55 lines
2.3 KiB
Python
55 lines
2.3 KiB
Python
# Copyright (C) 2011 Apple Inc. All rights reserved.
|
|
#
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions
|
|
# are met:
|
|
# 1. Redistributions of source code must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
# 2. Redistributions in binary form must reproduce the above copyright
|
|
# notice, this list of conditions and the following disclaimer in the
|
|
# documentation and/or other materials provided with the distribution.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' AND
|
|
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
# DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS BE LIABLE FOR
|
|
# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
|
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
"""htdigestparser - a parser for htdigest files"""
|
|
|
|
import hashlib
|
|
import string
|
|
|
|
|
|
class HTDigestParser(object):
|
|
def __init__(self, digest_file):
|
|
self._entries = self.parse_file(digest_file)
|
|
|
|
def authenticate(self, username, realm, password):
|
|
hashed_password = hashlib.md5(':'.join((username, realm, password)).encode('utf-8')).hexdigest()
|
|
return [username, realm, hashed_password] in self.entries()
|
|
|
|
def entries(self):
|
|
return self._entries
|
|
|
|
def parse_file(self, digest_file):
|
|
entries = [line.rstrip().split(':') for line in digest_file]
|
|
|
|
# Perform some sanity-checking to ensure the file is valid.
|
|
valid_characters = set(string.hexdigits)
|
|
for entry in entries:
|
|
if len(entry) != 3:
|
|
return []
|
|
hashed_password = entry[-1]
|
|
if len(hashed_password) != 32:
|
|
return []
|
|
if not set(hashed_password).issubset(valid_characters):
|
|
return []
|
|
|
|
return entries
|