Module: Atom::DigestAuth

digest_authenticate(req, url, param_string = "")

HTTP Digest authentication (RFC 2617)

    # File lib/atom/http.rb, line 43
43:     def digest_authenticate(req, url, param_string = "")
44:       raise "Digest authentication requires a WWW-Authenticate header" if param_string.empty?
45: 
46:       params = parse_wwwauth_digest(param_string)
47:       qop = params[:qop]
48: 
49:       user, pass = username_and_password_for_realm(url, params[:realm])
50: 
51:       if params[:algorithm] == "MD5"
52:         a1 = user + ":" + params[:realm] + ":" + pass
53:       else
54:         # XXX MD5-sess
55:         raise "I only support MD5 digest authentication (not #{params[:algorithm].inspect})"
56:       end
57: 
58:       if qop.nil? or qop.member? "auth"
59:         a2 = req.method + ":" + req.path
60:       else
61:         # XXX auth-int
62:         raise "only 'auth' qop supported (none of: #{qop.inspect})"
63:       end
64: 
65:       if qop.nil?
66:         response = kd(h(a1), params[:nonce] + ":" + h(a2))
67:       else
68:         @@nonce_count += 1
69:         nc = ('%08x' % @@nonce_count) 
70:    
71:         # XXX auth-int
72:         data = "#{params[:nonce]}:#{nc}:#{CNONCE}:#{"auth"}:#{h(a2)}"
73: 
74:         response = kd(h(a1), data)
75:       end
76: 
77:       header = %Q<Digest username="#{user}", uri="#{req.path}", realm="#{params[:realm]}", response="#{response}", nonce="#{params[:nonce]}">
78:    
79:       if params[:opaque]
80:         header += %Q<, opaque="#{params[:opaque]}">
81:       end
82: 
83:       if params[:algorithm] != "MD5"
84:         header += ", algorithm=#{algo}"
85:       end
86: 
87:       if qop
88:         # XXX auth-int
89:         header += %Q<, nc=#{nc}, cnonce="#{CNONCE}", qop=auth>
90:       end
91: 
92:       req["Authorization"] = header
93:     end

h(data)

[Source]

    # File lib/atom/http.rb, line 39
39:     def h(data); Digest::MD5.hexdigest(data); end

kd(secret, data)

[Source]

    # File lib/atom/http.rb, line 40
40:     def kd(secret, data); h(secret + ":" + data); end

parse_wwwauth_digest(param_string)

quoted-strings plus a few special cases for Digest

[Source]

    # File lib/atom/http.rb, line 25
25:     def parse_wwwauth_digest param_string
26:       params = parse_quoted_wwwauth param_string
27:       qop = params[:qop] ? params[:qop].split(",") : nil
28: 
29:       param_string.gsub(/stale=([^,]*)/) do
30:         params[:stale] = ($1.downcase == "true")
31:       end
32: 
33:       params[:algorithm] = "MD5"
34:       param_string.gsub(/algorithm=([^,]*)/) { params[:algorithm] = $1 }
35: 
36:       params
37:     end

Methods

Constants

Public Instance methods