Class: HTTPClient::WWWAuth

Inherits:

AuthFilterBase

• Object
• AuthFilterBase
• HTTPClient::WWWAuth

Defined in:

lib/httpclient/auth.rb

Overview

Authentication filter for handling authentication negotiation between Web server. Parses ‘WWW-Authentication’ header in response and generates ‘Authorization’ header in request.

Authentication filter is implemented using request filter of HTTPClient. It traps HTTP response header and maintains authentication state, and traps HTTP request header for inserting necessary authentication header.

WWWAuth has sub filters (BasicAuth, DigestAuth, and NegotiateAuth) and delegates some operations to it. NegotiateAuth requires ‘ruby/ntlm’ module.

Instance Attribute Summary

• #basic_auth ⇒ Object readonly

  Returns the value of attribute basic_auth.

• #digest_auth ⇒ Object readonly

  Returns the value of attribute digest_auth.

• #negotiate_auth ⇒ Object readonly

  Returns the value of attribute negotiate_auth.

Instance Method Summary

• #filter_request(req) ⇒ Object

  Filter API implementation.

• #filter_response(req, res) ⇒ Object

  Filter API implementation.

• #initialize ⇒ WWWAuth constructor

  Creates new WWWAuth.

• #reset_challenge ⇒ Object

  Resets challenge state.

• #set_auth(uri, user, passwd) ⇒ Object

  Set authentication credential.

Constructor Details

#initialize ⇒ WWWAuth

Creates new WWWAuth.

# File 'lib/httpclient/auth.rb', line 73

def initialize
  @basic_auth = BasicAuth.new
  @digest_auth = DigestAuth.new
  @negotiate_auth = NegotiateAuth.new
  # sort authenticators by priority
  @authenticator = [@negotiate_auth, @digest_auth, @basic_auth]
end

Instance Attribute Details

#basic_auth ⇒ Object (readonly)

Returns the value of attribute basic_auth.

# File 'lib/httpclient/auth.rb', line 68

def basic_auth
  @basic_auth
end

#digest_auth ⇒ Object (readonly)

Returns the value of attribute digest_auth.

# File 'lib/httpclient/auth.rb', line 69

def digest_auth
  @digest_auth
end

#negotiate_auth ⇒ Object (readonly)

Returns the value of attribute negotiate_auth.

# File 'lib/httpclient/auth.rb', line 70

def negotiate_auth
  @negotiate_auth
end

Instance Method Details

#filter_request(req) ⇒ Object

Filter API implementation. Traps HTTP request and insert ‘Authorization’ header if needed.

# File 'lib/httpclient/auth.rb', line 98

def filter_request(req)
  @authenticator.each do |auth|
    if cred = auth.get(req)
      req.header.set('Authorization', auth.scheme + " " + cred)
      return
    end
  end
end

#filter_response(req, res) ⇒ Object

Filter API implementation. Traps HTTP response and parses ‘WWW-Authenticate’ header.

# File 'lib/httpclient/auth.rb', line 109

def filter_response(req, res)
  command = nil
  if res.status == HTTP::Status::UNAUTHORIZED
    if challenge = parse_authentication_header(res, 'www-authenticate')
      uri = req.header.request_uri
      challenge.each do |scheme, param_str|
        @authenticator.each do |auth|
          if scheme.downcase == auth.scheme.downcase
            challengeable = auth.challenge(uri, param_str)
            command = :retry if challengeable
          end
        end
      end
      # ignore unknown authentication scheme
    end
  end
  command
end

#reset_challenge ⇒ Object

Resets challenge state. See sub filters for more details.

# File 'lib/httpclient/auth.rb', line 82

def reset_challenge
  @authenticator.each do |auth|
    auth.reset_challenge
  end
end

#set_auth(uri, user, passwd) ⇒ Object

Set authentication credential. See sub filters for more details.

# File 'lib/httpclient/auth.rb', line 89

def set_auth(uri, user, passwd)
  @authenticator.each do |auth|
    auth.set(uri, user, passwd)
  end
  reset_challenge
end