Class: HTTP::Features::DigestAuth

Inherits:
HTTP::Feature show all
Defined in:
lib/http/features/digest_auth.rb

Overview

Implements HTTP Digest Authentication (RFC 2617 / RFC 7616)

When a server responds with 401 and a Digest challenge, this feature automatically computes the digest response and retries the request with the correct Authorization header.

Constant Summary collapse

ALGORITHMS =

Supported hash algorithms

{
  "MD5"          => Digest::MD5,
  "SHA-256"      => Digest::SHA256,
  "MD5-sess"     => Digest::MD5,
  "SHA-256-sess" => Digest::SHA256
}.freeze
WWW_AUTHENTICATE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

WWW-Authenticate header name

"WWW-Authenticate"

Instance Method Summary collapse

Methods inherited from HTTP::Feature

#on_error, #on_request, #wrap_request, #wrap_response

Constructor Details

#initialize(user:, pass:) ⇒ DigestAuth

Initialize the DigestAuth feature

Examples:

DigestAuth.new(user: "admin", pass: "secret")

Parameters:

  • user (String)

    username for authentication

  • pass (String)

    password for authentication



35
36
37
38
 
# File 'lib/http/features/digest_auth.rb', line 35

def initialize(user:, pass:)
  @user = user
  @pass = pass
end

Instance Method Details

#around_request(request) {|HTTP::Request| ... } ⇒ HTTP::Response

Wraps the HTTP exchange to handle digest authentication challenges

On a 401 with a Digest WWW-Authenticate header, flushes the error response, computes digest credentials, and retries the request.

Examples:

feature.around_request(request) { |req| perform(req) }

Parameters:

Yields:

Yield Returns:

Returns:



53
54
55
56
57
58
59
 
# File 'lib/http/features/digest_auth.rb', line 53

def around_request(request)
  response = yield request
  return response unless digest_challenge?(response)

  response.flush
  yield authorize(request, response)
end