw):
dig = hashlib.sha256()
- dig.update(self.realm)
- dig.update(nm)
- dig.update(pw)
+ dig.update(self.realm.encode("utf-8"))
+ dig.update(nm.encode("utf-8"))
+ dig.update(pw.encode("utf-8"))
return dig.digest()
def check(self, req):
with lock:
try:
ret = self.auth(req, nm, pw)
- except forbidden, exc:
+ except forbidden as exc:
with self._lock:
self._cache[nm, pwh] = (lock, now, "f", exc)
raise