Module: Net::HTTPHeader

Included in:
HTTPotato::Response::Headers
Defined in:
lib/httpotato/net_digest_auth.rb

Instance Method Summary collapse

Instance Method Details

#digest_auth(user, password, response) ⇒ Object



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# File 'lib/httpotato/net_digest_auth.rb', line 6

def digest_auth(user, password, response)
  response['www-authenticate'] =~ /^(\w+) (.*)/

  params = {}
  $2.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
  params.merge!("cnonce" => Digest::MD5.hexdigest("%x" % (Time.now.to_i + rand(65535))))

  a_1 = Digest::MD5.hexdigest("#{user}:#{params['realm']}:#{password}")
  a_2 = Digest::MD5.hexdigest("#{@method}:#{@path}")

  request_digest = Digest::MD5.hexdigest(
    [a_1, params['nonce'], "0", params['cnonce'], params['qop'], a_2].join(":")
  )

  header = [
    %Q(Digest username="#{user}"),
    %Q(realm="#{params['realm']}"),
    %Q(qop="#{params['qop']}"),
    %Q(uri="#{@path}"),
    %Q(nonce="#{params['nonce']}"),
    %Q(nc="0"),
    %Q(cnonce="#{params['cnonce']}"),
    %Q(opaque="#{params['opaque']}"),
    %Q(response="#{request_digest}")
  ]

  @header['Authorization'] = header
end