class HTTPAuth::Digest::AuthenticationInfo

The AuthenticationInfo class handles the Authentication-Info header. Sending Authentication-Info headers will allow the client to check the integrity of the response, but it isn’t compulsory and will get in the way of pipelined retrieval of resources.

See the Digest module for examples

Public Class Methods

from_credentials(credentials, options={}) click to toggle source

Creates a new AuthenticationInfo instance based on the information from Credentials instance.

See initialize for valid options.

# File lib/httpauth/digest.rb, line 471
def self.from_credentials(credentials, options={})
  auth_info = new credentials.h
  auth_info.update_from_credentials! options
  auth_info
end
from_header(auth_info, options={}) click to toggle source

Parses the information from a Authentication-Info header and creates a new AuthenticationInfo instance with this data.

  • auth_info: The contents of the Authentication-Info header

See initialize for valid options.

# File lib/httpauth/digest.rb, line 463
def self.from_header(auth_info, options={})
  new Utils.decode_directives(auth_info, :auth), options
end
new(h, options={}) click to toggle source

Create a new instance.

  • h: A Hash with directives, normally this is filled with the directives coming from a Credentials instance.

  • options: Used to set or override data from the Authentication-Info header

    • :digest: The digest for the specified username and realm.

    • :response_body The body of the response that's going to be sent to the client. This is a compulsory option if the qop directive is 'auth-int'.

# File lib/httpauth/digest.rb, line 485
def initialize(h, options={})
  @h = h
  @h.merge! options
end

Public Instance Methods

to_header() click to toggle source

Encodes directives and returns a string that can be used as the AuthorizationInfo header

# File lib/httpauth/digest.rb, line 491
def to_header
  Utils.encode_directives Utils.filter_h_on(@h,
    [:nextnonce, :qop, :rspauth, :cnonce, :nc]), :auth
end
update_from_credentials!(options) click to toggle source

Updates @h from options, generally called after an instance was created with from_credentials.

# File lib/httpauth/digest.rb, line 497
def update_from_credentials!(options)
  # TODO: update @h after nonce invalidation
  [:digest, :username, :realm, :password].each do |k|
    @h[k] = options[k] if options.include? k
  end
  @h[:response_body] = options[:response_body]
  @h[:nextnonce] = Utils.create_nonce @h[:salt]
  @h[:rspauth] = Utils.calculate_digest(@h, nil, :response)
end
validate(options) click to toggle source

Validates rspauth. Returns true or false

  • options: The extra options needed to validate rspauth.

    • :digest: The H(a1) digest

    • :uri: request uri

    • :nonce:nonce

# File lib/httpauth/digest.rb, line 513
def validate(options)
  ho = @h.merge(options)
  return @h[:rspauth] == Utils.calculate_digest(ho, @s, :response)
end