Class: HTTPAuth::Digest::AuthenticationInfo

Inherits:
AbstractHeader show all
Defined in:
lib/httpauth/digest.rb

Overview

The AuthenticationInfo class handles the Authentication-Info header. Sending Authentication-Info headers will allow the client to check the integrity of the response, but it isn’t compulsory and will get in the way of pipelined retrieval of resources.

See the Digest module for examples

Instance Attribute Summary

Attributes inherited from AbstractHeader

#h

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from AbstractHeader

#method_missing

Constructor Details

#initialize(h, options = {}) ⇒ AuthenticationInfo

Create a new instance.

  • h: A Hash with directives, normally this is filled with the directives coming from a Credentials instance.

  • options: Used to set or override data from the Authentication-Info header

    • :digest: The digest for the specified username and realm.

    • :response_body The body of the response that’s going to be sent to the client. This is a compulsory option if the qop directive is ‘auth-int’.



485
486
487
488
 
# File 'lib/httpauth/digest.rb', line 485

def initialize(h, options={})
  @h = h
  @h.merge! options
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class HTTPAuth::Digest::AbstractHeader

Class Method Details

.from_credentials(credentials, options = {}) ⇒ Object

Creates a new AuthenticationInfo instance based on the information from Credentials instance.

  • credentials: A Credentials instance

See initialize for valid options.



471
472
473
474
475
 
# File 'lib/httpauth/digest.rb', line 471

def self.from_credentials(credentials, options={})
  auth_info = new credentials.h
  auth_info.update_from_credentials! options
  auth_info
end

.from_header(auth_info, options = {}) ⇒ Object

Parses the information from a Authentication-Info header and creates a new AuthenticationInfo instance with this data.

  • auth_info: The contents of the Authentication-Info header

See initialize for valid options.



463
464
465
 
# File 'lib/httpauth/digest.rb', line 463

def self.from_header(auth_info, options={})
  new Utils.decode_directives(auth_info, :auth), options
end

Instance Method Details

#to_headerObject

Encodes directives and returns a string that can be used as the AuthorizationInfo header



491
492
493
494
 
# File 'lib/httpauth/digest.rb', line 491

def to_header
  Utils.encode_directives Utils.filter_h_on(@h,
    [:nextnonce, :qop, :rspauth, :cnonce, :nc]), :auth
end

#update_from_credentials!(options) ⇒ Object

Updates @h from options, generally called after an instance was created with from_credentials.



497
498
499
500
501
502
503
504
505
 
# File 'lib/httpauth/digest.rb', line 497

def update_from_credentials!(options)
  # TODO: update @h after nonce invalidation
  [:digest, :username, :realm, :password].each do |k|
    @h[k] = options[k] if options.include? k
  end
  @h[:response_body] = options[:response_body]
  @h[:nextnonce] = Utils.create_nonce @h[:salt]
  @h[:rspauth] = Utils.calculate_digest(@h, nil, :response)
end

#validate(options) ⇒ Object

Validates rspauth. Returns true or false

  • options: The extra options needed to validate rspauth.

    • :digest: The H(a1) digest

    • :uri: request uri

    • :nonce:nonce



513
514
515
516
 
# File 'lib/httpauth/digest.rb', line 513

def validate(options)
  ho = @h.merge(options)
  return @h[:rspauth] == Utils.calculate_digest(ho, @s, :response)
end