Class: Mechanize::HTTP::WWWAuthenticateParser

Inherits:
Object
  • Object
show all
Defined in:
lib/mechanize/http/www_authenticate_parser.rb

Overview

Parses the WWW-Authenticate HTTP header into separate challenges.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeWWWAuthenticateParser

Creates a new header parser for WWW-Authenticate headers



15
16
17
 
# File 'lib/mechanize/http/www_authenticate_parser.rb', line 15

def initialize
  @scanner = nil
end

Instance Attribute Details

#scannerObject

:nodoc:



10
11
12
 
# File 'lib/mechanize/http/www_authenticate_parser.rb', line 10

def scanner
  @scanner
end

Instance Method Details

#auth_paramObject

auth-param = token “=” ( token | quoted-string )

Parses an auth parameter



124
125
126
127
128
129
130
131
132
133
134
135
136
137
 
# File 'lib/mechanize/http/www_authenticate_parser.rb', line 124

def auth_param
  return nil unless name = token
  return nil unless @scanner.scan(/=/)

  value = if @scanner.peek(1) == '"' then
            quoted_string
          else
            token
          end

  return nil unless value

  return name, value
end

#parse(www_authenticate) ⇒ Object

Parsers the header. Returns an Array of challenges as strings



22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
 
# File 'lib/mechanize/http/www_authenticate_parser.rb', line 22

def parse www_authenticate
  challenges = []
  @scanner = StringScanner.new www_authenticate

  while true do
    break if @scanner.eos?
    challenge = Mechanize::HTTP::AuthChallenge.new

    scheme = auth_scheme

    if scheme == 'Negotiate'
      scan_comma_spaces
    end

    next unless scheme
    challenge.scheme = scheme

    space = spaces

    if scheme == 'NTLM' then
      if space then
        challenge.params = @scanner.scan(/.*/)
      end

      challenges << challenge
      next
    else
      scheme.capitalize!
    end

    next unless space

    params = {}

    while true do
      pos = @scanner.pos
      name, value = auth_param

      name.downcase! if name =~ /^realm$/i

      unless name then
        challenge.params = params
        challenges << challenge
        break if @scanner.eos?

        @scanner.pos = pos # rewind
        challenge = '' # a token should be next, new challenge
        break
      else
        params[name] = value
      end

      spaces

      return nil unless ',' == @scanner.peek(1) or @scanner.eos?

      @scanner.scan(/(, *)+/)
    end
  end

  challenges
end

#quoted_stringObject

quoted-string = ( <“> *(qdtext | quoted-pair ) <”> )

qdtext        = <any TEXT except <">>
quoted-pair   = "\" CHAR

For TEXT, the rules of RFC 2047 are ignored.



146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
 
# File 'lib/mechanize/http/www_authenticate_parser.rb', line 146

def quoted_string
  return nil unless @scanner.scan(/"/)

  text = ''

  while true do
    chunk = @scanner.scan(/[\r\n \t\041\043-\176\200-\377]+/) # not "

    if chunk then
      text << chunk

      text << @scanner.get_byte if
        chunk.end_with? '\\' and '"' == @scanner.peek(1)
    else
      if '"' == @scanner.peek(1) then
        @scanner.get_byte
        break
      else
        return nil
      end
    end
  end

  text
end

#scan_comma_spacesObject

scans a comma followed by spaces needed for Negotiation, NTLM



99
100
101
 
# File 'lib/mechanize/http/www_authenticate_parser.rb', line 99

def scan_comma_spaces
  @scanner.scan(/, +/)
end

#spacesObject

1*SP

Parses spaces



90
91
92
 
# File 'lib/mechanize/http/www_authenticate_parser.rb', line 90

def spaces
  @scanner.scan(/ +/)
end

#tokenObject Also known as: auth_scheme

token = 1*<any CHAR except CTLs or separators>

Parses a token



108
109
110
 
# File 'lib/mechanize/http/www_authenticate_parser.rb', line 108

def token
  @scanner.scan(/[^\000-\037\177()<>@,;:\\"\/\[\]?={} ]+/)
end