class HTTPAuth::Digest::Challenge

The Challenge class handlers the WWW-Authenticate header. The WWW-Authenticate header is sent by a server when accessing a resource without credentials is prohibided. The header should always be sent together with a 401 status.

See the Digest module for examples

Public Class Methods

from_header(challenge, options={}) click to toggle source

Parses the information from a WWW-Authenticate header and creates a new WWW-Authenticate instance with this data.

  • challenge: The contents of a WWW-Authenticate header

See initialize for valid options.

# File lib/httpauth/digest.rb, line 417
def self.from_header(challenge, options={})
  new Utils.decode_directives(challenge, :challenge), options
end
new(h, options={}) click to toggle source

Create a new instance.

  • h: A Hash with directives, normally this is filled with directives coming from a Challenge instance.

  • options: Use to set of override data from the WWW-Authenticate header

    • :realm: The name of the realm the client should authenticate for. The RFC suggests to use a string like 'admin@yourhost.domain.com'. Be sure to use a reasonably long string to avoid brute force attacks.

    • :qop: A list with supported qop values. For example: ['auth-int']. This will default to ['auth']. Although this implementation supports both auth and auth-int, most implementations don't. Some implementations get confused when they receive anything but 'auth'. For maximum compatibility you should leave this setting alone.

    • :algorithm: The preferred algorithm for calculating the digest. For example: 'MD5-sess'. This will default to 'MD5'. For maximum compatibility you should leave this setting alone.

# File lib/httpauth/digest.rb, line 435
def initialize(h, options={})
  @h = h
  @h.merge! options
end

Public Instance Methods

to_header() click to toggle source

Encodes directives and returns a string that can be used as the WWW-Authenticate header

# File lib/httpauth/digest.rb, line 441
def to_header
  @h[:nonce] ||= Utils.create_nonce @h[:salt]
  @h[:opaque] ||= Utils.create_opaque
  @h[:algorithm] ||= HTTPAuth::PREFERRED_ALGORITHM
  @h[:qop] ||= [HTTPAuth::PREFERRED_QOP]
  Utils.encode_directives Utils.filter_h_on(@h,
    [:realm, :domain, :nonce, :opaque, :stale, :algorithm, :qop]), :challenge
end