Class: HTTPClient::ProxyAuth
- Inherits:
-
AuthFilterBase
- Object
- AuthFilterBase
- HTTPClient::ProxyAuth
- Defined in:
- lib/httpclient/auth.rb
Overview
Authentication filter for handling authentication negotiation between Proxy server. Parses ‘Proxy-Authentication’ header in response and generates ‘Proxy-Authorization’ header in request.
Authentication filter is implemented using request filter of HTTPClient. It traps HTTP response header and maintains authentication state, and traps HTTP request header for inserting necessary authentication header.
ProxyAuth has sub filters (BasicAuth, NegotiateAuth, and SSPINegotiateAuth) and delegates some operations to it. NegotiateAuth requires ‘ruby/ntlm’ module. SSPINegotiateAuth requires ‘win32/sspi’ module.
Instance Attribute Summary collapse
-
#basic_auth ⇒ Object
readonly
Returns the value of attribute basic_auth.
-
#digest_auth ⇒ Object
readonly
Returns the value of attribute digest_auth.
-
#negotiate_auth ⇒ Object
readonly
Returns the value of attribute negotiate_auth.
-
#sspi_negotiate_auth ⇒ Object
readonly
Returns the value of attribute sspi_negotiate_auth.
Instance Method Summary collapse
-
#filter_request(req) ⇒ Object
Filter API implementation.
-
#filter_response(req, res) ⇒ Object
Filter API implementation.
-
#initialize ⇒ ProxyAuth
constructor
Creates new ProxyAuth.
-
#reset_challenge ⇒ Object
Resets challenge state.
-
#set_auth(user, passwd) ⇒ Object
Set authentication credential.
Constructor Details
#initialize ⇒ ProxyAuth
Creates new ProxyAuth.
158 159 160 161 162 163 164 165 166 |
# File 'lib/httpclient/auth.rb', line 158 def initialize @basic_auth = ProxyBasicAuth.new @negotiate_auth = NegotiateAuth.new @ntlm_auth = NegotiateAuth.new('NTLM') @sspi_negotiate_auth = SSPINegotiateAuth.new @digest_auth = ProxyDigestAuth.new # sort authenticators by priority @authenticator = [@negotiate_auth, @ntlm_auth, @sspi_negotiate_auth, @digest_auth, @basic_auth] end |
Instance Attribute Details
#basic_auth ⇒ Object (readonly)
Returns the value of attribute basic_auth.
152 153 154 |
# File 'lib/httpclient/auth.rb', line 152 def basic_auth @basic_auth end |
#digest_auth ⇒ Object (readonly)
Returns the value of attribute digest_auth.
153 154 155 |
# File 'lib/httpclient/auth.rb', line 153 def digest_auth @digest_auth end |
#negotiate_auth ⇒ Object (readonly)
Returns the value of attribute negotiate_auth.
154 155 156 |
# File 'lib/httpclient/auth.rb', line 154 def negotiate_auth @negotiate_auth end |
#sspi_negotiate_auth ⇒ Object (readonly)
Returns the value of attribute sspi_negotiate_auth.
155 156 157 |
# File 'lib/httpclient/auth.rb', line 155 def sspi_negotiate_auth @sspi_negotiate_auth end |
Instance Method Details
#filter_request(req) ⇒ Object
Filter API implementation. Traps HTTP request and insert ‘Proxy-Authorization’ header if needed.
185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 |
# File 'lib/httpclient/auth.rb', line 185 def filter_request(req) @authenticator.each do |auth| next unless auth.set? # hasn't be set, don't use it if cred = auth.get(req) if cred == :skip # some authenticator (NTLM and Negotiate) does not # need to send extra header after authorization. In such case # it should block other authenticators to respond and :skip is # the marker for such case. return end req.header.set('Proxy-Authorization', auth.scheme + " " + cred) return end end end |
#filter_response(req, res) ⇒ Object
Filter API implementation. Traps HTTP response and parses ‘Proxy-Authenticate’ header.
204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 |
# File 'lib/httpclient/auth.rb', line 204 def filter_response(req, res) command = nil if res.status == HTTP::Status::PROXY_AUTHENTICATE_REQUIRED if challenge = parse_authentication_header(res, 'proxy-authenticate') uri = req.header.request_uri challenge.each do |scheme, param_str| @authenticator.each do |auth| next unless auth.set? # hasn't be set, don't use it if scheme.downcase == auth.scheme.downcase challengeable = auth.challenge(uri, param_str) command = :retry if challengeable end end end # ignore unknown authentication scheme end end command end |
#reset_challenge ⇒ Object
Resets challenge state. See sub filters for more details.
169 170 171 172 173 |
# File 'lib/httpclient/auth.rb', line 169 def reset_challenge @authenticator.each do |auth| auth.reset_challenge end end |
#set_auth(user, passwd) ⇒ Object
Set authentication credential. See sub filters for more details.
176 177 178 179 180 181 |
# File 'lib/httpclient/auth.rb', line 176 def set_auth(user, passwd) @authenticator.each do |auth| auth.set(nil, user, passwd) end reset_challenge end |