Class: HTTPClient::NegotiateAuth
- Inherits:
-
Object
- Object
- HTTPClient::NegotiateAuth
- Defined in:
- lib/httpclient/auth.rb
Overview
Authentication filter for handling Negotiate/NTLM negotiation. Used in WWWAuth and ProxyAuth.
NegotiateAuth depends on ‘ruby/ntlm’ module.
Instance Attribute Summary collapse
-
#ntlm_opt ⇒ Object
readonly
NTLM opt for ruby/ntlm.
-
#scheme ⇒ Object
readonly
Authentication scheme.
Instance Method Summary collapse
-
#challenge(uri, param_str) ⇒ Object
Challenge handler: remember URL and challenge token for response.
-
#get(req) ⇒ Object
Response handler: returns credential.
-
#initialize(scheme = "Negotiate") ⇒ NegotiateAuth
constructor
Creates new NegotiateAuth filter.
-
#reset_challenge ⇒ Object
Resets challenge state.
-
#set(uri, user, passwd) ⇒ Object
Set authentication credential.
Constructor Details
#initialize(scheme = "Negotiate") ⇒ NegotiateAuth
Creates new NegotiateAuth filter.
387 388 389 390 391 392 393 394 395 |
# File 'lib/httpclient/auth.rb', line 387 def initialize(scheme = "Negotiate") @auth = {} @auth_default = nil @challenge = {} @scheme = scheme @ntlm_opt = { :ntlmv2 => true } end |
Instance Attribute Details
#ntlm_opt ⇒ Object (readonly)
NTLM opt for ruby/ntlm. => true by default.
384 385 386 |
# File 'lib/httpclient/auth.rb', line 384 def ntlm_opt @ntlm_opt end |
#scheme ⇒ Object (readonly)
Authentication scheme.
382 383 384 |
# File 'lib/httpclient/auth.rb', line 382 def scheme @scheme end |
Instance Method Details
#challenge(uri, param_str) ⇒ Object
Challenge handler: remember URL and challenge token for response.
446 447 448 449 450 451 452 453 454 455 456 457 458 |
# File 'lib/httpclient/auth.rb', line 446 def challenge(uri, param_str) return false unless NTLMEnabled if param_str.nil? or @challenge[uri].nil? c = @challenge[uri] = {} c[:state] = :init c[:authphrase] = "" else c = @challenge[uri] c[:state] = :response c[:authphrase] = param_str end true end |
#get(req) ⇒ Object
Response handler: returns credential. See ruby/ntlm for negotiation state transition.
416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 |
# File 'lib/httpclient/auth.rb', line 416 def get(req) return nil unless NTLMEnabled target_uri = req.header.request_uri domain_uri, param = @challenge.find { |uri, v| Util.uri_part_of(target_uri, uri) } return nil unless param user, passwd = Util.hash_find_value(@auth) { |uri, auth_data| Util.uri_part_of(target_uri, uri) } unless user user, passwd = @auth_default end return nil unless user state = param[:state] authphrase = param[:authphrase] case state when :init t1 = Net::NTLM::Message::Type1.new return t1.encode64 when :response t2 = Net::NTLM::Message.decode64(authphrase) t3 = t2.response({:user => user, :password => passwd}, @ntlm_opt.dup) @challenge.delete(domain_uri) return t3.encode64 end nil end |
#reset_challenge ⇒ Object
Resets challenge state. Do not send ‘*Authorization’ header until the server sends ‘*Authentication’ again.
399 400 401 |
# File 'lib/httpclient/auth.rb', line 399 def reset_challenge @challenge.clear end |
#set(uri, user, passwd) ⇒ Object
Set authentication credential. uri == nil for generic purpose (allow to use user/password for any URL).
405 406 407 408 409 410 411 412 |
# File 'lib/httpclient/auth.rb', line 405 def set(uri, user, passwd) if uri uri = Util.uri_dirname(uri) @auth[uri] = [user, passwd] else @auth_default = [user, passwd] end end |