Class: HTTPClient::NegotiateAuth
- Inherits:
-
Object
- Object
- HTTPClient::NegotiateAuth
- Defined in:
- lib/httpclient/auth.rb
Overview
Authentication filter for handling Negotiate/NTLM negotiation. Used in WWWAuth and ProxyAuth.
NegotiateAuth depends on ‘ruby/ntlm’ module.
Instance Attribute Summary collapse
-
#ntlm_opt ⇒ Object
readonly
NTLM opt for ruby/ntlm.
-
#scheme ⇒ Object
readonly
Authentication scheme.
Instance Method Summary collapse
-
#challenge(uri, param_str) ⇒ Object
Challenge handler: remember URL and challenge token for response.
-
#get(req) ⇒ Object
Response handler: returns credential.
-
#initialize ⇒ NegotiateAuth
constructor
Creates new NegotiateAuth filter.
-
#reset_challenge ⇒ Object
Resets challenge state.
-
#set(uri, user, passwd) ⇒ Object
Set authentication credential.
Constructor Details
#initialize ⇒ NegotiateAuth
Creates new NegotiateAuth filter.
367 368 369 370 371 372 373 374 375 |
# File 'lib/httpclient/auth.rb', line 367 def initialize @auth = {} @auth_default = nil @challenge = {} @scheme = "Negotiate" @ntlm_opt = { :ntlmv2 => true } end |
Instance Attribute Details
#ntlm_opt ⇒ Object (readonly)
NTLM opt for ruby/ntlm. => true by default.
364 365 366 |
# File 'lib/httpclient/auth.rb', line 364 def ntlm_opt @ntlm_opt end |
#scheme ⇒ Object (readonly)
Authentication scheme.
362 363 364 |
# File 'lib/httpclient/auth.rb', line 362 def scheme @scheme end |
Instance Method Details
#challenge(uri, param_str) ⇒ Object
Challenge handler: remember URL and challenge token for response.
426 427 428 429 430 431 432 433 434 435 436 437 438 |
# File 'lib/httpclient/auth.rb', line 426 def challenge(uri, param_str) return false unless NTLMEnabled if param_str.nil? or @challenge[uri].nil? c = @challenge[uri] = {} c[:state] = :init c[:authphrase] = "" else c = @challenge[uri] c[:state] = :response c[:authphrase] = param_str end true end |
#get(req) ⇒ Object
Response handler: returns credential. See ruby/ntlm for negotiation state transition.
396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 |
# File 'lib/httpclient/auth.rb', line 396 def get(req) return nil unless NTLMEnabled target_uri = req.header.request_uri domain_uri, param = @challenge.find { |uri, v| Util.uri_part_of(target_uri, uri) } return nil unless param user, passwd = Util.hash_find_value(@auth) { |uri, auth_data| Util.uri_part_of(target_uri, uri) } unless user user, passwd = @auth_default end return nil unless user state = param[:state] authphrase = param[:authphrase] case state when :init t1 = Net::NTLM::Message::Type1.new return t1.encode64 when :response t2 = Net::NTLM::Message.decode64(authphrase) t3 = t2.response({:user => user, :password => passwd}, @ntlm_opt.dup) @challenge.delete(domain_uri) return t3.encode64 end nil end |
#reset_challenge ⇒ Object
Resets challenge state. Do not send ‘*Authorization’ header until the server sends ‘*Authentication’ again.
379 380 381 |
# File 'lib/httpclient/auth.rb', line 379 def reset_challenge @challenge.clear end |
#set(uri, user, passwd) ⇒ Object
Set authentication credential. uri == nil for generic purpose (allow to use user/password for any URL).
385 386 387 388 389 390 391 392 |
# File 'lib/httpclient/auth.rb', line 385 def set(uri, user, passwd) if uri uri = Util.uri_dirname(uri) @auth[uri] = [user, passwd] else @auth_default = [user, passwd] end end |