net-http-digest_auth 1.0

data.tar.gz.sig

@@ -0,0 +1,4 @@
+az������"�9vӾ?����!���9�"1hPs�'�;�0�jrX
+_�h�{
+(2IR��v�n+I2���FH!̯�r�4(�vd�pGR(kRu�D�!��t8J��0�5&�x×��	~��	@�)v����'�m���ӥ�j�uS�І;yy���)����3��	+P���
+�k9�bu�Ŧ�dW����

data/.autotest

@@ -0,0 +1,8 @@
+# -*- ruby -*-
+
+require 'autotest/restart'
+
+Autotest.add_hook :initialize do |at|
+  at.testlib = 'minitest/unit'
+end
+

data/History.txt

@@ -0,0 +1,5 @@
+=== 1.0 / 2010-09-10
+
+* Major enhancements
+  * Birthday!
+

data/Manifest.txt

@@ -0,0 +1,7 @@
+.autotest
+History.txt
+Manifest.txt
+README.txt
+Rakefile
+lib/net/http/digest_auth.rb
+test/test_net_http_digest_auth.rb

data/README.txt

@@ -0,0 +1,49 @@
+= net-http-digest_auth
+
+* http://github.com/drbrain/net-http-digest_auth
+* http://seattlerb.rubyforge.org/net-http-digest_auth
+* http://www.rfc-editor.org/rfc/rfc2617.txt
+
+== DESCRIPTION:
+
+An implementation of RFC 2617 - Digest Access Authentication.  At this time
+the gem does not fully integrate with Net::HTTP and can be used for with other
+HTTP clients.
+
+== FEATURES/PROBLEMS:
+
+* Implements RFC 2617 for digest authentication
+* Does not fully integrate with Net::HTTP
+
+== SYNOPSIS:
+
+  See Net::HTTP::DigestAuth
+
+== INSTALL:
+
+  gem install net-http-digest_auth
+
+== LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2010 Eric Hodel
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,16 @@
+# -*- ruby -*-
+
+require 'rubygems'
+require 'hoe'
+
+Hoe.spec 'net-http-digest_auth' do
+  self.rubyforge_name = 'seattlerb'
+  developer 'Eric Hodel', 'drbrain@segment7.net'
+
+  self.testlib = :minitest
+
+  spec_extras['homepage'] =
+    'http://seattlerb.rubyforge.org/net-http-digest_auth'
+end
+
+# vim: syntax=Ruby

data/lib/net/http/digest_auth.rb

@@ -0,0 +1,116 @@
+require 'net/http'
+require 'digest'
+require 'cgi'
+
+##
+# An implementation of RFC 2617 Digest Access Authentication.
+#
+# http://www.rfc-editor.org/rfc/rfc2617.txt
+#
+# Here is a sample usage of DigestAuth on Net::HTTP:
+#
+#   require 'uri'
+#   require 'net/http'
+#   require 'net/http/digest_auth'
+#
+#   uri = URI.parse 'http://localhost:8000/'
+#   uri.user = 'username'
+#   uri.password = 'password'
+#
+#   h = Net::HTTP.new uri.host, uri.port
+#
+#   req = Net::HTTP::Get.new uri.request_uri
+#
+#   res = h.request req
+#
+#   digest_auth = Net::HTTP::DigestAuth.new
+#   auth = digest_auth.auth_header uri, res['www-authenticate'], 'GET'
+#
+#   req = Net::HTTP::Get.new uri.request_uri
+#   req.add_field 'Authorization', auth
+#
+#   res = h.request req
+
+class Net::HTTP::DigestAuth
+
+  ##
+  # Version of Net::HTTP::DigestAuth you are using
+
+  VERSION = '1.0'
+
+  ##
+  # Creates a new DigestAuth header creator.
+  #
+  # +cnonce+ is the client nonce value.  This should be an MD5 hexdigest of a
+  # secret value.
+
+  def initialize cnonce = make_cnonce
+    @nonce_count = -1
+    @cnonce = cnonce
+  end
+
+  ##
+  # Creates a digest auth header for +uri+ from the +www_authenticate+ header
+  # for HTTP method +method+.
+  #
+  # The result of this method should be sent along with the HTTP request as
+  # the "Authorization" header.  In Net::HTTP this will look like:
+  #
+  #   request.add_field 'Authorization', digest_auth.auth_header # ...
+  #
+  # See Net::HTTP::DigestAuth for a complete example.
+  #
+  # IIS servers handle the "qop" parameter of digest authentication
+  # differently so you may need to set +iis+ to true for such servers.
+
+  def auth_header uri, www_authenticate, method, iis = false
+    @nonce_count += 1
+
+    user     = CGI.unescape uri.user
+    password = CGI.unescape uri.password
+
+    www_authenticate =~ /^(\w+) (.*)/
+
+    params = {}
+    $2.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
+
+    a_1 = Digest::MD5.hexdigest "#{user}:#{params['realm']}:#{password}"
+    a_2 = Digest::MD5.hexdigest "#{method}:#{uri.request_uri}"
+
+    request_digest = [
+      a_1,
+      params['nonce'],
+      ('%08x' % @nonce_count),
+      @cnonce,
+      params['qop'],
+      a_2
+    ].join ':'
+
+    header = [
+      "Digest username=\"#{user}\"",
+      "realm=\"#{params['realm']}\"",
+      if iis then
+        "qop=\"#{params['qop']}\""
+      else
+        "qop=#{params['qop']}"
+      end,
+      "uri=\"#{uri.request_uri}\"",
+      "nonce=\"#{params['nonce']}\"",
+      "nc=#{'%08x' % @nonce_count}",
+      "cnonce=\"#{@cnonce}\"",
+      "response=\"#{Digest::MD5.hexdigest request_digest}\""
+    ]
+
+    header.join ', '
+  end
+
+  ##
+  # Creates a client nonce value that is used across all requests based on the
+  # current time.
+
+  def make_cnonce
+    Digest::MD5.hexdigest "%x" % (Time.now.to_i + rand(65535))
+  end
+
+end
+

data/test/test_net_http_digest_auth.rb

@@ -0,0 +1,72 @@
+require 'minitest/autorun'
+require 'net/http/digest_auth'
+
+class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
+
+  def setup
+    @uri = URI.parse "http://www.example.com/"
+    @uri.user = 'user'
+    @uri.password = 'password'
+
+    @cnonce = '9ea5ff3bd34554a4165bbdc1df91dcff'
+
+    @header = [
+      'Digest qop="auth"',
+      'realm="www.example.com"',
+      'nonce="4107baa081a592a6021660200000cd6c5686ff5f579324402b374d83e2c9"'
+    ].join ', '
+
+    @da = Net::HTTP::DigestAuth.new @cnonce
+  end
+
+  def test_auth_header
+    expected = [
+      'Digest username="user"',
+      'realm="www.example.com"',
+      'qop=auth',
+      'uri="/"',
+      'nonce="4107baa081a592a6021660200000cd6c5686ff5f579324402b374d83e2c9"',
+      'nc=00000000',
+      'cnonce="9ea5ff3bd34554a4165bbdc1df91dcff"',
+      'response="67be92a5e7b38d08679957db04f5da04"'
+    ].join ', '
+
+    assert_equal expected, @da.auth_header(@uri, @header, 'GET')
+  end
+
+  def test_auth_header_iis
+    expected = [
+      'Digest username="user"',
+      'realm="www.example.com"',
+      'qop="auth"',
+      'uri="/"',
+      'nonce="4107baa081a592a6021660200000cd6c5686ff5f579324402b374d83e2c9"',
+      'nc=00000000',
+      'cnonce="9ea5ff3bd34554a4165bbdc1df91dcff"',
+      'response="67be92a5e7b38d08679957db04f5da04"'
+    ].join ', '
+
+    assert_equal expected, @da.auth_header(@uri, @header, 'GET', true)
+  end
+
+  def test_auth_header_post
+    expected = [
+      'Digest username="user"',
+      'realm="www.example.com"',
+      'qop=auth',
+      'uri="/"',
+      'nonce="4107baa081a592a6021660200000cd6c5686ff5f579324402b374d83e2c9"',
+      'nc=00000000',
+      'cnonce="9ea5ff3bd34554a4165bbdc1df91dcff"',
+      'response="d82219e1e5430b136bbae1670fa51d48"'
+    ].join ', '
+
+    assert_equal expected, @da.auth_header(@uri, @header, 'POST')
+  end
+
+  def test_make_cnonce
+    assert_match %r%\A[a-f\d]{32}\z%, @da.make_cnonce
+  end
+
+end
+

metadata

@@ -0,0 +1,131 @@
+--- !ruby/object:Gem::Specification 
+name: net-http-digest_auth
+version: !ruby/object:Gem::Version 
+  hash: 15
+  prerelease: false
+  segments: 
+  - 1
+  - 0
+  version: "1.0"
+platform: ruby
+authors: 
+- Eric Hodel
+autorequire: 
+bindir: bin
+cert_chain: 
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDNjCCAh6gAwIBAgIBADANBgkqhkiG9w0BAQUFADBBMRAwDgYDVQQDDAdkcmJy
+  YWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZFgNu
+  ZXQwHhcNMDcxMjIxMDIwNDE0WhcNMDgxMjIwMDIwNDE0WjBBMRAwDgYDVQQDDAdk
+  cmJyYWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZ
+  FgNuZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbbgLrGLGIDE76
+  LV/cvxdEzCuYuS3oG9PrSZnuDweySUfdp/so0cDq+j8bqy6OzZSw07gdjwFMSd6J
+  U5ddZCVywn5nnAQ+Ui7jMW54CYt5/H6f2US6U0hQOjJR6cpfiymgxGdfyTiVcvTm
+  Gj/okWrQl0NjYOYBpDi+9PPmaH2RmLJu0dB/NylsDnW5j6yN1BEI8MfJRR+HRKZY
+  mUtgzBwF1V4KIZQ8EuL6I/nHVu07i6IkrpAgxpXUfdJQJi0oZAqXurAV3yTxkFwd
+  g62YrrW26mDe+pZBzR6bpLE+PmXCzz7UxUq3AE0gPHbiMXie3EFE0oxnsU3lIduh
+  sCANiQ8BAgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
+  BBS5k4Z75VSpdM0AclG2UvzFA/VW5DANBgkqhkiG9w0BAQUFAAOCAQEAHagT4lfX
+  kP/hDaiwGct7XPuVGbrOsKRVD59FF5kETBxEc9UQ1clKWngf8JoVuEoKD774dW19
+  bU0GOVWO+J6FMmT/Cp7nuFJ79egMf/gy4gfUfQMuvfcr6DvZUPIs9P/TlK59iMYF
+  DIOQ3DxdF3rMzztNUCizN4taVscEsjCcgW6WkUJnGdqlu3OHWpQxZBJkBTjPCoc6
+  UW6on70SFPmAy/5Cq0OJNGEWBfgD9q7rrs/X8GGwUWqXb85RXnUVi/P8Up75E0ag
+  14jEc90kN+C7oI/AGCBN0j6JnEtYIEJZibjjDJTSMWlUKKkj30kq7hlUC2CepJ4v
+  x52qPcexcYZR7w==
+  -----END CERTIFICATE-----
+
+date: 2010-09-10 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rubyforge
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 7
+        segments: 
+        - 2
+        - 0
+        - 4
+        version: 2.0.4
+  type: :development
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: hoe
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 21
+        segments: 
+        - 2
+        - 6
+        - 1
+        version: 2.6.1
+  type: :development
+  version_requirements: *id002
+description: |-
+  An implementation of RFC 2617 - Digest Access Authentication.  At this time
+  the gem does not fully integrate with Net::HTTP and can be used for with other
+  HTTP clients.
+email: 
+- drbrain@segment7.net
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- History.txt
+- Manifest.txt
+- README.txt
+files: 
+- .autotest
+- History.txt
+- Manifest.txt
+- README.txt
+- Rakefile
+- lib/net/http/digest_auth.rb
+- test/test_net_http_digest_auth.rb
+has_rdoc: true
+homepage: http://seattlerb.rubyforge.org/net-http-digest_auth
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --main
+- README.txt
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: seattlerb
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: An implementation of RFC 2617 - Digest Access Authentication
+test_files: 
+- test/test_net_http_digest_auth.rb

metadata.gz.sig

@@ -0,0 +1 @@
+&��a����>�E]F��'�ؕ�A�Z��֗p��%#3�$ײ�����+�(��д~���B�_�i�p����]O@Z�h��_�?�~��P�����h���8��6���hڐ~H���s6�~3Ub�