net-http-digest_auth 1.2.1 → 1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/History.txt +10 -1
- data/Rakefile +2 -0
- data/lib/net/http/digest_auth.rb +21 -15
- data/test/test_net_http_digest_auth.rb +13 -3
- metadata +68 -89
- metadata.gz.sig +4 -1
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: eb621ddbf77aa8455c2add5687d6ffb11ff5f3c6
|
4
|
+
data.tar.gz: 2a16c18f3591cb78ce5eb3a89f0bcda0ad5aa7d7
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 1704fdbc76c94904ca541529d36d815f31b63cd5ffb2d5467661444d00aef0aef6d048510d6eec1f7d6dd4e6967dfb0e34d861cf9e33603fe2a2a58d5fc2095e
|
7
|
+
data.tar.gz: 71e3216a92033e862ff0f71dc3d85eca7119203fd29c402cf1fee5845df9d0902f4f5b2eb61b0317e0cf58b2a836d0d9fcbba0014f96ef5a3aaa71fa1a27d46d
|
checksums.yaml.gz.sig
ADDED
Binary file
|
data.tar.gz.sig
CHANGED
Binary file
|
data/History.txt
CHANGED
@@ -1,4 +1,13 @@
|
|
1
|
-
=== 1.
|
1
|
+
=== 1.3 / 2012-03-28
|
2
|
+
|
3
|
+
* Minor enhancements
|
4
|
+
* The cnonce is regenerated for every request to improve security.
|
5
|
+
* SecureRandom is used to generate the cnonce instead of Kernel#rand
|
6
|
+
* Bug fix
|
7
|
+
* cnonce and nonce-count are no longer sent when qop was not provided per
|
8
|
+
RFC 2617 section 3.2.2.
|
9
|
+
|
10
|
+
=== 1.2.1 / 2012-05-18
|
2
11
|
|
3
12
|
* Bug fix
|
4
13
|
* Fixed -sess authentication. This also fixes pull request #4 by joe81
|
data/Rakefile
CHANGED
@@ -14,6 +14,8 @@ Hoe.spec 'net-http-digest_auth' do
|
|
14
14
|
'docs.seattlerb.org:/data/www/docs.seattlerb.org/net-http-digest_auth/'
|
15
15
|
rdoc_locations <<
|
16
16
|
'rubyforge.org:/var/www/gforge-projects/seattlerb/net-http-digest_auth/'
|
17
|
+
|
18
|
+
self.spec_extras[:required_ruby_version] = '>= 1.8.7'
|
17
19
|
end
|
18
20
|
|
19
21
|
# vim: syntax=Ruby
|
data/lib/net/http/digest_auth.rb
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
require 'cgi'
|
2
2
|
require 'digest'
|
3
|
-
require 'net/http'
|
4
3
|
require 'monitor'
|
4
|
+
require 'net/http'
|
5
|
+
require 'securerandom'
|
5
6
|
|
6
7
|
##
|
7
8
|
# An implementation of RFC 2617 Digest Access Authentication.
|
@@ -48,18 +49,14 @@ class Net::HTTP::DigestAuth
|
|
48
49
|
##
|
49
50
|
# Version of Net::HTTP::DigestAuth you are using
|
50
51
|
|
51
|
-
VERSION = '1.
|
52
|
+
VERSION = '1.3'
|
52
53
|
|
53
54
|
##
|
54
55
|
# Creates a new DigestAuth header creator.
|
55
|
-
#
|
56
|
-
# +cnonce+ is the client nonce value. This should be an MD5 hexdigest of a
|
57
|
-
# secret value.
|
58
56
|
|
59
|
-
def initialize
|
57
|
+
def initialize ignored = :ignored
|
60
58
|
mon_initialize
|
61
59
|
@nonce_count = -1
|
62
|
-
@cnonce = cnonce
|
63
60
|
end
|
64
61
|
|
65
62
|
##
|
@@ -107,22 +104,23 @@ class Net::HTTP::DigestAuth
|
|
107
104
|
sess = $2
|
108
105
|
end
|
109
106
|
|
107
|
+
qop = params['qop']
|
108
|
+
cnonce = make_cnonce if qop or sess
|
109
|
+
|
110
110
|
a1 = if sess then
|
111
111
|
[ algorithm.hexdigest("#{user}:#{params['realm']}:#{password}"),
|
112
112
|
params['nonce'],
|
113
|
-
|
113
|
+
cnonce,
|
114
114
|
].join ':'
|
115
115
|
else
|
116
116
|
"#{user}:#{params['realm']}:#{password}"
|
117
117
|
end
|
118
118
|
|
119
|
-
qop = params['qop']
|
120
|
-
|
121
119
|
ha1 = algorithm.hexdigest a1
|
122
120
|
ha2 = algorithm.hexdigest "#{method}:#{uri.request_uri}"
|
123
121
|
|
124
122
|
request_digest = [ha1, params['nonce']]
|
125
|
-
request_digest.push(('%08x' % nonce_count),
|
123
|
+
request_digest.push(('%08x' % nonce_count), cnonce, qop) if qop
|
126
124
|
request_digest << ha2
|
127
125
|
request_digest = request_digest.join ':'
|
128
126
|
|
@@ -138,8 +136,12 @@ class Net::HTTP::DigestAuth
|
|
138
136
|
end,
|
139
137
|
"uri=\"#{uri.request_uri}\"",
|
140
138
|
"nonce=\"#{params['nonce']}\"",
|
141
|
-
|
142
|
-
|
139
|
+
if qop then
|
140
|
+
[
|
141
|
+
"nc=#{'%08x' % @nonce_count}",
|
142
|
+
"cnonce=\"#{cnonce}\"",
|
143
|
+
]
|
144
|
+
end,
|
143
145
|
"response=\"#{algorithm.hexdigest(request_digest)[0, 32]}\"",
|
144
146
|
if params.key? 'opaque' then
|
145
147
|
"opaque=\"#{params['opaque']}\""
|
@@ -151,10 +153,14 @@ class Net::HTTP::DigestAuth
|
|
151
153
|
|
152
154
|
##
|
153
155
|
# Creates a client nonce value that is used across all requests based on the
|
154
|
-
# current time
|
156
|
+
# current time, process id and a random number
|
155
157
|
|
156
158
|
def make_cnonce
|
157
|
-
Digest::MD5.hexdigest
|
159
|
+
Digest::MD5.hexdigest [
|
160
|
+
Time.now.to_i,
|
161
|
+
$$,
|
162
|
+
SecureRandom.random_number(2**32),
|
163
|
+
].join ':'
|
158
164
|
end
|
159
165
|
|
160
166
|
def next_nonce
|
@@ -28,7 +28,11 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
|
|
28
28
|
'response="67be92a5e7b38d08679957db04f5da04"'
|
29
29
|
]
|
30
30
|
|
31
|
-
@da = Net::HTTP::DigestAuth.new
|
31
|
+
@da = Net::HTTP::DigestAuth.new
|
32
|
+
|
33
|
+
def @da.make_cnonce
|
34
|
+
'9ea5ff3bd34554a4165bbdc1df91dcff'
|
35
|
+
end
|
32
36
|
end
|
33
37
|
|
34
38
|
def expected
|
@@ -54,7 +58,9 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
|
|
54
58
|
@header.sub! ' qop="auth",', ''
|
55
59
|
|
56
60
|
@expected[8] = 'response="32f6ca1631ccf7c42a8075deff44e470"'
|
57
|
-
@expected.
|
61
|
+
@expected.delete 'qop=auth'
|
62
|
+
@expected.delete 'cnonce="9ea5ff3bd34554a4165bbdc1df91dcff"'
|
63
|
+
@expected.delete 'nc=00000000'
|
58
64
|
|
59
65
|
assert_equal expected, @da.auth_header(@uri, @header, 'GET')
|
60
66
|
end
|
@@ -101,7 +107,11 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
|
|
101
107
|
end
|
102
108
|
|
103
109
|
def test_make_cnonce
|
104
|
-
|
110
|
+
da = Net::HTTP::DigestAuth.new
|
111
|
+
|
112
|
+
cnonce = da.make_cnonce
|
113
|
+
assert_match %r%\A[a-f\d]{32}\z%, cnonce
|
114
|
+
refute_equal cnonce, da.make_cnonce
|
105
115
|
end
|
106
116
|
|
107
117
|
def test_next_nonce
|
metadata
CHANGED
@@ -1,24 +1,18 @@
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
2
|
name: net-http-digest_auth
|
3
|
-
version: !ruby/object:Gem::Version
|
4
|
-
|
5
|
-
prerelease:
|
6
|
-
segments:
|
7
|
-
- 1
|
8
|
-
- 2
|
9
|
-
- 1
|
10
|
-
version: 1.2.1
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: '1.3'
|
11
5
|
platform: ruby
|
12
|
-
authors:
|
6
|
+
authors:
|
13
7
|
- Eric Hodel
|
14
8
|
autorequire:
|
15
9
|
bindir: bin
|
16
|
-
cert_chain:
|
10
|
+
cert_chain:
|
17
11
|
- |
|
18
12
|
-----BEGIN CERTIFICATE-----
|
19
13
|
MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBBMRAwDgYDVQQDDAdkcmJy
|
20
14
|
YWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZFgNu
|
21
|
-
|
15
|
+
ZXQwHhcNMTMwMjI4MDUyMjA4WhcNMTQwMjI4MDUyMjA4WjBBMRAwDgYDVQQDDAdk
|
22
16
|
cmJyYWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZ
|
23
17
|
FgNuZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbbgLrGLGIDE76
|
24
18
|
LV/cvxdEzCuYuS3oG9PrSZnuDweySUfdp/so0cDq+j8bqy6OzZSw07gdjwFMSd6J
|
@@ -29,80 +23,74 @@ cert_chain:
|
|
29
23
|
sCANiQ8BAgMBAAGjezB5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
|
30
24
|
BBS5k4Z75VSpdM0AclG2UvzFA/VW5DAfBgNVHREEGDAWgRRkcmJyYWluQHNlZ21l
|
31
25
|
bnQ3Lm5ldDAfBgNVHRIEGDAWgRRkcmJyYWluQHNlZ21lbnQ3Lm5ldDANBgkqhkiG
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
26
|
+
9w0BAQUFAAOCAQEAOflo4Md5aJF//EetzXIGZ2EI5PzKWX/mMpp7cxFyDcVPtTv0
|
27
|
+
js/6zWrWSbd60W9Kn4ch3nYiATFKhisgeYotDDz2/pb/x1ivJn4vEvs9kYKVvbF8
|
28
|
+
V7MV/O5HDW8Q0pA1SljI6GzcOgejtUMxZCyyyDdbUpyAMdt9UpqTZkZ5z1sicgQk
|
29
|
+
5o2XJ+OhceOIUVqVh1r6DNY5tLVaGJabtBmJAYFVznDcHiSFybGKBa5n25Egql1t
|
30
|
+
KDyY1VIazVgoC8XvR4h/95/iScPiuglzA+DBG1hip1xScAtw05BrXyUNrc9CEMYU
|
31
|
+
wgF94UVoHRp6ywo8I7NP3HcwFQDFNEZPNGXsng==
|
38
32
|
-----END CERTIFICATE-----
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
- !ruby/object:Gem::Dependency
|
33
|
+
date: 2013-03-29 00:00:00.000000000 Z
|
34
|
+
dependencies:
|
35
|
+
- !ruby/object:Gem::Dependency
|
43
36
|
name: minitest
|
44
|
-
|
45
|
-
|
46
|
-
none: false
|
47
|
-
requirements:
|
37
|
+
requirement: !ruby/object:Gem::Requirement
|
38
|
+
requirements:
|
48
39
|
- - ~>
|
49
|
-
- !ruby/object:Gem::Version
|
50
|
-
|
51
|
-
segments:
|
52
|
-
- 2
|
53
|
-
- 11
|
54
|
-
version: "2.11"
|
40
|
+
- !ruby/object:Gem::Version
|
41
|
+
version: '4.6'
|
55
42
|
type: :development
|
56
|
-
version_requirements: *id001
|
57
|
-
- !ruby/object:Gem::Dependency
|
58
|
-
name: rdoc
|
59
43
|
prerelease: false
|
60
|
-
|
61
|
-
|
62
|
-
|
44
|
+
version_requirements: !ruby/object:Gem::Requirement
|
45
|
+
requirements:
|
46
|
+
- - ~>
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: '4.6'
|
49
|
+
- !ruby/object:Gem::Dependency
|
50
|
+
name: rdoc
|
51
|
+
requirement: !ruby/object:Gem::Requirement
|
52
|
+
requirements:
|
63
53
|
- - ~>
|
64
|
-
- !ruby/object:Gem::Version
|
65
|
-
|
66
|
-
segments:
|
67
|
-
- 3
|
68
|
-
- 10
|
69
|
-
version: "3.10"
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: '3.10'
|
70
56
|
type: :development
|
71
|
-
version_requirements: *id002
|
72
|
-
- !ruby/object:Gem::Dependency
|
73
|
-
name: hoe
|
74
57
|
prerelease: false
|
75
|
-
|
76
|
-
|
77
|
-
|
58
|
+
version_requirements: !ruby/object:Gem::Requirement
|
59
|
+
requirements:
|
60
|
+
- - ~>
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: '3.10'
|
63
|
+
- !ruby/object:Gem::Dependency
|
64
|
+
name: hoe
|
65
|
+
requirement: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
78
67
|
- - ~>
|
79
|
-
- !ruby/object:Gem::Version
|
80
|
-
|
81
|
-
segments:
|
82
|
-
- 3
|
83
|
-
- 0
|
84
|
-
version: "3.0"
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '3.5'
|
85
70
|
type: :development
|
86
|
-
|
71
|
+
prerelease: false
|
72
|
+
version_requirements: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - ~>
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '3.5'
|
87
77
|
description: |-
|
88
78
|
An implementation of RFC 2617 - Digest Access Authentication. At this time
|
89
79
|
the gem does not drop in to Net::HTTP and can be used for with other HTTP
|
90
80
|
clients.
|
91
|
-
|
81
|
+
|
92
82
|
In order to use net-http-digest_auth you'll need to perform some request
|
93
83
|
wrangling on your own. See the class documentation at Net::HTTP::DigestAuth
|
94
84
|
for an example.
|
95
|
-
email:
|
85
|
+
email:
|
96
86
|
- drbrain@segment7.net
|
97
87
|
executables: []
|
98
|
-
|
99
88
|
extensions: []
|
100
|
-
|
101
|
-
extra_rdoc_files:
|
89
|
+
extra_rdoc_files:
|
102
90
|
- History.txt
|
103
91
|
- Manifest.txt
|
104
92
|
- README.txt
|
105
|
-
files:
|
93
|
+
files:
|
106
94
|
- .autotest
|
107
95
|
- History.txt
|
108
96
|
- Manifest.txt
|
@@ -113,39 +101,30 @@ files:
|
|
113
101
|
- sample/net_http_example.rb
|
114
102
|
- test/test_net_http_digest_auth.rb
|
115
103
|
- .gemtest
|
116
|
-
homepage: http://
|
104
|
+
homepage: http://github.com/drbrain/net-http-digest_auth
|
117
105
|
licenses: []
|
118
|
-
|
106
|
+
metadata: {}
|
119
107
|
post_install_message:
|
120
|
-
rdoc_options:
|
108
|
+
rdoc_options:
|
121
109
|
- --main
|
122
110
|
- README.txt
|
123
|
-
require_paths:
|
111
|
+
require_paths:
|
124
112
|
- lib
|
125
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
none: false
|
136
|
-
requirements:
|
137
|
-
- - ">="
|
138
|
-
- !ruby/object:Gem::Version
|
139
|
-
hash: 3
|
140
|
-
segments:
|
141
|
-
- 0
|
142
|
-
version: "0"
|
113
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - '>='
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: 1.8.7
|
118
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
119
|
+
requirements:
|
120
|
+
- - '>='
|
121
|
+
- !ruby/object:Gem::Version
|
122
|
+
version: '0'
|
143
123
|
requirements: []
|
144
|
-
|
145
124
|
rubyforge_project: net-http-digest_auth
|
146
|
-
rubygems_version:
|
125
|
+
rubygems_version: 2.0.3
|
147
126
|
signing_key:
|
148
|
-
specification_version:
|
127
|
+
specification_version: 4
|
149
128
|
summary: An implementation of RFC 2617 - Digest Access Authentication
|
150
|
-
test_files:
|
129
|
+
test_files:
|
151
130
|
- test/test_net_http_digest_auth.rb
|
metadata.gz.sig
CHANGED
@@ -1 +1,4 @@
|
|
1
|
-
|
1
|
+
�Zi:��X��bb��
|
2
|
+
�6��S�lְ�뒠��)?��)���4&@�l�Bg!Z�w!phwzb����&{
|
3
|
+
�Q���W7�C�0m|Od��$�+M�_�9*�#�x���9~�Ӿz˽�4?�[�^;
|
4
|
+
5h�!L���Gi�/Z]�d��7���V�9럂L�k�8�k�pT-�7L��+���=�YR���Iq�"r��4Ns��\N]�jL�*��[O�,ϋv��{%��Y�ƍ.O�T_�
|