class Rack::Auth::Digest::MD5

Rack::Auth::Digest::MD5 implements the MD5 algorithm version of HTTP Digest Authentication, as per RFC 2617.

Initialize with the [Rack] application that you want protecting, and a block that looks up a plaintext password for a given username.

opaque needs to be set to a constant base64/hexadecimal string.

Constants

QOP

Attributes

opaque [RW]

passwords_hashed [W]

Public Class Methods

new (app, realm = nil, opaque = nil, &authenticator)

Calls superclass method Rack::Auth::AbstractHandler::new

# File lib/rack/auth/digest.rb, line 150
def initialize(app, realm = nil, opaque = nil, &authenticator)
  @passwords_hashed = nil
  if opaque.nil? and realm.respond_to? :values_at
    realm, opaque, @passwords_hashed = realm.values_at :realm, :opaque, :passwords_hashed
  end
  super(app, realm, &authenticator)
  @opaque = opaque
end

Public Instance Methods

call (env)

# File lib/rack/auth/digest.rb, line 163
def call(env)
  auth = Request.new(env)

  unless auth.provided?
    return unauthorized
  end

  if !auth.digest? || !auth.correct_uri? || !valid_qop?(auth)
    return bad_request
  end

  if valid?(auth)
    if auth.nonce.stale?
      return unauthorized(challenge(stale: true))
    else
      env['REMOTE_USER'] = auth.username

      return @app.call(env)
    end
  end

  unauthorized
end

passwords_hashed? ()

# File lib/rack/auth/digest.rb, line 159
def passwords_hashed?
  !!@passwords_hashed
end