Class: HTTPClient::NegotiateAuth
- Inherits:
-
Object
- Object
- HTTPClient::NegotiateAuth
- Includes:
- Mutex_m
- Defined in:
- lib/httpclient/auth.rb
Overview
Authentication filter for handling Negotiate/NTLM negotiation. Used in WWWAuth and ProxyAuth.
NegotiateAuth depends on ‘ruby/ntlm’ module.
Instance Attribute Summary collapse
-
#ntlm_opt ⇒ Object
readonly
NTLM opt for ruby/ntlm.
-
#scheme ⇒ Object
readonly
Authentication scheme.
Instance Method Summary collapse
-
#challenge(uri, param_str) ⇒ Object
Challenge handler: remember URL and challenge token for response.
-
#get(req) ⇒ Object
Response handler: returns credential.
-
#initialize(scheme = "Negotiate") ⇒ NegotiateAuth
constructor
Creates new NegotiateAuth filter.
-
#reset_challenge ⇒ Object
Resets challenge state.
-
#set(uri, user, passwd) ⇒ Object
Set authentication credential.
-
#set? ⇒ Boolean
have we marked this as set - ie that it’s valid to use in this context?.
Constructor Details
#initialize(scheme = "Negotiate") ⇒ NegotiateAuth
Creates new NegotiateAuth filter.
528 529 530 531 532 533 534 535 536 537 538 |
# File 'lib/httpclient/auth.rb', line 528 def initialize(scheme = "Negotiate") super() @auth = {} @auth_default = nil @challenge = {} @scheme = scheme @set = false @ntlm_opt = { :ntlmv2 => true } end |
Instance Attribute Details
#ntlm_opt ⇒ Object (readonly)
NTLM opt for ruby/ntlm. => true by default.
525 526 527 |
# File 'lib/httpclient/auth.rb', line 525 def ntlm_opt @ntlm_opt end |
#scheme ⇒ Object (readonly)
Authentication scheme.
523 524 525 |
# File 'lib/httpclient/auth.rb', line 523 def scheme @scheme end |
Instance Method Details
#challenge(uri, param_str) ⇒ Object
Challenge handler: remember URL and challenge token for response.
608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 |
# File 'lib/httpclient/auth.rb', line 608 def challenge(uri, param_str) return false unless NTLMEnabled synchronize { if param_str.nil? or @challenge[uri].nil? c = @challenge[uri] = {} c[:state] = :init c[:authphrase] = "" else c = @challenge[uri] c[:state] = :response c[:authphrase] = param_str end true } end |
#get(req) ⇒ Object
Response handler: returns credential. See ruby/ntlm for negotiation state transition.
571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 |
# File 'lib/httpclient/auth.rb', line 571 def get(req) return nil unless NTLMEnabled target_uri = req.header.request_uri synchronize { domain_uri, param = @challenge.find { |uri, v| Util.uri_part_of(target_uri, uri) } return nil unless param user, passwd = Util.hash_find_value(@auth) { |uri, auth_data| Util.uri_part_of(target_uri, uri) } unless user user, passwd = @auth_default end return nil unless user domain = nil domain, user = user.split("\\") if user.index("\\") state = param[:state] authphrase = param[:authphrase] case state when :init t1 = Net::NTLM::Message::Type1.new t1.domain = domain if domain return t1.encode64 when :response t2 = Net::NTLM::Message.decode64(authphrase) param = {:user => user, :password => passwd} param[:domain] = domain if domain t3 = t2.response(param, @ntlm_opt.dup) @challenge.delete(domain_uri) return t3.encode64 end nil } end |
#reset_challenge ⇒ Object
Resets challenge state. Do not send ‘*Authorization’ header until the server sends ‘*Authentication’ again.
542 543 544 545 546 |
# File 'lib/httpclient/auth.rb', line 542 def reset_challenge synchronize do @challenge.clear end end |
#set(uri, user, passwd) ⇒ Object
Set authentication credential. uri == nil for generic purpose (allow to use user/password for any URL).
550 551 552 553 554 555 556 557 558 559 560 |
# File 'lib/httpclient/auth.rb', line 550 def set(uri, user, passwd) synchronize do if uri uri = Util.uri_dirname(uri) @auth[uri] = [user, passwd] else @auth_default = [user, passwd] end @set = true end end |
#set? ⇒ Boolean
have we marked this as set - ie that it’s valid to use in this context?
563 564 565 566 567 |
# File 'lib/httpclient/auth.rb', line 563 def set? synchronize { @set == true } end |