class HTTPAuth::Digest::AuthenticationInfo

The AuthenticationInfo class handles the Authentication-Info header. Sending Authentication-Info headers will allow the client to check the integrity of the response, but it isn’t compulsory and will get in the way of pipelined retrieval of resources.

See the Digest module for examples

Public Class Methods

from_credentials (credentials, options = {})

Source

# File lib/httpauth/digest.rb, line 474
def self.from_credentials(credentials, options = {})
  auth_info = new credentials.h
  auth_info.update_from_credentials! options
  auth_info
end

Creates a new AuthenticationInfo instance based on the information from Credentials instance.

credentials: A Credentials instance

See initialize for valid options.

from_header (auth_info, options = {})

Source

# File lib/httpauth/digest.rb, line 466
def self.from_header(auth_info, options = {})
  new Utils.decode_directives(auth_info, :auth), options
end

Parses the information from a Authentication-Info header and creates a new AuthenticationInfo instance with this data.

auth_info: The contents of the Authentication-Info header

See initialize for valid options.

new (h, options = {})

Source

# File lib/httpauth/digest.rb, line 488
def initialize(h, options = {})
  @h = h
  @h.merge! options
end

Create a new instance.

h: A Hash with directives, normally this is filled with the directives coming from a Credentials instance.
options: Used to set or override data from the Authentication-Info header
- :digest: The digest for the specified username and realm.
- :response_body The body of the response that’s going to be sent to the client. This is a compulsory option if the qop directive is ‘auth-int’.

Public Instance Methods

to_header ()

Source

# File lib/httpauth/digest.rb, line 494
def to_header
  Utils.encode_directives Utils.filter_h_on(@h,
                                            [:nextnonce, :qop, :rspauth, :cnonce, :nc]), :auth
end

Encodes directives and returns a string that can be used as the AuthorizationInfo header

update_from_credentials! (options)

Source

# File lib/httpauth/digest.rb, line 500
def update_from_credentials!(options)
  # TODO: update @h after nonce invalidation
  [:digest, :username, :realm, :password].each do |k|
    @h[k] = options[k] if options.include? k
  end
  @h[:response_body] = options[:response_body]
  @h[:nextnonce] = Utils.create_nonce @h[:salt]
  @h[:rspauth] = Utils.calculate_digest(@h, nil, :response)
end

Updates @h from options, generally called after an instance was created with from_credentials.

validate (options)

Source

# File lib/httpauth/digest.rb, line 516
def validate(options)
  ho = @h.merge(options)
  @h[:rspauth] == Utils.calculate_digest(ho, @s, :response)
end

Validates rspauth. Returns true or false

options: The extra options needed to validate rspauth.
- :digest: The H(a1) digest
- :uri: request uri
- :nonce:nonce