見出し画像
Photo by shinobuwada

[Python]55行で作るDigest認証

ねこぐらまー

1.Digest認証

Digest認証の流れをターミナル上で表現するプログラムを作成します。

2.コード

from secrets import token_hex
from random import choices
from string import ascii_letters
from string import digits
from time import sleep
from hashlib import md5

make_nonce = lambda: token_hex()
make_opaque = lambda: "".join(choices(ascii_letters + digits, k=32))

def server_setting_info():
    nonce = make_nonce()
    opaque = make_opaque()
    return nonce, opaque

request_header = """\n<Request Info>
GET /hoge HTTP/1.1            
Host:nobita.jp
"""

print(request_header)
nonce, opaque = server_setting_info()
#再利用
cnonce, copaque = server_setting_info()

response_header_first = """\n<Response Info>
HTTP/1.1 401 Unauthorized
www-Authenticate: Digest realm=\"Nobita.jp\", nonce=\"{0}\"
, qop=\"auth\", opaque=\"{1}\"
""".format(nonce, opaque)
sleep(1)
print(response_header_first)

def create_digest_by_username(nonce, cnonce, nonce_count=1, username="nobi", realm="Nobita.jp", password="nobita"):
    digest_args_first = username + ":" + realm + ":" + password
    first_digest = md5(digest_args_first.encode("utf-8")).hexdigest()
    method = "GET"
    uri = "/hoge"
    digest_args_second = method + ":" + uri
    second_digest = md5(digest_args_second.encode("utf-8")).hexdigest()
    digest_args_third = first_digest + ":" + nonce + ":" + str(nonce_count).zfill(8) + ":" + cnonce + ":" + "auth" + ":" + second_digest
    third_digest = md5(digest_args_third.encode("utf-8")).hexdigest()
    return third_digest

response = create_digest_by_username(nonce, cnonce)

request_header_second = """\n<Request Info>
GET /hoge HTTP/1.1
Host: nobita.jp
Authorization: Digest username=\"nobi\", realm=\"Nobita.jp\", nonce=\"{0}\",
uri=\"test\", qop=\"auth\", nc=00000001, cnonce=\"{1}\", response=\"{2}\",
opaque=\"{3}\"
""".format(nonce, cnonce, response, opaque)
sleep(1)
print(request_header_second)

3.実行結果

<Request Info>
GET /hoge HTTP/1.1            
Host:nobita.jp

<Response Info>
HTTP/1.1 401 Unauthorized
www-Authenticate: Digest realm="Nobita.jp", nonce="f1bc5e5831c7b0a788feac5e06738f4f485aa191c272edfc44f3ea175f1ca44d"
, qop="auth", opaque="ZG731LHyMNsdHuUie2bx1oc6Aw6VHrBw"

<Request Info>
GET /hoge HTTP/1.1
Host: nobita.jp
Authorization: Digest username="nobi", realm="Nobita.jp", nonce="f1bc5e5831c7b0a788feac5e06738f4f485aa191c272edfc44f3ea175f1ca44d",
uri="test", qop="auth", nc=00000001, cnonce="a16f70fedbd7108af7214a7c9df256b030078d77b047fd456bb1a874b0e1b3c1", response="5f59bb6a574bca38d73f665894c2ec98",
opaque="ZG731LHyMNsdHuUie2bx1oc6Aw6VHrBw"



この記事が気に入ったらサポートをしてみませんか?