Parent

Class Index [+]

Quicksearch

Rack::Auth::Digest::MD5

Rack::Auth::Digest::MD5 implements the MD5 algorithm version of HTTP Digest Authentication, as per RFC 2617.

Initialize with the [Rack] application that you want protecting, and a block that looks up a plaintext password for a given username.

opaque needs to be set to a constant base64/hexadecimal string.

Constants

QOP
(Not documented)

Attributes

opaque[RW]

(Not documented)

passwords_hashed[W]

(Not documented)

Public Class Methods

new(*args) click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 24
24:         def initialize(*args)
25:           super
26:           @passwords_hashed = nil
27:         end

Public Instance Methods

call(env) click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 33
33:         def call(env)
34:           auth = Request.new(env)
35: 
36:           unless auth.provided?
37:             return unauthorized
38:           end
39: 
40:           if !auth.digest? || !auth.correct_uri? || !valid_qop?(auth)
41:             return bad_request
42:           end
43: 
44:           if valid?(auth)
45:             if auth.nonce.stale?
46:               return unauthorized(challenge(:stale => true))
47:             else
48:               env['REMOTE_USER'] = auth.username
49: 
50:               return @app.call(env)
51:             end
52:           end
53: 
54:           unauthorized
55:         end
passwords_hashed?() click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 29
29:         def passwords_hashed?
30:           !!@passwords_hashed
31:         end

Private Instance Methods

A1(auth, password) click to toggle source

(Not documented)

     # File lib/rack/auth/digest/md5.rb, line 107
107:         def A1(auth, password)
108:           [ auth.username, auth.realm, password ] * ':'
109:         end
A2(auth) click to toggle source

(Not documented)

     # File lib/rack/auth/digest/md5.rb, line 111
111:         def A2(auth)
112:           [ auth.method, auth.uri ] * ':'
113:         end
H(data) click to toggle source

Alias for md5

KD(secret, data) click to toggle source

(Not documented)

     # File lib/rack/auth/digest/md5.rb, line 103
103:         def KD(secret, data)
104:           H([secret, data] * ':')
105:         end
challenge(hash = {}) click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 73
73:         def challenge(hash = {})
74:           "Digest #{params(hash)}"
75:         end
digest(auth, password) click to toggle source

(Not documented)

     # File lib/rack/auth/digest/md5.rb, line 115
115:         def digest(auth, password)
116:           password_hash = passwords_hashed? ? password : H(A1(auth, password))
117: 
118:           KD(password_hash, [ auth.nonce, auth.nc, auth.cnonce, QOP, H(A2(auth)) ] * ':')
119:         end
md5(data) click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 97
97:         def md5(data)
98:           ::Digest::MD5.hexdigest(data)
99:         end
Also aliased as: H
params(hash = {}) click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 62
62:         def params(hash = {})
63:           Params.new do |params|
64:             params['realm'] = realm
65:             params['nonce'] = Nonce.new.to_s
66:             params['opaque'] = H(opaque)
67:             params['qop'] = QOP
68: 
69:             hash.each { |k, v| params[k] = v }
70:           end
71:         end
valid?(auth) click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 77
77:         def valid?(auth)
78:           valid_opaque?(auth) && valid_nonce?(auth) && valid_digest?(auth)
79:         end
valid_digest?(auth) click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 93
93:         def valid_digest?(auth)
94:           digest(auth, @authenticator.call(auth.username)) == auth.response
95:         end
valid_nonce?(auth) click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 89
89:         def valid_nonce?(auth)
90:           auth.nonce.valid?
91:         end
valid_opaque?(auth) click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 85
85:         def valid_opaque?(auth)
86:           H(opaque) == auth.opaque
87:         end
valid_qop?(auth) click to toggle source

(Not documented)

    # File lib/rack/auth/digest/md5.rb, line 81
81:         def valid_qop?(auth)
82:           QOP == auth.qop
83:         end

Disabled; run with --debug to generate this.

[Validate]

Generated with the Darkfish Rdoc Generator 1.1.6.