RubyGems - httpauth - Versions diffs - 0.2.0 → 0.2.1 - Mend

httpauth 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml ADDED

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 2404f2197812b252663439a4537d6a068d4e09c4
+  data.tar.gz: 71ece448d2d0370456216b90059d181f246c2131
+SHA512:
+  metadata.gz: a2e2f64693bd6e3c0ad4fa32dcd2bd01483cc8626dade2d3dde72a6de047fa29b9b9b8e05481fef81a212d317017e9990b4b4d0714f39f16134bfeef3976f8e2
+  data.tar.gz: 1d8d22a05e34731303255144c97bb29e6e7243bec8f36bec7ca6a2a651eec36b57815a413753f70f8c278469c199b468b85d6ad09dc7a09ddb051f84fe02cf28

data/README.md CHANGED

@@ -37,4 +37,4 @@ IE doesn't use the full URI for digest calculation, it chops off the query param
 ## Known server implementation issues
-Apache 2.0 sends Authorization-Info headers without a nextnonce directive.
+Apache 2.0 sends Authorization-Info headers without a nextnonce directive.

data/lib/httpauth.rb CHANGED

@@ -1,4 +1,4 @@
 require 'httpauth/constants'
 require 'httpauth/exceptions'
 require 'httpauth/basic'
-require 'httpauth/digest'
+require 'httpauth/digest'

data/lib/httpauth/basic.rb CHANGED

@@ -7,7 +7,7 @@ module HTTPAuth
   # the server sends a challenge and the client has to respond to that with the correct credentials. These
   # credentials will have to be sent with every request from that point on.
   #
-  # == On the server
+  # == On the server
   #
   # On the server you will have to check the headers for the 'Authorization' header. When you find one unpack
   # it and check it against your database of credentials. If the credentials are wrong you have to return a
@@ -53,47 +53,46 @@ module HTTPAuth
   #   end
   class Basic
     class << self
       # Unpacks the HTTP Basic 'Authorization' credential header
       #
       # * <tt>authorization</tt>: The contents of the Authorization header
       # * Returns a list with two items: the username and password
-      def unpack_authorization(authorization)
+      def unpack_authorization(authorization)
         d = authorization.split ' '
-        raise ArgumentError.new("HTTPAuth::Basic can only unpack Basic Authentication headers") unless d[0] == 'Basic'
+        fail(ArgumentError, 'HTTPAuth::Basic can only unpack Basic Authentication headers') unless d[0] == 'Basic'
         Base64.decode64(d[1]).split(':')[0..1]
       end
       # Packs HTTP Basic credentials to an 'Authorization' header
       #
       # * <tt>username</tt>: A string with the username
       # * <tt>password</tt>: A string with the password
       def pack_authorization(username, password)
-        "Basic %s" % Base64.encode64("#{username}:#{password}").gsub("\n", '')
+        format('Basic %s', Base64.encode64("#{username}:#{password}").gsub("\n", ''))
       end
       # Returns contents for the WWW-authenticate header
       #
       # * <tt>realm</tt>: A string with a recognizable title for the restricted resource
       def pack_challenge(realm)
-        "Basic realm=\"%s\"" % realm.gsub('"', '')
+        format("Basic realm=\"%s\"", realm.gsub('"', ''))
       end
       # Returns the name of the realm in a WWW-Authenticate header
       #
       # * <tt>authenticate</tt>: The contents of the WWW-Authenticate header
       def unpack_challenge(authenticate)
         if authenticate =~ /Basic\srealm=\"([^\"]*)\"/
-          return $1
+          return Regexp.last_match[1]
         else
           if authenticate =~ /^Basic/
-            raise UnwellformedHeader.new("Can't parse the WWW-Authenticate header, it's probably not well formed")
+            fail(UnwellformedHeader, "Can't parse the WWW-Authenticate header, it's probably not well formed")
           else
-            raise ArgumentError.new("HTTPAuth::Basic can only unpack Basic Authentication headers")
+            fail(ArgumentError, 'HTTPAuth::Basic can only unpack Basic Authentication headers')
           end
         end
       end
       # Finds and unpacks the authorization credentials in a hash with the CGI enviroment. Returns [nil,nil] if no
       # credentials were found. See HTTPAuth::CREDENTIAL_HEADERS for supported variable names.
       #
@@ -105,10 +104,10 @@ module HTTPAuth
       #   RewriteEngine on
       #   RewriteRule ^admin/ - [E=X-HTTP-AUTHORIZATION:%{HTTP:Authorization}]
       def get_credentials(env)
-        d = HTTPAuth::CREDENTIAL_HEADERS.inject(false) { |d,h| env[h] || d }
-        return unpack_authorization(d) unless !d or d.nil? or d.empty?
+        d = HTTPAuth::CREDENTIAL_HEADERS.inject(false) { |a, e| env[e] || a }
+        return unpack_authorization(d) unless !d || d.nil? || d.empty?
         [nil, nil]
       end
     end
   end
-end
+end

data/lib/httpauth/constants.rb CHANGED

@@ -4,11 +4,11 @@
 # For more information see RFC 2617 (http://www.ietf.org/rfc/rfc2617.txt)
 module HTTPAuth
   VERSION = '0.2'
   CREDENTIAL_HEADERS = %w{REDIRECT_X_HTTP_AUTHORIZATION X-HTTP-AUTHORIZATION X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION}
-  SUPPORTED_SCHEMES = { :basic => 'Basic', :digest => 'Digest' }
-  SUPPORTED_QOPS = ['auth', 'auth-int']
-  SUPPORTED_ALGORITHMS = ['MD5', 'MD5-sess']
+  SUPPORTED_SCHEMES = {:basic => 'Basic', :digest => 'Digest'}
+  SUPPORTED_QOPS = %w[auth auth-int]
+  SUPPORTED_ALGORITHMS = %w[MD5 MD5-sess]
   PREFERRED_QOP = 'auth'
   PREFERRED_ALGORITHM = 'MD5'
-end
+end

data/lib/httpauth/digest.rb CHANGED

@@ -60,66 +60,66 @@ module HTTPAuth
           elsif variant == :challenge
             encode.merge! :qop => :list_to_comma_quoted_string
           else
-            raise ArgumentError.new("#{variant} is not a valid value for `variant' use :auth, :credentials or :challenge")
+            fail(ArgumentError, "#{variant} is not a valid value for `variant' use :auth, :credentials or :challenge")
           end
           (variant == :auth ? '' : 'Digest ') + h.collect do |directive, value|
             '' << directive.to_s << '=' << if encode[directive]
-                begin
-                  Conversions.send encode[directive], value
-                rescue NoMethodError, ArgumentError
-                  raise ArgumentError.new("Can't encode #{directive}(#{value.inspect}) with #{encode[directive]}")
-                end
-              elsif encode[directive].nil?
-                begin
-                  Conversions.quote_string value
-                rescue NoMethodError, ArgumentError
-                  raise ArgumentError.new("Can't encode #{directive}(#{value.inspect}) with quote_string")
-                end
-              else
-                value
+              begin
+                Conversions.send encode[directive], value
+              rescue NoMethodError, ArgumentError
+                raise(ArgumentError, "Can't encode #{directive}(#{value.inspect}) with #{encode[directive]}")
               end
-          end.join(", ")
+            elsif encode[directive].nil?
+              begin
+                Conversions.quote_string value
+              rescue NoMethodError, ArgumentError
+                raise(ArgumentError, "Can't encode #{directive}(#{value.inspect}) with quote_string")
+              end
+            else
+              value
+            end
+          end.join(', ')
         end
         # Decodes digest directives from a header. Returns a hash with directives.
         #
         # * <tt>directives</tt>: The directives
         # * <tt>variant</tt>: Specifies whether the directives are for an Authorize header (:credentials),
-        #   for a WWW-Authenticate header (:challenge) or for a Authentication-Info header (:auth_info).
+        #   for a WWW-Authenticate header (:challenge) or for a Authentication-Info header (:auth_info).
         def decode_directives(directives, variant)
-          raise HTTPAuth::UnwellformedHeader.new("Can't decode directives which are nil") if directives.nil?
+          fail(HTTPAuth::UnwellformedHeader, "Can't decode directives which are nil") if directives.nil?
           decode = {:domain => :space_quoted_string_to_list, :algorithm => false, :stale => :str_to_bool, :nc => :hex_to_int}
           if [:credentials, :auth].include? variant
             decode.merge! :qop => false
           elsif variant == :challenge
             decode.merge! :qop => :comma_quoted_string_to_list
           else
-            raise ArgumentError.new("#{variant} is not a valid value for `variant' use :auth, :credentials or :challenge")
+            fail(ArgumentError, "#{variant} is not a valid value for `variant' use :auth, :credentials or :challenge")
           end
-          start = 0
-          unless variant == :auth
+          start = 0
+          unless variant == :auth
             # The first six characters are 'Digest '
             start = 6
             scheme = directives[0..6].strip
-            raise HTTPAuth::UnwellformedHeader.new("Scheme should be Digest, server responded with `#{directives}'") unless scheme == 'Digest'
+            fail(HTTPAuth::UnwellformedHeader, "Scheme should be Digest, server responded with `#{directives}'") unless scheme == 'Digest'
           end
           # The rest are the directives
           # TODO: split is ugly, I want a real parser (:
-          directives[start..-1].split(',').inject({}) do |h,part|
+          directives[start..-1].split(',').inject({}) do |h, part|
             parts = part.split('=')
             name = parts[0].strip.intern
             value = parts[1..-1].join('=').strip
             # --- HACK
             # IE and Safari qoute qop values
             # IE also quotes algorithm values
-            if variant != :challenge and [:qop, :algorithm].include?(name) and value =~ /^\"[^\"]+\"$/
+            if variant != :challenge && [:qop, :algorithm].include?(name) && value =~ /^\"[^\"]+\"$/
               value = Conversions.unquote_string(value)
             end
             # --- END HACK
             if decode[name]
               h[name] = Conversions.send decode[name], value
             elsif decode[name].nil?
@@ -130,19 +130,25 @@ module HTTPAuth
             h
           end
         end
         # Concat arguments the way it's done frequently in the Digest spec.
         #
         #   digest_concat('a', 'b') #=> "a:b"
         #   digest_concat('a', 'b', c') #=> "a:b:c"
-        def digest_concat(*args); args.join ':'; end
+        def digest_concat(*args)
+          args.join ':'
+        end
         # Calculate the MD5 hexdigest for the string data
-        def digest_h(data); ::Digest::MD5.hexdigest data; end
+        def digest_h(data)
+          ::Digest::MD5.hexdigest data
+        end
         # Calculate the KD value of a secret and data as explained in the RFC.
-        def digest_kd(secret, data); digest_h digest_concat(secret, data); end
+        def digest_kd(secret, data)
+          digest_h digest_concat(secret, data)
+        end
         # Calculate the Digest for the credentials
         def htdigest(username, realm, password)
           digest_h digest_concat(username, realm, password)
@@ -162,7 +168,7 @@ module HTTPAuth
             h[:digest] || htdigest(h[:username], h[:realm], h[:password])
           end
         end
         # Calculate the H(A2) for the Authorize header as explained in the RFC.
         def request_digest_a2(h)
           # TODO: check for known qop values (look out for the safari qop quote bug)
@@ -186,7 +192,7 @@ module HTTPAuth
         #
         # * <tt>variant</tt>: Either <tt>:request</tt> or <tt>:response</tt>, as seen from the server.
         def calculate_digest(h, s, variant)
-          raise ArgumentError.new("Variant should be either :request or :response, not #{variant}") unless [:request, :response].include?(variant)
+          fail(ArgumentError, "Variant should be either :request or :response, not #{variant}") unless [:request, :response].include?(variant)
           # Compatability with RFC 2069
           if h[:qop].nil?
             digest_kd digest_a1(h, s), digest_concat(
@@ -203,7 +209,7 @@ module HTTPAuth
             )
           end
         end
         # Return a hash with the keys in <tt>keys</tt> found in <tt>h</tt>.
         #
         # Example
@@ -211,16 +217,16 @@ module HTTPAuth
         #   filter_h_on({1=>1,2=>2}, [1]) #=> {1=>1}
         #   filter_h_on({1=>1,2=>2}, [1, 2]) #=> {1=>1,2=>2}
         def filter_h_on(h, keys)
-          h.inject({}) { |r,l| keys.include?(l[0]) ? r.merge({l[0]=>l[1]}) : r }
+          h.inject({}) { |a, e| keys.include?(e[0]) ? a.merge(e[0] => e[1]) : a }
         end
         # Create a nonce value of the time and a salt. The nonce is created in such a
         # way that the issuer can check the age of the nonce.
         #
         # * <tt>salt</tt>: A reasonably long passphrase known only to the issuer.
         def create_nonce(salt)
           now = Time.now
-          time = now.strftime("%Y-%m-%d %H:%M:%S").to_s + ':' + now.usec.to_s
+          time = now.strftime('%Y-%m-%d %H:%M:%S').to_s + ':' + now.usec.to_s
           Base64.encode64(
           digest_concat(
               time,
@@ -228,20 +234,21 @@ module HTTPAuth
             )
           ).gsub("\n", '')[0..-3]
         end
         # Create a 32 character long opaque string with a 'random' value
         def create_opaque
-          s = []; 16.times { s << rand(127).chr }
+          s = []
+          16.times { s << rand(127).chr }
           digest_h s.join
         end
       end
     end
     # Superclass for all the header container classes
     class AbstractHeader
       # holds directives and values for digest calculation
       attr_reader :h
       # Redirects attribute messages to the internal directives
       #
       # Example:
@@ -257,17 +264,16 @@ module HTTPAuth
       #   c.username = 'Mary'
       #   c.username #=> 'Mary'
       def method_missing(m, *a)
-        if ((m.to_s =~ /^(.*)=$/) == 0) and @h.keys.include?($1.intern)
-          @h[$1.intern] = a[0]
+        if ((m.to_s =~ /^(.*)=$/) == 0) && @h.keys.include?(Regexp.last_match[1].intern)
+          @h[Regexp.last_match[1].intern] = a[0]
         elsif @h.keys.include? m
           @h[m]
         else
-          raise NameError.new("undefined method `#{m}' for #{self}")
+          fail(NameError, "undefined method `#{m}' for #{self}")
         end
       end
     end
     # The Credentials class handlers the Authorize header. The Authorize header is sent by a client who wants to
     # let the server know he has the credentials needed to access a resource.
     #
@@ -275,34 +281,34 @@ module HTTPAuth
     class Credentials < AbstractHeader
       # Holds an explanation why <tt>validate</tt> returned false.
       attr_reader :reason
       # Parses the information from an Authorize header and creates a new Credentials instance with the information.
       # The options hash allows you to specify additional information.
       #
       # * <tt>authorization</tt>: The contents of the Authorize header
       # See <tt>initialize</tt> for valid options.
-      def self.from_header(authorization, options={})
+      def self.from_header(authorization, options = {})
         new Utils.decode_directives(authorization, :credentials), options
       end
       # Creates a new Credential instance based on a Challenge instance.
       #
       # * <tt>challenge</tt>: A Challenge instance
       # See <tt>initialize</tt> for valid options.
-      def self.from_challenge(challenge, options={})
+      def self.from_challenge(challenge, options = {})
         credentials = new challenge.h
         credentials.update_from_challenge! options
         credentials
       end
-      def self.load(filename, options={})
+      def self.load(filename, options = {})
         h = nil
         File.open(filename, 'r') do |f|
           h = Marshal.load f
         end
         new h, options
       end
       # Create a new instance.
       #
       # * <tt>h</tt>:  A Hash with directives, normally this is filled with the directives coming from a Challenge instance.
@@ -314,26 +320,26 @@ module HTTPAuth
       #   * <tt>:uri</tt>: Mostly set by the client to send the uri
       #   * <tt>:method</tt>: The HTTP Method used by the client to send the request, this should be an uppercase string
       #     with the name of the verb.
-      def initialize(h, options={})
+      def initialize(h, options = {})
         @h = h
         @h.merge! options
         session = Session.new h[:opaque], :tmpdir => options[:tmpdir]
         @s = session.load
         @reason = 'There has been no validation yet'
       end
       # Convenience method, basically an alias for <code>validate(options.merge(:password => password))</code>
-      def validate_password(password, options={})
+      def validate_password(password, options = {})
         options[:password] = password
         validate(options)
       end
       # Convenience method, basically an alias for <code>validate(options.merge(:digest => digest))</code>
-      def validate_digest(digest, options={})
+      def validate_digest(digest, options = {})
         options[:digest] = digest
         validate(options)
       end
       # Validates the credential information stored in the Credentials instance. Returns <tt>true</tt> or
       # <tt>false</tt>. You can read the ue
       #
@@ -346,9 +352,9 @@ module HTTPAuth
       #     provided.
       def validate(options)
         ho = @h.merge(options)
-        raise ArgumentError.new("You have to set the :request_body value if you want to use :qop => 'auth-int'") if @h[:qop] == 'auth-int' and ho[:request_body].nil?
-        raise ArgumentError.new("Please specify the request method :method (ie. GET)") if ho[:method].nil?
+        fail(ArgumentError, "You have to set the :request_body value if you want to use :qop => 'auth-int'") if @h[:qop] == 'auth-int' && ho[:request_body].nil?
+        fail(ArgumentError, 'Please specify the request method :method (ie. GET)') if ho[:method].nil?
         calculated_response = Utils.calculate_digest(ho, @s, :request)
         if ho[:response] == calculated_response
           @reason = ''
@@ -358,13 +364,13 @@ module HTTPAuth
         end
         false
       end
       # Encodeds directives and returns a string that can be used in the Authorize header
       def to_header
         Utils.encode_directives Utils.filter_h_on(@h,
-          [:username, :realm, :nonce, :uri, :response, :algorithm, :cnonce, :opaque, :qop, :nc]), :credentials
+                                                  [:username, :realm, :nonce, :uri, :response, :algorithm, :cnonce, :opaque, :qop, :nc]), :credentials
       end
       # Updates @h from options, generally called after an instance was created with <tt>from_challenge</tt>.
       def update_from_challenge!(options)
         # TODO: integrity checks
@@ -375,17 +381,17 @@ module HTTPAuth
         @h[:method] = options[:method]
         @h[:request_body] = options[:request_body]
         unless @h[:qop].nil?
-          # Determine the QOP
-          if !options[:qop].nil? and @h[:qop].include?(options[:qop])
+          # Determine the QOP
+          if !options[:qop].nil? && @h[:qop].include?(options[:qop])
             @h[:qop] = options[:qop]
           elsif @h[:qop].include?(HTTPAuth::PREFERRED_QOP)
             @h[:qop] = HTTPAuth::PREFERRED_QOP
           else
-            qop = @h[:qop].detect { |qop| HTTPAuth::SUPPORTED_QOPS.include? qop }
-            unless qop.nil?
-              @h[:qop] = qop
+            qop = @h[:qop].detect { |qop_field| HTTPAuth::SUPPORTED_QOPS.include? qop_field }
+            if qop.nil?
+              fail(UnsupportedError, "HTTPAuth doesn't support any of the proposed qop values: #{@h[:qop].inspect}")
             else
-              raise UnsupportedError.new("HTTPAuth doesn't support any of the proposed qop values: #{@h[:qop].inspect}")
+              @h[:qop] = qop
             end
           end
           @h[:cnonce] ||= Utils.create_nonce options[:salt]
@@ -399,25 +405,23 @@ module HTTPAuth
           Marshal.dump(Utils.filter_h_on(@h, [:username, :realm, :nonce, :algorithm, :cnonce, :opaque, :qop, :nc]), f)
         end
       end
     end
     # The Challenge class handlers the WWW-Authenticate header. The WWW-Authenticate header is sent by a server when
     # accessing a resource without credentials is prohibided. The header should always be sent together with a 401
     # status.
     #
     # See the Digest module for examples
     class Challenge < AbstractHeader
       # Parses the information from a WWW-Authenticate header and creates a new WWW-Authenticate instance with this
       # data.
       #
       # * <tt>challenge</tt>: The contents of a WWW-Authenticate header
       # See <tt>initialize</tt> for valid options.
-      def self.from_header(challenge, options={})
+      def self.from_header(challenge, options = {})
         new Utils.decode_directives(challenge, :challenge), options
       end
       # Create a new instance.
       #
       # * <tt>h</tt>: A Hash with directives, normally this is filled with directives coming from a Challenge instance.
@@ -425,18 +429,18 @@ module HTTPAuth
       #   * <tt>:realm</tt>: The name of the realm the client should authenticate for. The RFC suggests to use a string
       #     like 'admin@yourhost.domain.com'. Be sure to use a reasonably long string to avoid brute force attacks.
       #   * <tt>:qop</tt>: A list with supported qop values. For example: <code>['auth-int']</code>. This will default
-      #     to <code>['auth']</code>. Although this implementation supports both auth and auth-int, most
+      #     to <code>['auth']</code>. Although this implementation supports both auth and auth-int, most
       #     implementations don't. Some implementations get confused when they receive anything but 'auth'. For
       #     maximum compatibility you should leave this setting alone.
       #   * <tt>:algorithm</tt>: The preferred algorithm for calculating the digest. For
       #     example: <code>'MD5-sess'</code>. This will default to <code>'MD5'</code>. For
       #     maximum compatibility you should leave this setting alone.
       #
-      def initialize(h, options={})
+      def initialize(h, options = {})
         @h = h
         @h.merge! options
       end
       # Encodes directives and returns a string that can be used as the WWW-Authenticate header
       def to_header
         @h[:nonce] ||= Utils.create_nonce @h[:salt]
@@ -444,36 +448,35 @@ module HTTPAuth
         @h[:algorithm] ||= HTTPAuth::PREFERRED_ALGORITHM
         @h[:qop] ||= [HTTPAuth::PREFERRED_QOP]
         Utils.encode_directives Utils.filter_h_on(@h,
-          [:realm, :domain, :nonce, :opaque, :stale, :algorithm, :qop]), :challenge
+                                                  [:realm, :domain, :nonce, :opaque, :stale, :algorithm, :qop]), :challenge
       end
     end
     # The AuthenticationInfo class handles the Authentication-Info header. Sending Authentication-Info headers will
-    # allow the client to check the integrity of the response, but it isn't compulsory and will get in the way of
+    # allow the client to check the integrity of the response, but it isn't compulsory and will get in the way of
     # pipelined retrieval of resources.
     #
     # See the Digest module for examples
     class AuthenticationInfo < AbstractHeader
       # Parses the information from a Authentication-Info header and creates a new AuthenticationInfo instance with
       # this data.
       #
       # * <tt>auth_info</tt>: The contents of the Authentication-Info header
       # See <tt>initialize</tt> for valid options.
-      def self.from_header(auth_info, options={})
+      def self.from_header(auth_info, options = {})
         new Utils.decode_directives(auth_info, :auth), options
       end
       # Creates a new AuthenticationInfo instance based on the information from Credentials instance.
       #
       # * <tt>credentials</tt>: A Credentials instance
       # See <tt>initialize</tt> for valid options.
-      def self.from_credentials(credentials, options={})
+      def self.from_credentials(credentials, options = {})
         auth_info = new credentials.h
         auth_info.update_from_credentials! options
         auth_info
       end
       # Create a new instance.
       #
       # * <tt>h</tt>: A Hash with directives, normally this is filled with the directives coming from a
@@ -482,17 +485,17 @@ module HTTPAuth
       #   * <tt>:digest</tt>: The digest for the specified username and realm.
       #   * <tt>:response_body</tt> The body of the response that's going to be sent to the client. This is a
       #     compulsory option if the qop directive is 'auth-int'.
-      def initialize(h, options={})
+      def initialize(h, options = {})
         @h = h
         @h.merge! options
       end
       # Encodes directives and returns a string that can be used as the AuthorizationInfo header
       def to_header
         Utils.encode_directives Utils.filter_h_on(@h,
-          [:nextnonce, :qop, :rspauth, :cnonce, :nc]), :auth
+                                                  [:nextnonce, :qop, :rspauth, :cnonce, :nc]), :auth
       end
       # Updates @h from options, generally called after an instance was created with <tt>from_credentials</tt>.
       def update_from_credentials!(options)
         # TODO: update @h after nonce invalidation
@@ -512,16 +515,14 @@ module HTTPAuth
       #   * <tt>:nonce</tt>:nonce
       def validate(options)
         ho = @h.merge(options)
-        return @h[:rspauth] == Utils.calculate_digest(ho, @s, :response)
+        @h[:rspauth] == Utils.calculate_digest(ho, @s, :response)
       end
     end
     # Conversion for a number of internal data structures to and from directives in the headers. Implementations
     # shouldn't have to call any methods on Conversions.
     class Conversions
       class << self
         # Adds quotes around the string
         def quote_string(str)
           "\"#{str.gsub(/\"/, '')}\""
@@ -529,7 +530,7 @@ module HTTPAuth
         # Removes quotes from around a string
         def unquote_string(str)
-          str =~ /^\"([^\"]*)\"$/ ? $1 : str
+          str =~ /^\"([^\"]*)\"$/ ? Regexp.last_match[1] : str
         end
         # Creates an int value from hex values
@@ -546,7 +547,7 @@ module HTTPAuth
         def str_to_bool(str)
           str == 'true'
         end
         # Creates a string value from a boolean => 'true' or 'false'
         def bool_to_str(bool)
           bool ? 'true' : 'false'
@@ -578,41 +579,39 @@ module HTTPAuth
     class Session
       attr_accessor :opaque
       attr_accessor :options
       # Initializes the new Session object.
       #
       # * <tt>opaque</tt> - A string to identify the session. This would normally be the <tt>opaque</tt> sent by the
       #   client, but it could also be an identifier sent through a different mechanism.
       # * <tt>options</tt> - Additional options
       #   * <tt>:tmpdir</tt> A tempory directory for storing the session data. Dir::tmpdir is the default.
-      def initialize(opaque, options={})
+      def initialize(opaque, options = {})
         self.opaque = opaque
         self.options = options
       end
       # Associates the new data to the session and removes the old
       def save(data)
         File.open(filename, 'w') do |f|
           f.write Marshal.dump(data)
         end
       end
       # Returns the data from this session
       def load
-        begin
-          File.open(filename, 'r') do |f|
-            Marshal.load f.read
-          end
-        rescue Errno::ENOENT
-          {}
+        File.open(filename, 'r') do |f|
+          Marshal.load f.read
         end
+      rescue Errno::ENOENT
+        {}
       end
-      protected
+    protected
       # The filename from which the session will be saved and read from
       def filename
-        "#{options[:tmpdir] || Dir::tmpdir}/ruby_digest_cache.#{self.opaque}"
+        "#{options[:tmpdir] || Dir.tmpdir}/ruby_digest_cache.#{opaque}"
       end
     end
   end

data/lib/httpauth/exceptions.rb CHANGED

@@ -5,4 +5,4 @@ module HTTPAuth
   class UnsupportedError < ArgumentError; end
   # Raise when validation on the request failed, most of the times this means that someone is trying to do replay attacks.
   class ValidationError < ArgumentError; end
-end
+end

metadata CHANGED

@@ -1,72 +1,68 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification
 name: httpauth
-version: !ruby/object:Gem::Version
-  hash: 23
-  prerelease:
-  segments:
-  - 0
-  - 2
-  - 0
-  version: 0.2.0
+version: !ruby/object:Gem::Version
+  version: 0.2.1
 platform: ruby
-authors:
+authors:
 - Manfred Stienstra
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-09-25 00:00:00 Z
-dependencies: []
+date: 2014-01-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
 description: Library for the HTTP Authentication protocol (RFC 2617)
 email: manfred@fngtpspec.com
 executables: []
 extensions: []
-extra_rdoc_files:
+extra_rdoc_files:
 - README.md
 - LICENSE
-files:
-- README.md
+files:
 - LICENSE
+- README.md
+- lib/httpauth.rb
 - lib/httpauth/basic.rb
 - lib/httpauth/constants.rb
 - lib/httpauth/digest.rb
 - lib/httpauth/exceptions.rb
-- lib/httpauth.rb
 homepage: https://github.com/Manfred/HTTPauth
-licenses: []
+licenses:
+- MIT
+metadata: {}
 post_install_message:
-rdoc_options:
-- --charset=utf-8
-require_paths:
+rdoc_options:
+- "--charset=utf-8"
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
-  requirements:
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version
-      hash: 3
-      segments:
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
-  requirements:
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version
-      hash: 3
-      segments:
-      - 0
-      version: "0"
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 1.8.18
+rubygems_version: 2.2.0
 signing_key:
-specification_version: 3
-summary: HTTPauth is a library supporting the full HTTP Authentication protocol as specified in RFC 2617; both Digest Authentication and Basic Authentication.
+specification_version: 4
+summary: HTTPauth is a library supporting the full HTTP Authentication protocol as
+  specified in RFC 2617; both Digest Authentication and Basic Authentication.
 test_files: []