Class: WEBrick::HTTPAuth::DigestAuth

Inherits:

Object

• Object
• WEBrick::HTTPAuth::DigestAuth

Includes:

Authenticator

Defined in:

lib/webrick/httpauth/digestauth.rb

Direct Known Subclasses

ProxyDigestAuth

Defined Under Namespace

Classes: OpaqueInfo

Constant Summary

AuthScheme =

"Digest"

MustParams =

['username','realm','nonce','uri','response']

MustParamsAuth =

['cnonce','nc']

Constants included from Authenticator

Authenticator::AuthException, Authenticator::RequestField, Authenticator::ResponseField, Authenticator::ResponseInfoField

Instance Attribute Summary

• #algorithm ⇒ Object readonly

  Returns the value of attribute algorithm.

• #qop ⇒ Object readonly

  Returns the value of attribute qop.

Attributes included from Authenticator

#logger, #realm, #userdb

Class Method Summary

• .make_passwd(realm, user, pass) ⇒ Object

Instance Method Summary

• #authenticate(req, res) ⇒ Object
• #challenge(req, res, stale = false) ⇒ Object
• #initialize(config, default = Config::DigestAuth) ⇒ DigestAuth constructor

  A new instance of DigestAuth.

Constructor Details

#initialize(config, default = Config::DigestAuth) ⇒ DigestAuth

Returns a new instance of DigestAuth.

# File 'lib/webrick/httpauth/digestauth.rb', line 34

def initialize(config, default=Config::DigestAuth)
  check_init(config)
  @config                 = default.dup.update(config)
  @algorithm              = @config[:Algorithm]
  @domain                 = @config[:Domain]
  @qop                    = @config[:Qop]
  @use_opaque             = @config[:UseOpaque]
  @use_next_nonce         = @config[:UseNextNonce]
  @check_nc               = @config[:CheckNc]
  @use_auth_info_header   = @config[:UseAuthenticationInfoHeader]
  @nonce_expire_period    = @config[:NonceExpirePeriod]
  @nonce_expire_delta     = @config[:NonceExpireDelta]
  @internet_explorer_hack = @config[:InternetExplorerHack]
  @opera_hack             = @config[:OperaHack]

  case @algorithm
  when 'MD5','MD5-sess'
    @h = Digest::MD5
  when 'SHA1','SHA1-sess'  # it is a bonus feature :-)
    @h = Digest::SHA1
  else
    msg = format('Alogrithm "%s" is not supported.', @algorithm)
    raise ArgumentError.new(msg)
  end

  @instance_key = hexdigest(self.__id__, Time.now.to_i, Process.pid)
  @opaques = {}
  @last_nonce_expire = Time.now
  @mutex = Mutex.new
end

Instance Attribute Details

#algorithm ⇒ Object (readonly)

Returns the value of attribute algorithm

# File 'lib/webrick/httpauth/digestauth.rb', line 27

def algorithm
  @algorithm
end

#qop ⇒ Object (readonly)

Returns the value of attribute qop

# File 'lib/webrick/httpauth/digestauth.rb', line 27

def qop
  @qop
end

Class Method Details

.make_passwd(realm, user, pass) ⇒ Object

# File 'lib/webrick/httpauth/digestauth.rb', line 29

def self.make_passwd(realm, user, pass)
  pass ||= ""
  Digest::MD5::hexdigest([user, realm, pass].join(":"))
end

Instance Method Details

#authenticate(req, res) ⇒ Object

# File 'lib/webrick/httpauth/digestauth.rb', line 65

def authenticate(req, res)
  unless result = @mutex.synchronize{ _authenticate(req, res) }
    challenge(req, res)
  end
  if result == :nonce_is_stale
    challenge(req, res, true)
  end
  return true
end

#challenge(req, res, stale = false) ⇒ Object

Raises:

• (@auth_exception)

# File 'lib/webrick/httpauth/digestauth.rb', line 75

def challenge(req, res, stale=false)
  nonce = generate_next_nonce(req)
  if @use_opaque
    opaque = generate_opaque(req)
    @opaques[opaque].nonce = nonce
  end

  param = Hash.new
  param["realm"]  = HTTPUtils::quote(@realm)
  param["domain"] = HTTPUtils::quote(@domain.to_a.join(" ")) if @domain
  param["nonce"]  = HTTPUtils::quote(nonce)
  param["opaque"] = HTTPUtils::quote(opaque) if opaque
  param["stale"]  = stale.to_s
  param["algorithm"] = @algorithm
  param["qop"]    = HTTPUtils::quote(@qop.to_a.join(",")) if @qop

  res[@response_field] =
    "#{@auth_scheme} " + param.map{|k,v| "#{k}=#{v}" }.join(", ")
  info("%s: %s", @response_field, res[@response_field]) if $DEBUG
  raise @auth_exception
end