def get(req)
return nil unless SSPIEnabled || GSSAPIEnabled
target_uri = req.header.request_uri
domain_uri, param = @challenge.find { |uri, v|
Util.uri_part_of(target_uri, uri)
}
return nil unless param
state = param[:state]
authenticator = param[:authenticator]
authphrase = param[:authphrase]
case state
when :init
if SSPIEnabled
authenticator = param[:authenticator] = Win32::SSPI::NegotiateAuth.new
return authenticator.get_initial_token(@scheme)
else
authenticator = param[:authenticator] = GSSAPI::Simple.new(domain_uri.host, 'HTTP')
return [authenticator.init_context].pack('m').gsub(/\n/,'')
end
when :response
@challenge.delete(domain_uri)
if SSPIEnabled
return authenticator.complete_authentication(authphrase)
else
return authenticator.init_context(authphrase.unpack('m').pop)
end
end
nil
end