Message 115207 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	warpr
Recipients	warpr
Date	2010-08-30.11:54:14
SpamBayes Score	3.880894e-05
Marked as misclassified	No
Message-id	<1283169256.94.0.0442479793498.issue9714@psf.upfronthosting.co.za>
In-reply-to

Content
In the WWW-Authenticate header Catalyst::Authentication::Credential::HTTP sends the following value for qop: qop="auth,auth-int" This is identical to the example given in section 3.5 of the RFC (http://tools.ietf.org/html/rfc2617#section-3.5 ), so I assume this is correct. urllib2 does not expect multiple values for qop, and only works when qop="auth". I've managed to work around it with: class DigestAuthHandler (urllib2.HTTPDigestAuthHandler): def get_authorization (self, req, chal): qop = chal.get ('qop', None) if qop and ',' in qop and 'auth' in qop.split (','): chal['qop'] = 'auth' return urllib2.HTTPDigestAuthHandler.get_authorization (self, req, chal)

In the WWW-Authenticate header Catalyst::Authentication::Credential::HTTP sends the following value for qop:

qop="auth,auth-int"

This is identical to the example given in section 3.5 of the RFC (http://tools.ietf.org/html/rfc2617#section-3.5 ), so I assume this is correct.

urllib2 does not expect multiple values for qop, and only works when qop="auth".

I've managed to work around it with:

class DigestAuthHandler (urllib2.HTTPDigestAuthHandler):
    def get_authorization (self, req, chal):
        qop = chal.get ('qop', None)
        if qop and ',' in qop and 'auth' in qop.split (','):
            chal['qop'] = 'auth'

        return urllib2.HTTPDigestAuthHandler.get_authorization (self, req, chal)

History
Date	User	Action	Args
2010-08-30 11:54:17	warpr	set	recipients: + warpr
2010-08-30 11:54:16	warpr	set	messageid: <1283169256.94.0.0442479793498.issue9714@psf.upfronthosting.co.za>
2010-08-30 11:54:15	warpr	link	issue9714 messages
2010-08-30 11:54:15	warpr	create