Class: HTTPAuth::Digest::AuthenticationInfo

Inherits:
AbstractHeader show all
Defined in:
lib/httpauth/digest.rb

Overview

The AuthenticationInfo class handles the Authentication-Info header. Sending Authentication-Info headers will allow the client to check the integrity of the response, but it isn’t compulsory and will get in the way of pipelined retrieval of resources.

See the Digest module for examples

Instance Attribute Summary

Attributes inherited from AbstractHeader

#h

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from AbstractHeader

#method_missing

Constructor Details

#initialize(h, options = {}) ⇒ AuthenticationInfo

Create a new instance.

  • h: A Hash with directives, normally this is filled with the directives coming from a Credentials instance.

  • options: Used to set or override data from the Authentication-Info header

    • :digest: The digest for the specified username and realm.

    • :response_body The body of the response that’s going to be sent to the client. This is a compulsory option if the qop directive is ‘auth-int’.



488
489
490
491
 
# File 'lib/httpauth/digest.rb', line 488

def initialize(h, options = {})
  @h = h
  @h.merge! options
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class HTTPAuth::Digest::AbstractHeader

Class Method Details

.from_credentials(credentials, options = {}) ⇒ Object

Creates a new AuthenticationInfo instance based on the information from Credentials instance.

  • credentials: A Credentials instance

See initialize for valid options.



474
475
476
477
478
 
# File 'lib/httpauth/digest.rb', line 474

def self.from_credentials(credentials, options = {})
  auth_info = new credentials.h
  auth_info.update_from_credentials! options
  auth_info
end

.from_header(auth_info, options = {}) ⇒ Object

Parses the information from a Authentication-Info header and creates a new AuthenticationInfo instance with this data.

  • auth_info: The contents of the Authentication-Info header

See initialize for valid options.



466
467
468
 
# File 'lib/httpauth/digest.rb', line 466

def self.from_header(auth_info, options = {})
  new Utils.decode_directives(auth_info, :auth), options
end

Instance Method Details

#to_headerObject

Encodes directives and returns a string that can be used as the AuthorizationInfo header



494
495
496
497
 
# File 'lib/httpauth/digest.rb', line 494

def to_header
  Utils.encode_directives Utils.filter_h_on(@h,
                                            [:nextnonce, :qop, :rspauth, :cnonce, :nc]), :auth
end

#update_from_credentials!(options) ⇒ Object

Updates @h from options, generally called after an instance was created with from_credentials.



500
501
502
503
504
505
506
507
508
 
# File 'lib/httpauth/digest.rb', line 500

def update_from_credentials!(options)
  # TODO: update @h after nonce invalidation
  [:digest, :username, :realm, :password].each do |k|
    @h[k] = options[k] if options.include? k
  end
  @h[:response_body] = options[:response_body]
  @h[:nextnonce] = Utils.create_nonce @h[:salt]
  @h[:rspauth] = Utils.calculate_digest(@h, nil, :response)
end

#validate(options) ⇒ Object

Validates rspauth. Returns true or false

  • options: The extra options needed to validate rspauth.

    • :digest: The H(a1) digest

    • :uri: request uri

    • :nonce:nonce



516
517
518
519
 
# File 'lib/httpauth/digest.rb', line 516

def validate(options)
  ho = @h.merge(options)
  @h[:rspauth] == Utils.calculate_digest(ho, @s, :response)
end