From 41365a8275dcb6d2e2fbe21ae2b2dfc52db19c1f Mon Sep 17 00:00:00 2001
From: Colin Shield & Ian Lesperance <pair+colin+ilesperance@pivotallabs.com>
Date: Wed, 28 Sep 2011 15:23:47 -0700
Subject: Fixed digest authentication for requests with a query string [#3158]

---
 activeresource/lib/active_resource/connection.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'activeresource/lib/active_resource/connection.rb')

diff --git a/activeresource/lib/active_resource/connection.rb b/activeresource/lib/active_resource/connection.rb
index d923204dde..592fca96a4 100644
--- a/activeresource/lib/active_resource/connection.rb
+++ b/activeresource/lib/active_resource/connection.rb
@@ -238,8 +238,11 @@ module ActiveResource
       def digest_auth_header(http_method, uri)
         params = extract_params_from_response
 
+        request_uri = uri.path
+        request_uri << "?#{uri.query}" if uri.query
+
         ha1 = Digest::MD5.hexdigest("#{@user}:#{params['realm']}:#{@password}")
-        ha2 = Digest::MD5.hexdigest("#{http_method.to_s.upcase}:#{uri.path}")
+        ha2 = Digest::MD5.hexdigest("#{http_method.to_s.upcase}:#{request_uri}")
 
         params.merge!('cnonce' => client_nonce)
         request_digest = Digest::MD5.hexdigest([ha1, params['nonce'], "0", params['cnonce'], params['qop'], ha2].join(":"))
-- 
cgit v1.2.3


From a78a75d67a8072bc7613edbed548d4b865daadf8 Mon Sep 17 00:00:00 2001
From: Jim Herzberg <jimmiesh@gmail.com>
Date: Tue, 11 Oct 2011 17:46:24 -0700
Subject: activeresource should treat HTTP status 307 as redirection, same as
 301 and 302; added missing test cases for statii 301 and 302.

---
 activeresource/lib/active_resource/connection.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'activeresource/lib/active_resource/connection.rb')

diff --git a/activeresource/lib/active_resource/connection.rb b/activeresource/lib/active_resource/connection.rb
index 592fca96a4..73410c2d82 100644
--- a/activeresource/lib/active_resource/connection.rb
+++ b/activeresource/lib/active_resource/connection.rb
@@ -122,7 +122,7 @@ module ActiveResource
       # Handles response and error codes from the remote service.
       def handle_response(response)
         case response.code.to_i
-          when 301,302
+          when 301,302,307
             raise(Redirection.new(response))
           when 200...400
             response
-- 
cgit v1.2.3


From b8bb5f44c8ba02786ed42d04f66641f236ef42c3 Mon Sep 17 00:00:00 2001
From: Jeremy Kemper <jeremy@bitsweat.net>
Date: Tue, 11 Oct 2011 21:01:11 -0700
Subject: Treat 303 See Other as a redirect response, too

---
 activeresource/lib/active_resource/connection.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'activeresource/lib/active_resource/connection.rb')

diff --git a/activeresource/lib/active_resource/connection.rb b/activeresource/lib/active_resource/connection.rb
index 73410c2d82..94839c8c25 100644
--- a/activeresource/lib/active_resource/connection.rb
+++ b/activeresource/lib/active_resource/connection.rb
@@ -122,7 +122,7 @@ module ActiveResource
       # Handles response and error codes from the remote service.
       def handle_response(response)
         case response.code.to_i
-          when 301,302,307
+          when 301, 302, 303, 307
             raise(Redirection.new(response))
           when 200...400
             response
-- 
cgit v1.2.3