Class: Rack::Auth::Digest::MD5

Inherits:

AbstractHandler

Object
AbstractHandler
Rack::Auth::Digest::MD5

show all

Defined in:: lib/rack/auth/digest/md5.rb

Overview

Rack::Auth::Digest::MD5 implements the MD5 algorithm version of HTTP Digest Authentication, as per RFC 2617.

Initialize with the [Rack] application that you want protecting, and a block that looks up a plaintext password for a given username.

opaque needs to be set to a constant base64/hexadecimal string.

Instance Attribute Summary collapse

#opaque ⇒ Object

Returns the value of attribute opaque.
#passwords_hashed ⇒ Object writeonly

Sets the attribute passwords_hashed.

Attributes inherited from AbstractHandler

#realm

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app, realm = nil, opaque = nil, &authenticator) ⇒ MD5 constructor

A new instance of MD5.
#passwords_hashed? ⇒ Boolean

Constructor Details

#initialize(app, realm = nil, opaque = nil, &authenticator) ⇒ `MD5`

Returns a new instance of MD5.

# File 'lib/rack/auth/digest/md5.rb', line 26

def initialize(app, realm = nil, opaque = nil, &authenticator)
  @passwords_hashed = nil
  if opaque.nil? and realm.respond_to? :values_at
    realm, opaque, @passwords_hashed = realm.values_at :realm, :opaque, :passwords_hashed
  end
  super(app, realm, &authenticator)
  @opaque = opaque
end

Instance Attribute Details

#opaque ⇒ `Object`

Returns the value of attribute opaque.



22
23
24

# File 'lib/rack/auth/digest/md5.rb', line 22

def opaque
  @opaque
end

#passwords_hashed=(value) ⇒ `Object` (writeonly)

Sets the attribute passwords_hashed

Parameters:

value —

the value to set the attribute passwords_hashed to.



24
25
26

# File 'lib/rack/auth/digest/md5.rb', line 24

def passwords_hashed=(value)
  @passwords_hashed = value
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/rack/auth/digest/md5.rb', line 39

def call(env)
  auth = Request.new(env)

  unless auth.provided?
    return unauthorized
  end

  if !auth.digest? || !auth.correct_uri? || !valid_qop?(auth)
    return bad_request
  end

  if valid?(auth)
    if auth.nonce.stale?
      return unauthorized(challenge(stale: true))
    else
      env['REMOTE_USER'] = auth.username

      return @app.call(env)
    end
  end

  unauthorized
end

#passwords_hashed? ⇒ `Boolean`

Returns:

(Boolean)



35
36
37

# File 'lib/rack/auth/digest/md5.rb', line 35

def passwords_hashed?
  !!@passwords_hashed
end