Class: Rack::Auth::Digest::MD5

Inherits:
AbstractHandler show all
Defined in:
lib/rack/auth/digest/md5.rb

Overview

Rack::Auth::Digest::MD5 implements the MD5 algorithm version of HTTP Digest Authentication, as per RFC 2617.

Initialize with the [Rack] application that you want protecting, and a block that looks up a plaintext password for a given username.

opaque needs to be set to a constant base64/hexadecimal string.

Instance Attribute Summary collapse

Attributes inherited from AbstractHandler

#realm

Instance Method Summary collapse

Constructor Details

#initialize(*args) ⇒ MD5

Returns a new instance of MD5.


24
25
26
27
# File 'lib/rack/auth/digest/md5.rb', line 24

def initialize(*args)
  super
  @passwords_hashed = nil
end

Instance Attribute Details

#opaqueObject

Returns the value of attribute opaque


20
21
22
# File 'lib/rack/auth/digest/md5.rb', line 20

def opaque
  @opaque
end

#passwords_hashed=(value) ⇒ Object (writeonly)

Sets the attribute passwords_hashed

Parameters:

  • value

    the value to set the attribute passwords_hashed to.


22
23
24
# File 'lib/rack/auth/digest/md5.rb', line 22

def passwords_hashed=(value)
  @passwords_hashed = value
end

Instance Method Details

#call(env) ⇒ Object


33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# File 'lib/rack/auth/digest/md5.rb', line 33

def call(env)
  auth = Request.new(env)

  unless auth.provided?
    return unauthorized
  end

  if !auth.digest? || !auth.correct_uri? || !valid_qop?(auth)
    return bad_request
  end

  if valid?(auth)
    if auth.nonce.stale?
      return unauthorized(challenge(:stale => true))
    else
      env['REMOTE_USER'] = auth.username

      return @app.call(env)
    end
  end

  unauthorized
end

#passwords_hashed?Boolean

Returns:

  • (Boolean)

29
30
31
# File 'lib/rack/auth/digest/md5.rb', line 29

def passwords_hashed?
  !!@passwords_hashed
end