[CalendarServer-changes] [1907]
CalendarServer/branches/release/CalendarServer-1.0-dev/twistedcaldav
/directory
source_changes at macosforge.org
source_changes at macosforge.org
Tue Sep 25 16:02:56 PDT 2007
Revision: 1907
http://trac.macosforge.org/projects/calendarserver/changeset/1907
Author: wsanchez at apple.com
Date: 2007-09-25 16:02:56 -0700 (Tue, 25 Sep 2007)
Log Message:
-----------
Pulled up r1899 from trunk.
Modified Paths:
--------------
CalendarServer/branches/release/CalendarServer-1.0-dev/twistedcaldav/directory/digest.py
CalendarServer/branches/release/CalendarServer-1.0-dev/twistedcaldav/directory/test/test_digest.py
Modified: CalendarServer/branches/release/CalendarServer-1.0-dev/twistedcaldav/directory/digest.py
===================================================================
--- CalendarServer/branches/release/CalendarServer-1.0-dev/twistedcaldav/directory/digest.py 2007-09-25 19:40:19 UTC (rev 1906)
+++ CalendarServer/branches/release/CalendarServer-1.0-dev/twistedcaldav/directory/digest.py 2007-09-25 23:02:56 UTC (rev 1907)
@@ -366,6 +366,11 @@
challenge['qop'] = self.qop
else:
del challenge['qop']
+
+ # If stale was marked when decoding this request's Authorization header, add that to the challenge
+ if hasattr(peer, 'stale') and peer.stale:
+ challenge['stale'] = 'true'
+
return challenge
@@ -479,6 +484,8 @@
# Now check timestamp
if db_timestamp + DigestCredentialFactory.CHALLENGE_LIFETIME_SECS <= time.time():
self.invalidate(nonce)
+ if request.remoteAddr:
+ request.remoteAddr.stale = True
raise error.LoginFailed('Digest credentials expired')
return True
Modified: CalendarServer/branches/release/CalendarServer-1.0-dev/twistedcaldav/directory/test/test_digest.py
===================================================================
--- CalendarServer/branches/release/CalendarServer-1.0-dev/twistedcaldav/directory/test/test_digest.py 2007-09-25 19:40:19 UTC (rev 1906)
+++ CalendarServer/branches/release/CalendarServer-1.0-dev/twistedcaldav/directory/test/test_digest.py 2007-09-25 23:02:56 UTC (rev 1907)
@@ -4,6 +4,7 @@
from twisted.internet import address
from twisted.trial import unittest
from twisted.web2.auth import digest
+from twisted.web2.auth.wrapper import UnauthorizedResponse
from twisted.web2.test.test_server import SimpleRequest
from twisted.web2.dav.fileop import rmdir
from twistedcaldav.directory.digest import QopDigestCredentialFactory
@@ -351,6 +352,11 @@
_trivial_GET
)
+ factory.invalidate(factory.generateNonce())
+ response = UnauthorizedResponse({"Digest":factory}, _trivial_GET.remoteAddr)
+ wwwhdrs = response.headers.getHeader("www-authenticate")[0][1]
+ self.assertTrue('stale' not in wwwhdrs, msg="No stale parameter in Digest WWW-Authenticate headers: %s" % (wwwhdrs,))
+
def test_incompatibleClientIp(self):
"""
Test that the login fails when the request comes from a client ip
@@ -377,6 +383,10 @@
_trivial_GET
)
+ response = UnauthorizedResponse({"Digest":factory}, _trivial_GET.remoteAddr)
+ wwwhdrs = response.headers.getHeader("www-authenticate")[0][1]
+ self.assertTrue('stale' not in wwwhdrs, msg="No stale parameter in Digest WWW-Authenticate headers: %s" % (wwwhdrs,))
+
def test_oldNonce(self):
"""
Test that the login fails when the given opaque is older than
@@ -404,6 +414,11 @@
clientResponse,
_trivial_GET
)
+
+ response = UnauthorizedResponse({"Digest":factory}, _trivial_GET.remoteAddr)
+ wwwhdrs = response.headers.getHeader("www-authenticate")[0][1]
+ self.assertTrue('stale' in wwwhdrs, msg="No stale parameter in Digest WWW-Authenticate headers: %s" % (wwwhdrs,))
+ self.assertEquals(wwwhdrs['stale'], 'true', msg="stale parameter not set to true in Digest WWW-Authenticate headers: %s" % (wwwhdrs,))
def test_incompatibleCalcHA1Options(self):
"""
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20070925/6a45cf13/attachment.html
More information about the calendarserver-changes
mailing list