From 45dee3842d68359a189fe7c0729359bd5a905ea4 Mon Sep 17 00:00:00 2001
From: Joshua Peek <josh@joshpeek.com>
Date: Sun, 28 Dec 2008 15:13:16 -0600
Subject: HTTP Digest authentication [#1230 state:resolved]

---
 actionpack/lib/action_controller/integration.rb | 82 +++++++++++++++++++++++++
 1 file changed, 82 insertions(+)

(limited to 'actionpack/lib/action_controller/integration.rb')

diff --git a/actionpack/lib/action_controller/integration.rb b/actionpack/lib/action_controller/integration.rb
index 71e2524e81..a8e54c2fc7 100644
--- a/actionpack/lib/action_controller/integration.rb
+++ b/actionpack/lib/action_controller/integration.rb
@@ -68,6 +68,15 @@ module ActionController
       # A running counter of the number of requests processed.
       attr_accessor :request_count
 
+      # Nonce value for Digest Authentication, implicitly set on response with WWW-Authentication
+      attr_accessor :nonce
+
+      # Opaque value for Digest Authentication, implicitly set on response with WWW-Authentication
+      attr_accessor :opaque
+
+      # Opaque value for Authentication, implicitly set on response with WWW-Authentication
+      attr_accessor :realm
+
       class MultiPartNeededException < Exception
       end
 
@@ -243,6 +252,53 @@ module ActionController
       end
       alias xhr :xml_http_request
 
+      def request_with_noauth(http_method, uri, parameters, headers) 
+        process_with_auth http_method, uri, parameters, headers
+      end 
+
+      # Performs a request with the given http_method and parameters, including HTTP Basic authorization headers. 
+      # See get() for more details on paramters and headers. 
+      # 
+      # You can perform GET, POST, PUT, DELETE, and HEAD requests with #get_with_basic, #post_with_basic, 
+      # #put_with_basic, #delete_with_basic, and #head_with_basic. 
+      def request_with_basic(http_method, uri, parameters, headers, user_name, password) 
+        process_with_auth http_method, uri, parameters, headers.merge(:authorization => ActionController::HttpAuthentication::Basic.encode_credentials(user_name, password)) 
+      end 
+
+      # Performs a request with the given http_method and parameters, including HTTP Digest authorization headers. 
+      # See get() for more details on paramters and headers. 
+      # 
+      # You can perform GET, POST, PUT, DELETE, and HEAD requests with #get_with_digest, #post_with_digest, 
+      # #put_with_digest, #delete_with_digest, and #head_with_digest. 
+      def request_with_digest(http_method, uri, parameters, headers, user_name, password) 
+        # Realm, Nonce, and Opaque taken from previoius 401 response
+        
+        credentials = {
+          :username => user_name,
+          :realm    => @realm,
+          :nonce    => @nonce,
+          :qop      => "auth",
+          :nc       => "00000001",
+          :cnonce   => "0a4f113b",
+          :opaque   => @opaque,
+          :uri      => uri
+        }
+        
+        raise "Digest request without previous 401 response" if @opaque.nil?
+ 
+        process_with_auth http_method, uri, parameters, headers.merge(:authorization => ActionController::HttpAuthentication::Digest.encode_credentials(http_method, credentials, password)) 
+      end 
+
+      # def get_with_basic, def post_with_basic, def put_with_basic, def delete_with_basic, def head_with_basic 
+      # def get_with_digest, def post_with_digest, def put_with_digest, def delete_with_digest, def head_with_digest 
+      [:get, :post, :put, :delete, :head].each do |method| 
+        [:noauth, :basic, :digest].each do |auth_type| 
+          define_method("#{method}_with_#{auth_type}") do |uri, parameters, headers, *auth| 
+            send("request_with_#{auth_type}", method, uri, parameters, headers, *auth) 
+          end 
+        end 
+      end
+
       # Returns the URL for the given options, according to the rules specified
       # in the application's routes.
       def url_for(options)
@@ -364,6 +420,32 @@ module ActionController
           return status
         end
 
+        # Same as process, but handles authentication returns to perform
+        # Basic or Digest authentication
+        def process_with_auth(method, path, parameters = nil, headers = nil)
+          status = process(method, path, parameters, headers)
+
+          if status == 401
+            # Extract authentication information from response
+            auth_data = @response.headers['WWW-Authenticate']
+            if /^Basic /.match(auth_data)
+              # extract realm, to be used in subsequent request
+              @realm = auth_header.split(' ')[1]
+            elsif /^Digest/.match(auth_data)
+              creds = auth_data.to_s.gsub(/^Digest\s+/,'').split(',').inject({}) do |hash, pair| 
+                key, value = pair.split('=', 2) 
+                hash[key.strip.to_sym] = value.to_s.gsub(/^"|"$/,'').gsub(/'/, '') 
+                hash 
+              end 
+              @realm = creds[:realm]
+              @nonce = creds[:nonce]
+              @opaque = creds[:opaque]
+            end
+          end
+
+          return status
+        end
+
         # Encode the cookies hash in a format suitable for passing to a
         # request.
         def encode_cookies
-- 
cgit v1.2.3