Issue 9698: When reusing an handler, urllib(2)'s digest authentication fails after multiple regative replies

classification

Title:	When reusing an handler, urllib(2)'s digest authentication fails after multiple regative replies
Type:	behavior	Stage:
Components:	Library (Lib)	Versions:	Python 3.2, Python 3.1, Python 2.7, Python 2.6

process

Status:	open	Resolution:
Dependencies:		Superseder:
Assigned To:		Nosy List:	Luci.Stanescu, kiilerix, orsenthil
Priority:	normal	Keywords:

Created on 2010-08-27 06:59 by Luci.Stanescu, last changed 2010-08-27 13:18 by kiilerix.

Files
File name	Uploaded	Description	Edit
test_urllib2.py	Luci.Stanescu, 2010-08-27 06:59

Messages (1)
msg115054 - (view)	Author: Luci Stanescu (Luci.Stanescu)	Date: 2010-08-27 06:59
Hi, The HTTPDigestAuthHandler's code looks like this: def http_error_401(self, req, fp, code, msg, headers): host = urlparse(req.full_url)[1] retry = self.http_error_auth_reqed('www-authenticate', host, req, headers) self.reset_retry_count() return retry After successful authentication, the HTTP server might still return an error code, such as 404 or 304. In that case, self.http_error_auth_reqed raises the appropriate HTTPError and self.reset_retry_count is not called. I think that the code should be something along the lines of: try: retry = self.http_error_auth_reqed('www-authenticate', host, req, headers) except HTTPError, e: if e.code != 401: self.reset_retry_counter() raise else: self.reset_retry_counter() return retry Ways to reproduce the problem: try to access a resource for which an HTTP server requires authentication but for which after successful authentication returns a negative reply. I've attached an example script to demonstrate it (for python 2.X; bug also resent in 3.X, just replace import urllib2 with from urllib import request as urllib2 ;-) ). The same problem applies to ProxyDigestAuthHandler.

msg115054 - (view)

Author: Luci Stanescu (Luci.Stanescu)

Date: 2010-08-27 06:59

Hi,

The HTTPDigestAuthHandler's code looks like this:

    def http_error_401(self, req, fp, code, msg, headers):
        host = urlparse(req.full_url)[1]
        retry = self.http_error_auth_reqed('www-authenticate',
                                           host, req, headers)
        self.reset_retry_count()
        return retry

After successful authentication, the HTTP server might still return an error code, such as 404 or 304. In that case, self.http_error_auth_reqed raises the appropriate HTTPError and self.reset_retry_count is not called. I think that the code should be something along the lines of:

try:
  retry = self.http_error_auth_reqed('www-authenticate', host, req, headers)
except HTTPError, e:
  if e.code != 401:
    self.reset_retry_counter()
  raise
else:
  self.reset_retry_counter()
  return retry

Ways to reproduce the problem: try to access a resource for which an HTTP server requires authentication but for which after successful authentication returns a negative reply. I've attached an example script to demonstrate it (for python 2.X; bug also resent in 3.X, just replace import urllib2 with from urllib import request as urllib2 ;-) ).

The same problem applies to ProxyDigestAuthHandler.

History
Date	User	Action	Args
2010-08-27 13:18:34	kiilerix	set	nosy: + kiilerix
2010-08-27 12:50:44	r.david.murray	set	nosy: + orsenthil versions: - Python 2.5, Python 3.3
2010-08-27 06:59:26	Luci.Stanescu	create