htauth 2.3.0 → 3.0.0

data/lib/htauth/error.rb

@@ -1,4 +1,6 @@
-#-- 
+# frozen_string_literal: true
+
+#--
 # Copyrigth (c) 2008 Jeremy Hinegardner
 # All rights reserved.  See LICENSE and/or COPYING for details
 #++
@@ -7,12 +9,11 @@ module HTAuth
   class Error < StandardError; end
 
   class ConsoleError < Error; end
-  class DigestFileError < Error ; end
+  class DigestFileError < Error; end
   class FileAccessError < Error; end
   class InvalidDigestEntry < Error; end
-  class InvalidPasswdEntry < Error ; end
+  class InvalidPasswdEntry < Error; end
   class PasswordError < Error; end
-  class PasswdFileError < Error ; end
+  class PasswdFileError < Error; end
   class TempFileError < Error; end
 end
-

data/lib/htauth/file.rb

@@ -1,5 +1,7 @@
-require 'stringio'
-require 'htauth/error'
+# frozen_string_literal: true
+
+require "stringio"
+require "htauth/error"
 
 module HTAuth
   # Internal: A base class for DigestFile and PasswordFile to inherit from.
@@ -7,22 +9,20 @@ module HTAuth
   # This class should not be instantiated directly. You must use DigestFile or
   # PasswordFile.
   class File
-
     # Public: The mode to pass to #open for updating a file
-    ALTER  = "alter".freeze
+    ALTER  = "alter"
 
     # Public: The mode to pass to #open for creating a new file
-    CREATE = "create".freeze
+    CREATE = "create"
 
     # Public: A special 'filename' that may be passed to #open for 'saving' to $stdout
-    STDOUT_FLAG = "-".freeze
+    STDOUT_FLAG = "-"
 
-    attr_reader :filename
-    attr_reader :file
+    attr_reader :filename, :file
 
     class << self
       # Public: The method to use to open a DigestFile or PasswordFile.
-      # Altering a non-existent file is an error. Creating an existing file 
+      # Altering a non-existent file is an error. Creating an existing file
       # results in a truncation and overwrite of the existing file.
       #
       # filename - The name of the file to open
@@ -50,23 +50,23 @@ module HTAuth
       # Returns the DigestFile or PasswordFile as appropriate.
       # Raises FileAccessError if an invalid mode is used.
       # Raises FileAccessError if ALTERing a non-existent file.
-      def open(filename, mode = ALTER) 
-        f = self.new(filename, mode)
+      def open(filename, mode = ALTER)
+        f = new(filename, mode)
         if block_given?
           begin
             yield f
           ensure
-            f.save! if f and f.dirty?
+            f.save! if f&.dirty?
           end
         end
-        return f
+        f
       end
     end
 
     # Public: Create a new DigestFile or PasswordFile.
     # Generally you do not need to use this method. Use #open instead.
     #
-    # Altering a non-existent file is an error. Creating an existing file 
+    # Altering a non-existent file is an error. Creating an existing file
     # results in a truncation and overwrite of the existing file.
     #
     # filename - The name of the file to open
@@ -87,17 +87,17 @@ module HTAuth
       @mode       = mode
       @dirty      = false
 
-      raise FileAccessError, "Invalid mode #{mode}" unless [ ALTER, CREATE ].include?(mode)
+      raise FileAccessError, "Invalid mode #{mode}" unless [ALTER, CREATE].include?(mode)
 
-      if (filename != STDOUT_FLAG) and (mode == ALTER) and (not ::File.exist?(filename)) then
-        raise FileAccessError, "Could not open passwd file #{filename} for reading." 
+      if (filename != STDOUT_FLAG) && (mode == ALTER) && !::File.exist?(filename)
+        raise FileAccessError, "Could not open passwd file #{filename} for reading."
       end
 
       begin
         @entries  = {}
         @lines    = []
-        load_entries if (@mode == ALTER) and (filename != STDOUT_FLAG)
-      rescue => e
+        load_entries if (@mode == ALTER) && (filename != STDOUT_FLAG)
+      rescue StandardError => e
         raise FileAccessError, e.message
       end
     end
@@ -127,19 +127,15 @@ module HTAuth
     # Returns nothing
     # Raises FileAccessError if there was a problem writing the file
     def save!
-      begin
-        case filename
-        when STDOUT_FLAG
-          $stdout.write(contents)
-        else
-          ::File.open(@filename,"w") do |f|
-            f.write(contents)
-          end
-        end
-        @dirty = false
-      rescue => e
-        raise FileAccessError, "Error saving file #{@filename} : #{e.message}"
+      case filename
+      when STDOUT_FLAG
+        $stdout.write(contents)
+      else
+        ::File.write(@filename, contents)
       end
+      @dirty = false
+    rescue StandardError => e
+      raise FileAccessError, "Error saving file #{@filename} : #{e.message}"
     end
 
     # Internal: Return the String of the entire file contents
@@ -147,7 +143,7 @@ module HTAuth
     # Returns String
     def contents
       c = StringIO.new
-      @lines.each do |l| 
+      @lines.each do |l|
         c.puts l if l
       end
       c.string
@@ -160,13 +156,13 @@ module HTAuth
     # out in the same order it was read with the appropriate entries updated or
     # deleted.
     def load_entries
-      @lines   = IO.readlines(@filename)
-      @lines.each_with_index do |line,idx|
-        if entry_klass.is_entry?(line) then
-          entry = entry_klass.from_line(line)
-          v     = { 'entry' => entry, 'line_index' => idx }
-          @entries[entry.key] = v
-        end
+      @lines = IO.readlines(@filename)
+      @lines.each_with_index do |line, idx|
+        next unless entry_klass.entry?(line)
+
+        entry = entry_klass.from_line(line)
+        v     = { "entry" => entry, "line_index" => idx }
+        @entries[entry.key] = v
       end
       nil
     end

data/lib/htauth/md5.rb

@@ -1,23 +1,24 @@
-require 'htauth/algorithm'
-require 'digest/md5'
+# frozen_string_literal: true
+
+require "htauth/algorithm"
+require "digest/md5"
 
 module HTAuth
   # Internal: an implementation of the MD5 based encoding algorithm
   # as used in the apache htpasswd -m option
   class Md5 < Algorithm
-
     DIGEST_LENGTH  = 16
     PAD_LENGTH     = 6
-    PREFIX         = "$apr1$".freeze
-    SALT_CHARS_STR = SALT_CHARS.join('')
-    ENTRY_REGEX    = %r[
+    PREFIX         = "$apr1$"
+    SALT_CHARS_STR = SALT_CHARS.join
+    ENTRY_REGEX    = /
       \A
       #{Regexp.escape(PREFIX)}
       [#{SALT_CHARS_STR}]{#{SALT_LENGTH}}
-      #{Regexp.escape("$")}
+      #{Regexp.escape('$')}
       [#{SALT_CHARS_STR}]{#{DIGEST_LENGTH + PAD_LENGTH}}
       \z
-      ]x
+      /x
 
     def self.handles?(password_entry)
       ENTRY_REGEX.match?(password_entry)
@@ -25,15 +26,16 @@ module HTAuth
 
     def self.extract_salt_from_existing_password_field(existing)
       p = existing.split("$")
-      return p[2]
+      p[2]
     end
 
     def initialize(params = {})
-      if existing = (params['existing'] || params[:existing]) then
-        @salt = self.class.extract_salt_from_existing_password_field(existing)
-      else
-        @salt = params[:salt] || params['salt'] || gen_salt
-      end
+      super()
+      @salt = if (existing = params["existing"] || params[:existing])
+                self.class.extract_salt_from_existing_password_field(existing)
+              else
+                params[:salt] || params["salt"] || gen_salt
+              end
     end
 
     # this algorigthm pulled straight from apr_md5_encode() and converted to ruby syntax
@@ -46,8 +48,8 @@ module HTAuth
       md5_t = ::Digest::MD5.digest("#{password}#{@salt}#{password}")
 
       l = password.length
-      while l > 0 do
-        slice_size = ( l > DIGEST_LENGTH ) ? DIGEST_LENGTH : l
+      while l.positive?
+        slice_size = [l, DIGEST_LENGTH].min
         primary << md5_t[0, slice_size]
         l -= DIGEST_LENGTH
       end
@@ -59,7 +61,7 @@ module HTAuth
         when 1
           primary << 0.chr
         when 0
-          primary << password[0,1]
+          primary << password[0, 1]
         end
         l >>= 1
       end
@@ -71,33 +73,32 @@ module HTAuth
       # apr_md5_encode has this comment about a 60Mhz Pentium above this loop.
       1000.times do |x|
         ctx = ::Digest::MD5.new
-        ctx << (( ( x & 1 ) == 1 ) ? password : pd[0,DIGEST_LENGTH])
-        (ctx << @salt) unless ( x % 3 ) == 0
-        (ctx << password) unless ( x % 7 ) == 0
-        ctx << (( ( x & 1 ) == 0 ) ? password : pd[0,DIGEST_LENGTH])
+        ctx << (x.allbits?(1) ? password : pd[0, DIGEST_LENGTH])
+        (ctx << @salt) unless (x % 3).zero?
+        (ctx << password) unless (x % 7).zero?
+        ctx << (x.nobits?(1) ? password : pd[0, DIGEST_LENGTH])
         pd = ctx.digest
       end
 
-
       pd = pd.bytes.to_a
 
-      l = (pd[ 0]<<16) | (pd[ 6]<<8) | pd[12]
-      encoded_password << to_64(l, 4)
+      l = (pd[0] << 16) | (pd[6] << 8) | pd[12]
+      encoded_password << to64(l, 4)
 
-      l = (pd[ 1]<<16) | (pd[ 7]<<8) | pd[13]
-      encoded_password << to_64(l, 4)
+      l = (pd[1] << 16) | (pd[7] << 8) | pd[13]
+      encoded_password << to64(l, 4)
 
-      l = (pd[ 2]<<16) | (pd[ 8]<<8) | pd[14]
-      encoded_password << to_64(l, 4)
+      l = (pd[2] << 16) | (pd[8] << 8) | pd[14]
+      encoded_password << to64(l, 4)
 
-      l = (pd[ 3]<<16) | (pd[ 9]<<8) | pd[15]
-      encoded_password << to_64(l, 4)
+      l = (pd[3] << 16) | (pd[9] << 8) | pd[15]
+      encoded_password << to64(l, 4)
 
-      l = (pd[ 4]<<16) | (pd[10]<<8) | pd[ 5]
-      encoded_password << to_64(l, 4)
-      encoded_password << to_64(pd[11],2)
+      l = (pd[4] << 16) | (pd[10] << 8) | pd[5]
+      encoded_password << to64(l, 4)
+      encoded_password << to64(pd[11], 2)
 
-      return encoded_password
+      encoded_password
     end
   end
 end

data/lib/htauth/passwd_entry.rb

@@ -1,11 +1,12 @@
-require 'htauth/error'
-require 'htauth/entry'
-require 'htauth/algorithm'
+# frozen_string_literal: true
+
+require "htauth/error"
+require "htauth/entry"
+require "htauth/algorithm"
 
 module HTAuth
   # Internal: Object version of a single entry from a htpasswd file
   class PasswdEntry < Entry
-
     # Internal: the user of this entry
     attr_accessor :user
     # Internal: the password digest of this entry
@@ -22,11 +23,11 @@ module HTAuth
       #
       # Returns an instance of PasswdEntry
       def from_line(line)
-        parts = is_entry!(line)
+        parts = entry!(line)
         d = PasswdEntry.new(parts[0])
         d.digest = parts[1]
         d.algorithm = Algorithm.algorithm_from_field(parts[1])
-        return d
+        d
       end
 
       # Internal: test if the given line is valid for this Entry class
@@ -39,29 +40,30 @@ module HTAuth
       #
       # Returns the individual parts of the line
       # Raises InvalidPasswdEntry if it is not an valid entry
-      def is_entry!(line)
-        raise InvalidPasswdEntry, "line commented out" if line =~ /\A#/
+      def entry!(line)
+        raise InvalidPasswdEntry, "line commented out" if line.start_with?("#")
+
         parts = line.strip.split(":")
         raise InvalidPasswdEntry, "line must be of the format username:password" if parts.size != 2
-        return parts
+
+        parts
       end
 
       # Internal: Returns whether or not the line is a valid entry
       #
       # Returns true or false
-      def is_entry?(line)
-        begin
-          is_entry!(line)
-          return true
-        rescue InvalidPasswdEntry
-          return false
-        end
+      def entry?(line)
+        entry!(line)
+        true
+      rescue InvalidPasswdEntry
+        false
       end
     end
 
     # Internal: Create a new Entry with the given user, password, and algorithm
-    def initialize(user, password = nil, alg = Algorithm::DEFAULT, alg_params = {} )
-      @user      = user
+    def initialize(user, password = nil, alg = Algorithm::DEFAULT, alg_params = {})
+      super()
+      @user = user
       alg = Algorithm::DEFAULT if alg == Algorithm::EXISTING
       @algorithm = Algorithm.algorithm_from_name(alg, alg_params)
       @digest    = calc_digest(password)
@@ -69,7 +71,8 @@ module HTAuth
 
     # Internal: set the algorithm for the entry
     def algorithm=(alg)
-      return @algorithm if Algorithm::EXISTING == alg
+      return @algorithm if alg == Algorithm::EXISTING
+
       case alg
       when String
         @algorithm = Algorithm.algorithm_from_name(alg)
@@ -78,7 +81,7 @@ module HTAuth
       else
         raise InvalidAlgorithmError, "Unable to assign #{alg} to algorithm"
       end
-      return @algorithm
+      @algorithm
     end
 
     # Internal: set fields on the algorithm
@@ -93,15 +96,14 @@ module HTAuth
     #
     # If we have an array of algorithms, then we set it to CRYPT
     def password=(new_password)
-      if algorithm.kind_of?(HTAuth::Plaintext) then
-        @algorithm = Algorithm.algorithm_from_name(Algorithm::CRYPT)
-      end
+      @algorithm = Algorithm.algorithm_from_name(Algorithm::CRYPT) if algorithm.is_a?(HTAuth::Plaintext)
       @digest = calc_digest(new_password)
     end
 
     # Internal: calculate the new digest of the given password
     def calc_digest(password)
       return nil unless password
+
       algorithm.encode(password)
     end
 
@@ -113,7 +115,7 @@ module HTAuth
 
     # Internal: Returns the key of this entry
     def key
-      "#{user}"
+      user.to_s
     end
 
     # Internal: Returns the file line for this entry

data/lib/htauth/passwd_file.rb

@@ -1,9 +1,11 @@
-require 'stringio'
-require 'tempfile'
+# frozen_string_literal: true
 
-require 'htauth/error'
-require 'htauth/file'
-require 'htauth/passwd_entry'
+require "stringio"
+require "tempfile"
+
+require "htauth/error"
+require "htauth/file"
+require "htauth/passwd_entry"
 
 module HTAuth
   # Public: An API for managing an 'htpasswd' file
@@ -17,7 +19,6 @@ module HTAuth
   #   end
   #
   class PasswdFile < HTAuth::File
-
     # Private: The class implementing a single entry in the PasswdFile
     ENTRY_KLASS = HTAuth::PasswdEntry
 
@@ -33,7 +34,7 @@ module HTAuth
     # Returns true or false if the username
     def has_entry?(username)
       test_entry = PasswdEntry.new(username)
-      @entries.has_key?(test_entry.key)
+      @entries.key?(test_entry.key)
     end
 
     # Public: remove the given username from the file
@@ -48,10 +49,10 @@ module HTAuth
     #
     # Returns nothing
     def delete(username)
-      if has_entry?(username) then 
+      if has_entry?(username)
         ir = internal_record(username)
-        line_index = ir['line_index']
-        @entries.delete(ir['entry'].key)
+        line_index = ir["line_index"]
+        @entries.delete(ir["entry"].key)
         @lines[line_index] = nil
         dirty!
       end
@@ -59,7 +60,7 @@ module HTAuth
     end
 
     # Public: Add or update the username entry with the new password and
-    # algorithm. This will add a new entry if the username does not exist in 
+    # algorithm. This will add a new entry if the username does not exist in
     # the file. If the entry does exist in the file, then the password
     # of the entry is updated to the new password / algorithm
     #
@@ -84,7 +85,7 @@ module HTAuth
     #
     # Returns nothing.
     def add_or_update(username, password, algorithm = Algorithm::DEFAULT, algorithm_args = {})
-      if has_entry?(username) then
+      if has_entry?(username)
         update(username, password, algorithm, algorithm_args)
       else
         add(username, password, algorithm, algorithm_args)
@@ -116,12 +117,13 @@ module HTAuth
     # Raises PasswdFileError if the give username already exists.
     def add(username, password, algorithm = Algorithm::DEFAULT, algorithm_args = {})
       raise PasswdFileError, "Unable to add already existing user #{username}" if has_entry?(username)
+
       new_entry = PasswdEntry.new(username, password, algorithm, algorithm_args)
       new_index = @lines.size
       @lines << new_entry.to_s
-      @entries[new_entry.key] = { 'entry' => new_entry, 'line_index' => new_index }
+      @entries[new_entry.key] = { "entry" => new_entry, "line_index" => new_index }
       dirty!
-      return nil
+      nil
     end
 
     # Public: Update an existing record in the file.
@@ -153,13 +155,14 @@ module HTAuth
     # Raises PasswdFileError if the give username does not exist.
     def update(username, password, algorithm = Algorithm::EXISTING, algorithm_args = {})
       raise PasswdFileError, "Unable to update non-existent user #{username}" unless has_entry?(username)
+
       ir = internal_record(username)
-      ir['entry'].algorithm = algorithm
-      ir['entry'].algorithm_args = algorithm_args.dup
-      ir['entry'].password = password
-      @lines[ir['line_index']] = ir['entry'].to_s
+      ir["entry"].algorithm = algorithm
+      ir["entry"].algorithm_args = algorithm_args.dup
+      ir["entry"].password = password
+      @lines[ir["line_index"]] = ir["entry"].to_s
       dirty!
-      return nil
+      nil
     end
 
     # Public: Returns a copy of then given PasswdEntry from the file.
@@ -177,8 +180,9 @@ module HTAuth
     # Returns nil if the entry is not found
     def fetch(username)
       return nil unless has_entry?(username)
+
       ir = internal_record(username)
-      return ir['entry'].dup
+      ir["entry"].dup
     end
 
     # Public: authenticates the password of a given username
@@ -194,8 +198,9 @@ module HTAuth
     # Raises PasswordFileErrorif the given username does not exist
     def authenticated?(username, password)
       raise PasswdFileError, "Unable to authenticate a non-existent user #{username}" unless has_entry?(username)
+
       ir = internal_record(username)
-      return ir['entry'].authenticated?(password)
+      ir["entry"].authenticated?(password)
     end
 
     # Internal: returns the class used for each entry

data/lib/htauth/plaintext.rb

@@ -1,25 +1,27 @@
-require 'htauth/algorithm'
+# frozen_string_literal: true
+
+require "htauth/algorithm"
 
 module HTAuth
   # Internal: the plaintext algorithm, which does absolutly nothing
   class Plaintext < Algorithm
-
     ENTRY_REGEX = /\A[^$:]*\Z/
 
     def self.entry_matches?(entry)
       ENTRY_REGEX.match?(entry)
     end
 
-    def self.handles?(password_entry)
+    def self.handles?(_password_entry)
       false
     end
 
     # ignore parameters
-    def initialize(params = {})
+    def initialize(_params = {})
+      super()
     end
 
     def encode(password)
-      "#{password}"
+      password.to_s
     end
   end
 end

data/lib/htauth/sha1.rb

@@ -1,22 +1,24 @@
-require 'htauth/algorithm'
-require 'digest/sha1'
-require 'base64'
+# frozen_string_literal: true
+
+require "htauth/algorithm"
+require "digest/sha1"
+require "base64"
 
 module HTAuth
   # Internal: an implementation of the SHA based encoding algorithm
   # as used in the apache htpasswd -s option
   #
   class Sha1 < Algorithm
-
-    PREFIX      = '{SHA}'.freeze
-    ENTRY_REGEX = %r[\A#{Regexp.escape(PREFIX)}[A-Za-z0-9+\/=]{28}\z].freeze
+    PREFIX      = "{SHA}"
+    ENTRY_REGEX = %r[\A#{Regexp.escape(PREFIX)}[A-Za-z0-9+/=]{28}\z]
 
     def self.handles?(password_entry)
       ENTRY_REGEX.match?(password_entry)
     end
 
     # ignore the params
-    def initialize(params = {})
+    def initialize(_params = {})
+      super()
     end
 
     def encode(password)

data/lib/htauth/version.rb

@@ -1,4 +1,6 @@
+# frozen_string_literal: true
+
 module HTAuth
   # Public: The version of the htauth library
-  VERSION = "2.3.0"
+  VERSION = "3.0.0"
 end