copitux · February 25, 2013 13:42 · copitux · May 6, 2013 · kristianperkins · May 14, 2017
diff --git a/wsse.py b/wsse.py
 from base64 import b64encode

 from suds.wsse import UsernameToken

 try:
    from haslib import sha1
 except:
    from sha import new as sha1


 class UsernameDigestToken(UsernameToken):
    """
    Represents a basic I{UsernameToken} WS-Security token with password digest
    @ivar username: A username.
    @type username: str
    @ivar password: A password.
    @type password: str
    @ivar nonce: A set of bytes to prevent reply attacks.
    @type nonce: str
    @ivar created: The token created.
    @type created: L{datetime}

    @doc: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf
    """

    def __init__(self, username=None, password=None):
        UsernameToken.__init__(self, username, password)
        self.setcreated()
        self.setnonce()

    def setnonce(self, text=None):
        """
        Set I{nonce} which is arbitraty set of bytes to prevent
        reply attacks.
        @param text: The nonce text value.
            Generated when I{None}.
        @type text: str

        @override: Nonce save binary string to build digest password
        """
        if text is None:
            s = []
            s.append(self.username)
            s.append(self.password)
            s.append(Token.sysdate())
            m = md5()
            m.update(':'.join(s))
            self.raw_nonce = m.digest()
            self.nonce = b64encode(self.raw_nonce)
        else:
            self.nonce = text

    def xml(self):
        usernametoken = UsernameToken.xml(self)
        password = usernametoken.getChild('Password')
        nonce = usernametoken.getChild('Nonce')
        created = usernametoken.getChild('Created')
        password.set('Type', 'http://docs.oasis-open.org/wss/2004/01/'
                             'oasis-200401-wss-username-token-profile-1.0'
                             '#PasswordDigest')
        s = sha1()
        s.update(self.raw_nonce)
        s.update(created.getText())
        s.update(password.getText())
        password.setText(b64encode(s.digest()))
        nonce.set('EncodingType', 'http://docs.oasis-open.org/wss/2004'
            '/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary')
        return usernametoken
	from base64 import b64encode

	from suds.wsse import UsernameToken

	try:
	from haslib import sha1
	except:
	from sha import new as sha1


	class UsernameDigestToken(UsernameToken):
	"""
	Represents a basic I{UsernameToken} WS-Security token with password digest
	@ivar username: A username.
	@type username: str
	@ivar password: A password.
	@type password: str
	@ivar nonce: A set of bytes to prevent reply attacks.
	@type nonce: str
	@ivar created: The token created.
	@type created: L{datetime}

	@doc: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf
	"""

	def __init__(self, username=None, password=None):
	UsernameToken.__init__(self, username, password)
	self.setcreated()
	self.setnonce()

	def setnonce(self, text=None):
	"""
	Set I{nonce} which is arbitraty set of bytes to prevent
	reply attacks.
	@param text: The nonce text value.
	Generated when I{None}.
	@type text: str

	@override: Nonce save binary string to build digest password
	"""
	if text is None:
	s = []
	s.append(self.username)
	s.append(self.password)
	s.append(Token.sysdate())
	m = md5()
	m.update(':'.join(s))
	self.raw_nonce = m.digest()
	self.nonce = b64encode(self.raw_nonce)
	else:
	self.nonce = text

	def xml(self):
	usernametoken = UsernameToken.xml(self)
	password = usernametoken.getChild('Password')
	nonce = usernametoken.getChild('Nonce')
	created = usernametoken.getChild('Created')
	password.set('Type', 'http://docs.oasis-open.org/wss/2004/01/'
	'oasis-200401-wss-username-token-profile-1.0'
	'#PasswordDigest')
	s = sha1()
	s.update(self.raw_nonce)
	s.update(created.getText())
	s.update(password.getText())
	password.setText(b64encode(s.digest()))
	nonce.set('EncodingType', 'http://docs.oasis-open.org/wss/2004'
	'/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary')
	return usernametoken