File: C:/Ruby27-x64/share/doc/ruby/html/WEBrick/HTTPAuth/DigestAuth.html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>class WEBrick::HTTPAuth::DigestAuth - RDoc Documentation</title>
<script type="text/javascript">
var rdoc_rel_prefix = "../../";
var index_rel_prefix = "../../";
</script>
<script src="../../js/navigation.js" defer></script>
<script src="../../js/search.js" defer></script>
<script src="../../js/search_index.js" defer></script>
<script src="../../js/searcher.js" defer></script>
<script src="../../js/darkfish.js" defer></script>
<link href="../../css/fonts.css" rel="stylesheet">
<link href="../../css/rdoc.css" rel="stylesheet">
<body id="top" role="document" class="class">
<nav role="navigation">
<div id="project-navigation">
<div id="home-section" role="region" title="Quick navigation" class="nav-section">
<h2>
<a href="../../index.html" rel="home">Home</a>
</h2>
<div id="table-of-contents-navigation">
<a href="../../table_of_contents.html#pages">Pages</a>
<a href="../../table_of_contents.html#classes">Classes</a>
<a href="../../table_of_contents.html#methods">Methods</a>
</div>
</div>
<div id="search-section" role="search" class="project-section initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<div id="search-field-wrapper">
<input id="search-field" role="combobox" aria-label="Search"
aria-autocomplete="list" aria-controls="search-results"
type="text" name="search" placeholder="Search" spellcheck="false"
title="Type to search, Up and Down to navigate, Enter to load">
</div>
<ul id="search-results" aria-label="Search Results"
aria-busy="false" aria-expanded="false"
aria-atomic="false" class="initially-hidden"></ul>
</form>
</div>
</div>
<div id="class-metadata">
<div id="parent-class-section" class="nav-section">
<h3>Parent</h3>
<p class="link"><a href="../../Object.html">Object</a>
</div>
<div id="includes-section" class="nav-section">
<h3>Included Modules</h3>
<ul class="link-list">
<li><a class="include" href="Authenticator.html">WEBrick::HTTPAuth::Authenticator</a>
</ul>
</div>
<!-- Method Quickref -->
<div id="method-list-section" class="nav-section">
<h3>Methods</h3>
<ul class="link-list" role="directory">
<li ><a href="#method-c-make_passwd">::make_passwd</a>
<li ><a href="#method-c-new">::new</a>
<li ><a href="#method-i-authenticate">#authenticate</a>
<li ><a href="#method-i-challenge">#challenge</a>
</ul>
</div>
</div>
</nav>
<main role="main" aria-labelledby="class-WEBrick::HTTPAuth::DigestAuth">
<h1 id="class-WEBrick::HTTPAuth::DigestAuth" class="class">
class WEBrick::HTTPAuth::DigestAuth
</h1>
<section class="description">
<p>RFC 2617 <a href="../../Digest.html"><code>Digest</code></a> Access Authentication for <a href="../../WEBrick.html"><code>WEBrick</code></a></p>
<p>Use this class to add digest authentication to a <a href="../../WEBrick.html"><code>WEBrick</code></a> servlet.</p>
<p>Here is an example of how to set up DigestAuth:</p>
<pre class="ruby"><span class="ruby-identifier">config</span> = { <span class="ruby-value">:Realm</span> <span class="ruby-operator">=></span> <span class="ruby-string">'DigestAuth example realm'</span> }
<span class="ruby-identifier">htdigest</span> = <span class="ruby-constant">WEBrick</span><span class="ruby-operator">::</span><span class="ruby-constant">HTTPAuth</span><span class="ruby-operator">::</span><span class="ruby-constant">Htdigest</span>.<span class="ruby-identifier">new</span> <span class="ruby-string">'my_password_file'</span>
<span class="ruby-identifier">htdigest</span>.<span class="ruby-identifier">set_passwd</span> <span class="ruby-identifier">config</span>[<span class="ruby-value">:Realm</span>], <span class="ruby-string">'username'</span>, <span class="ruby-string">'password'</span>
<span class="ruby-identifier">htdigest</span>.<span class="ruby-identifier">flush</span>
<span class="ruby-identifier">config</span>[<span class="ruby-value">:UserDB</span>] = <span class="ruby-identifier">htdigest</span>
<span class="ruby-identifier">digest_auth</span> = <span class="ruby-constant">WEBrick</span><span class="ruby-operator">::</span><span class="ruby-constant">HTTPAuth</span><span class="ruby-operator">::</span><span class="ruby-constant">DigestAuth</span>.<span class="ruby-identifier">new</span> <span class="ruby-identifier">config</span>
</pre>
<p>When using this as with a servlet be sure not to create a new <a href="DigestAuth.html"><code>DigestAuth</code></a> object in the servlet's initialize. By default <a href="../../WEBrick.html"><code>WEBrick</code></a> creates a new servlet instance for every request and the <a href="DigestAuth.html"><code>DigestAuth</code></a> object must be used across requests.</p>
</section>
<section id="5Buntitled-5D" class="documentation-section">
<section class="attribute-method-details" class="method-section">
<header>
<h3>Attributes</h3>
</header>
<div id="attribute-i-algorithm" class="method-detail">
<div class="method-heading attribute-method-heading">
<span class="method-name">algorithm</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
<p><a href="../../Digest.html"><code>Digest</code></a> authentication algorithm</p>
</div>
</div>
<div id="attribute-i-qop" class="method-detail">
<div class="method-heading attribute-method-heading">
<span class="method-name">qop</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
<p>Quality of protection. RFC 2617 defines “auth” and “auth-int”</p>
</div>
</div>
</section>
<section id="public-class-5Buntitled-5D-method-details" class="method-section">
<header>
<h3>Public Class Methods</h3>
</header>
<div id="method-c-make_passwd" class="method-detail ">
<div class="method-heading">
<span class="method-name">make_passwd</span><span
class="method-args">(realm, user, pass)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Used by <a href="UserDB.html"><code>UserDB</code></a> to create a digest password entry</p>
<div class="method-source-code" id="make_passwd-source">
<pre><span class="ruby-comment"># File lib/webrick/httpauth/digestauth.rb, line 69</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier ruby-title">make_passwd</span>(<span class="ruby-identifier">realm</span>, <span class="ruby-identifier">user</span>, <span class="ruby-identifier">pass</span>)
<span class="ruby-identifier">pass</span> <span class="ruby-operator">||=</span> <span class="ruby-string">""</span>
<span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">MD5</span><span class="ruby-operator">::</span><span class="ruby-identifier">hexdigest</span>([<span class="ruby-identifier">user</span>, <span class="ruby-identifier">realm</span>, <span class="ruby-identifier">pass</span>].<span class="ruby-identifier">join</span>(<span class="ruby-string">":"</span>))
<span class="ruby-keyword">end</span></pre>
</div>
</div>
</div>
<div id="method-c-new" class="method-detail ">
<div class="method-heading">
<span class="method-name">new</span><span
class="method-args">(config, default=Config::DigestAuth)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Creates a new <a href="DigestAuth.html"><code>DigestAuth</code></a> instance. Be sure to use the same <a href="DigestAuth.html"><code>DigestAuth</code></a> instance for multiple requests as it saves state between requests in order to perform authentication.</p>
<p>See WEBrick::Config::DigestAuth for default configuration entries</p>
<p>You must supply the following configuration entries:</p>
<dl class="rdoc-list note-list"><dt>:Realm
<dd>
<p>The name of the realm being protected.</p>
</dd><dt>:UserDB
<dd>
<p>A database of usernames and passwords. A <a href="Htdigest.html"><code>WEBrick::HTTPAuth::Htdigest</code></a> instance should be used.</p>
</dd></dl>
<div class="method-source-code" id="new-source">
<pre><span class="ruby-comment"># File lib/webrick/httpauth/digestauth.rb, line 87</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">initialize</span>(<span class="ruby-identifier">config</span>, <span class="ruby-identifier">default</span>=<span class="ruby-constant">Config</span><span class="ruby-operator">::</span><span class="ruby-constant">DigestAuth</span>)
<span class="ruby-identifier">check_init</span>(<span class="ruby-identifier">config</span>)
<span class="ruby-ivar">@config</span> = <span class="ruby-identifier">default</span>.<span class="ruby-identifier">dup</span>.<span class="ruby-identifier">update</span>(<span class="ruby-identifier">config</span>)
<span class="ruby-ivar">@algorithm</span> = <span class="ruby-ivar">@config</span>[<span class="ruby-value">:Algorithm</span>]
<span class="ruby-ivar">@domain</span> = <span class="ruby-ivar">@config</span>[<span class="ruby-value">:Domain</span>]
<span class="ruby-ivar">@qop</span> = <span class="ruby-ivar">@config</span>[<span class="ruby-value">:Qop</span>]
<span class="ruby-ivar">@use_opaque</span> = <span class="ruby-ivar">@config</span>[<span class="ruby-value">:UseOpaque</span>]
<span class="ruby-ivar">@use_next_nonce</span> = <span class="ruby-ivar">@config</span>[<span class="ruby-value">:UseNextNonce</span>]
<span class="ruby-ivar">@check_nc</span> = <span class="ruby-ivar">@config</span>[<span class="ruby-value">:CheckNc</span>]
<span class="ruby-ivar">@use_auth_info_header</span> = <span class="ruby-ivar">@config</span>[<span class="ruby-value">:UseAuthenticationInfoHeader</span>]
<span class="ruby-ivar">@nonce_expire_period</span> = <span class="ruby-ivar">@config</span>[<span class="ruby-value">:NonceExpirePeriod</span>]
<span class="ruby-ivar">@nonce_expire_delta</span> = <span class="ruby-ivar">@config</span>[<span class="ruby-value">:NonceExpireDelta</span>]
<span class="ruby-ivar">@internet_explorer_hack</span> = <span class="ruby-ivar">@config</span>[<span class="ruby-value">:InternetExplorerHack</span>]
<span class="ruby-keyword">case</span> <span class="ruby-ivar">@algorithm</span>
<span class="ruby-keyword">when</span> <span class="ruby-string">'MD5'</span>,<span class="ruby-string">'MD5-sess'</span>
<span class="ruby-ivar">@h</span> = <span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">MD5</span>
<span class="ruby-keyword">when</span> <span class="ruby-string">'SHA1'</span>,<span class="ruby-string">'SHA1-sess'</span> <span class="ruby-comment"># it is a bonus feature :-)</span>
<span class="ruby-ivar">@h</span> = <span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">SHA1</span>
<span class="ruby-keyword">else</span>
<span class="ruby-identifier">msg</span> = <span class="ruby-identifier">format</span>(<span class="ruby-string">'Algorithm "%s" is not supported.'</span>, <span class="ruby-ivar">@algorithm</span>)
<span class="ruby-identifier">raise</span> <span class="ruby-constant">ArgumentError</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">msg</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-ivar">@instance_key</span> = <span class="ruby-identifier">hexdigest</span>(<span class="ruby-keyword">self</span>.<span class="ruby-identifier">__id__</span>, <span class="ruby-constant">Time</span>.<span class="ruby-identifier">now</span>.<span class="ruby-identifier">to_i</span>, <span class="ruby-constant">Process</span>.<span class="ruby-identifier">pid</span>)
<span class="ruby-ivar">@opaques</span> = {}
<span class="ruby-ivar">@last_nonce_expire</span> = <span class="ruby-constant">Time</span>.<span class="ruby-identifier">now</span>
<span class="ruby-ivar">@mutex</span> = <span class="ruby-constant">Thread</span><span class="ruby-operator">::</span><span class="ruby-constant">Mutex</span>.<span class="ruby-identifier">new</span>
<span class="ruby-keyword">end</span></pre>
</div>
</div>
</div>
</section>
<section id="public-instance-5Buntitled-5D-method-details" class="method-section">
<header>
<h3>Public Instance Methods</h3>
</header>
<div id="method-i-authenticate" class="method-detail ">
<div class="method-heading">
<span class="method-name">authenticate</span><span
class="method-args">(req, res)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Authenticates a <code>req</code> and returns a 401 Unauthorized using <code>res</code> if the authentication was not correct.</p>
<div class="method-source-code" id="authenticate-source">
<pre><span class="ruby-comment"># File lib/webrick/httpauth/digestauth.rb, line 121</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">authenticate</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>)
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">result</span> = <span class="ruby-ivar">@mutex</span>.<span class="ruby-identifier">synchronize</span>{ <span class="ruby-identifier">_authenticate</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>) }
<span class="ruby-identifier">challenge</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">result</span> <span class="ruby-operator">==</span> <span class="ruby-value">:nonce_is_stale</span>
<span class="ruby-identifier">challenge</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>, <span class="ruby-keyword">true</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">return</span> <span class="ruby-keyword">true</span>
<span class="ruby-keyword">end</span></pre>
</div>
</div>
</div>
<div id="method-i-challenge" class="method-detail ">
<div class="method-heading">
<span class="method-name">challenge</span><span
class="method-args">(req, res, stale=false)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Returns a challenge response which asks for authentication information</p>
<div class="method-source-code" id="challenge-source">
<pre><span class="ruby-comment"># File lib/webrick/httpauth/digestauth.rb, line 134</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">challenge</span>(<span class="ruby-identifier">req</span>, <span class="ruby-identifier">res</span>, <span class="ruby-identifier">stale</span>=<span class="ruby-keyword">false</span>)
<span class="ruby-identifier">nonce</span> = <span class="ruby-identifier">generate_next_nonce</span>(<span class="ruby-identifier">req</span>)
<span class="ruby-keyword">if</span> <span class="ruby-ivar">@use_opaque</span>
<span class="ruby-identifier">opaque</span> = <span class="ruby-identifier">generate_opaque</span>(<span class="ruby-identifier">req</span>)
<span class="ruby-ivar">@opaques</span>[<span class="ruby-identifier">opaque</span>].<span class="ruby-identifier">nonce</span> = <span class="ruby-identifier">nonce</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">param</span> = <span class="ruby-constant">Hash</span>.<span class="ruby-identifier">new</span>
<span class="ruby-identifier">param</span>[<span class="ruby-string">"realm"</span>] = <span class="ruby-constant">HTTPUtils</span><span class="ruby-operator">::</span><span class="ruby-identifier">quote</span>(<span class="ruby-ivar">@realm</span>)
<span class="ruby-identifier">param</span>[<span class="ruby-string">"domain"</span>] = <span class="ruby-constant">HTTPUtils</span><span class="ruby-operator">::</span><span class="ruby-identifier">quote</span>(<span class="ruby-ivar">@domain</span>.<span class="ruby-identifier">to_a</span>.<span class="ruby-identifier">join</span>(<span class="ruby-string">" "</span>)) <span class="ruby-keyword">if</span> <span class="ruby-ivar">@domain</span>
<span class="ruby-identifier">param</span>[<span class="ruby-string">"nonce"</span>] = <span class="ruby-constant">HTTPUtils</span><span class="ruby-operator">::</span><span class="ruby-identifier">quote</span>(<span class="ruby-identifier">nonce</span>)
<span class="ruby-identifier">param</span>[<span class="ruby-string">"opaque"</span>] = <span class="ruby-constant">HTTPUtils</span><span class="ruby-operator">::</span><span class="ruby-identifier">quote</span>(<span class="ruby-identifier">opaque</span>) <span class="ruby-keyword">if</span> <span class="ruby-identifier">opaque</span>
<span class="ruby-identifier">param</span>[<span class="ruby-string">"stale"</span>] = <span class="ruby-identifier">stale</span>.<span class="ruby-identifier">to_s</span>
<span class="ruby-identifier">param</span>[<span class="ruby-string">"algorithm"</span>] = <span class="ruby-ivar">@algorithm</span>
<span class="ruby-identifier">param</span>[<span class="ruby-string">"qop"</span>] = <span class="ruby-constant">HTTPUtils</span><span class="ruby-operator">::</span><span class="ruby-identifier">quote</span>(<span class="ruby-ivar">@qop</span>.<span class="ruby-identifier">to_a</span>.<span class="ruby-identifier">join</span>(<span class="ruby-string">","</span>)) <span class="ruby-keyword">if</span> <span class="ruby-ivar">@qop</span>
<span class="ruby-identifier">res</span>[<span class="ruby-ivar">@response_field</span>] =
<span class="ruby-node">"#{@auth_scheme} "</span> <span class="ruby-operator">+</span> <span class="ruby-identifier">param</span>.<span class="ruby-identifier">map</span>{<span class="ruby-operator">|</span><span class="ruby-identifier">k</span>,<span class="ruby-identifier">v</span><span class="ruby-operator">|</span> <span class="ruby-node">"#{k}=#{v}"</span> }.<span class="ruby-identifier">join</span>(<span class="ruby-string">", "</span>)
<span class="ruby-identifier">info</span>(<span class="ruby-string">"%s: %s"</span>, <span class="ruby-ivar">@response_field</span>, <span class="ruby-identifier">res</span>[<span class="ruby-ivar">@response_field</span>]) <span class="ruby-keyword">if</span> <span class="ruby-identifier">$DEBUG</span>
<span class="ruby-identifier">raise</span> <span class="ruby-ivar">@auth_exception</span>
<span class="ruby-keyword">end</span></pre>
</div>
</div>
</div>
</section>
</section>
</main>
<footer id="validator-badges" role="contentinfo">
<p><a href="https://validator.w3.org/check/referer">Validate</a>
<p>Generated by <a href="https://ruby.github.io/rdoc/">RDoc</a> 6.2.1.1.
<p>Based on <a href="http://deveiate.org/projects/Darkfish-RDoc/">Darkfish</a> by <a href="http://deveiate.org">Michael Granger</a>.
</footer>