![見出し画像](https://assets.st-note.com/production/uploads/images/10722280/rectangle_large_type_2_e21029af48e0f0babd206b916af50a93.jpeg?width=1200)
Photo by
shinobuwada
[Python]55行で作るDigest認証
1.Digest認証
Digest認証の流れをターミナル上で表現するプログラムを作成します。
2.コード
from secrets import token_hex
from random import choices
from string import ascii_letters
from string import digits
from time import sleep
from hashlib import md5
make_nonce = lambda: token_hex()
make_opaque = lambda: "".join(choices(ascii_letters + digits, k=32))
def server_setting_info():
nonce = make_nonce()
opaque = make_opaque()
return nonce, opaque
request_header = """\n<Request Info>
GET /hoge HTTP/1.1
Host:nobita.jp
"""
print(request_header)
nonce, opaque = server_setting_info()
#再利用
cnonce, copaque = server_setting_info()
response_header_first = """\n<Response Info>
HTTP/1.1 401 Unauthorized
www-Authenticate: Digest realm=\"Nobita.jp\", nonce=\"{0}\"
, qop=\"auth\", opaque=\"{1}\"
""".format(nonce, opaque)
sleep(1)
print(response_header_first)
def create_digest_by_username(nonce, cnonce, nonce_count=1, username="nobi", realm="Nobita.jp", password="nobita"):
digest_args_first = username + ":" + realm + ":" + password
first_digest = md5(digest_args_first.encode("utf-8")).hexdigest()
method = "GET"
uri = "/hoge"
digest_args_second = method + ":" + uri
second_digest = md5(digest_args_second.encode("utf-8")).hexdigest()
digest_args_third = first_digest + ":" + nonce + ":" + str(nonce_count).zfill(8) + ":" + cnonce + ":" + "auth" + ":" + second_digest
third_digest = md5(digest_args_third.encode("utf-8")).hexdigest()
return third_digest
response = create_digest_by_username(nonce, cnonce)
request_header_second = """\n<Request Info>
GET /hoge HTTP/1.1
Host: nobita.jp
Authorization: Digest username=\"nobi\", realm=\"Nobita.jp\", nonce=\"{0}\",
uri=\"test\", qop=\"auth\", nc=00000001, cnonce=\"{1}\", response=\"{2}\",
opaque=\"{3}\"
""".format(nonce, cnonce, response, opaque)
sleep(1)
print(request_header_second)
3.実行結果
<Request Info>
GET /hoge HTTP/1.1
Host:nobita.jp
<Response Info>
HTTP/1.1 401 Unauthorized
www-Authenticate: Digest realm="Nobita.jp", nonce="f1bc5e5831c7b0a788feac5e06738f4f485aa191c272edfc44f3ea175f1ca44d"
, qop="auth", opaque="ZG731LHyMNsdHuUie2bx1oc6Aw6VHrBw"
<Request Info>
GET /hoge HTTP/1.1
Host: nobita.jp
Authorization: Digest username="nobi", realm="Nobita.jp", nonce="f1bc5e5831c7b0a788feac5e06738f4f485aa191c272edfc44f3ea175f1ca44d",
uri="test", qop="auth", nc=00000001, cnonce="a16f70fedbd7108af7214a7c9df256b030078d77b047fd456bb1a874b0e1b3c1", response="5f59bb6a574bca38d73f665894c2ec98",
opaque="ZG731LHyMNsdHuUie2bx1oc6Aw6VHrBw"
この記事が気に入ったらサポートをしてみませんか?