Class: HTTPClient::WWWAuth

Inherits:
Object
  • Object
show all
Defined in:
lib/winrm/http/auth.rb

Instance Method Summary collapse

Instance Method Details

#filter_request(req) ⇒ Object

Filter API implementation. Traps HTTP request and insert ‘Authorization’ header if needed.



53
54
55
56
57
58
59
60
61
62
 
# File 'lib/winrm/http/auth.rb', line 53

def filter_request(req)
  @authenticator.each do |auth|
    next unless auth.set? # hasn't be set, don't use it
    if cred = auth.get(req)
      auth.encrypt_payload(req) if auth.respond_to?(:encrypt_payload)
      req.header.set('Authorization', auth.scheme + " " + cred)
      return
    end
  end
end

#filter_response(req, res) ⇒ Object

Filter API implementation. Traps HTTP response and parses ‘WWW-Authenticate’ header.

This remembers the challenges for all authentication methods available to the client. On the subsequent retry of the request, filter_request will select the strongest method.



70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
 
# File 'lib/winrm/http/auth.rb', line 70

def filter_response(req, res)
  command = nil
  if res.status == HTTP::Status::UNAUTHORIZED
    if challenge = parse_authentication_header(res, 'www-authenticate')
      uri = req.header.request_uri
      challenge.each do |scheme, param_str|
        @authenticator.each do |auth|
          next unless auth.set? # hasn't be set, don't use it
          if scheme.downcase == auth.scheme.downcase
            challengeable = auth.challenge(uri, param_str)
            command = :retry if challengeable
          end
        end
      end
      # ignore unknown authentication scheme
    end
  else
    decrypted_content = res.content
    @authenticator.each do |auth|
      next unless auth.set? # hasn't be set, don't use it
      decrypted_content = auth.decrypt_payload(res.content) if auth.respond_to?(:encrypted_channel?) && auth.encrypted_channel? && encrypted_content?(res.content)
    end
    # update with decrypted content
    res.content.replace(decrypted_content) if res.content and !res.content.empty?
  end
  command
end