diff options
| author | Colin Shield & Ian Lesperance <pair+colin+ilesperance@pivotallabs.com> | 2011-09-28 15:23:47 -0700 |
|---|---|---|
| committer | Colin Shield & Ian Lesperance <pair+colin+ilesperance@pivotallabs.com> | 2011-09-28 15:23:47 -0700 |
| commit | 41365a8275dcb6d2e2fbe21ae2b2dfc52db19c1f (patch) | |
| tree | df692f61bee1947adf50dd29cf31fe8df3fcc066 /activeresource/lib/active_resource/connection.rb | |
| parent | cba3c00831a7c5bb25bc785e856984705ca2077c (diff) | |
| download | rails-41365a8275dcb6d2e2fbe21ae2b2dfc52db19c1f.tar.gz rails-41365a8275dcb6d2e2fbe21ae2b2dfc52db19c1f.tar.bz2 rails-41365a8275dcb6d2e2fbe21ae2b2dfc52db19c1f.zip | |
Fixed digest authentication for requests with a query string [#3158]
Diffstat (limited to 'activeresource/lib/active_resource/connection.rb')
| -rw-r--r-- | activeresource/lib/active_resource/connection.rb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/activeresource/lib/active_resource/connection.rb b/activeresource/lib/active_resource/connection.rb index d923204dde..592fca96a4 100644 --- a/activeresource/lib/active_resource/connection.rb +++ b/activeresource/lib/active_resource/connection.rb @@ -238,8 +238,11 @@ module ActiveResource def digest_auth_header(http_method, uri) params = extract_params_from_response + request_uri = uri.path + request_uri << "?#{uri.query}" if uri.query + ha1 = Digest::MD5.hexdigest("#{@user}:#{params['realm']}:#{@password}") - ha2 = Digest::MD5.hexdigest("#{http_method.to_s.upcase}:#{uri.path}") + ha2 = Digest::MD5.hexdigest("#{http_method.to_s.upcase}:#{request_uri}") params.merge!('cnonce' => client_nonce) request_digest = Digest::MD5.hexdigest([ha1, params['nonce'], "0", params['cnonce'], params['qop'], ha2].join(":")) |