80
80
tmpfile.close(true)
85
[\s\t]*(?:\r\n[\s\t]*)*
87
[\s\t]*(?:\r\n[\s\t]*)*
89
"((?:[^"]+|\\[\x00-\x7F])*)" |
90
([!\#$%&'*+\-.0-9A-Z^_`a-z|~]+)
94
TestWEBrick.start_httpserver{|server, addr, port, log|
95
realm = "WEBrick's realm"
98
tmpfile = Tempfile.new("test_webrick_auth")
100
tmp_pass = WEBrick::HTTPAuth::Htdigest.new(tmpfile.path)
101
tmp_pass.set_passwd(realm, "webrick", "supersecretpassword")
102
tmp_pass.set_passwd(realm, "foo", "supersecretpassword")
105
htdigest = WEBrick::HTTPAuth::Htdigest.new(tmpfile.path)
107
htdigest.each{|user, pass| users << user }
108
assert_equal(2, users.size, log.call)
109
assert(users.member?("webrick"), log.call)
110
assert(users.member?("foo"), log.call)
112
auth = WEBrick::HTTPAuth::DigestAuth.new(
113
:Realm => realm, :UserDB => htdigest,
115
:Logger => server.logger
117
server.mount_proc(path){|req, res|
118
auth.authenticate(req, res)
122
Net::HTTP.start(addr, port) do |http|
123
g = Net::HTTP::Get.new(path)
125
http.request(g) do |res|
126
assert_equal('401', res.code, log.call)
127
res["www-authenticate"].scan(DIGESTRES_) do |key, quoted, token|
128
params[key.downcase] = token || quoted.delete('\\')
130
params['uri'] = "http://#{addr}:#{port}#{path}"
133
g['Authorization'] = credentials_for_request('webrick', "supersecretpassword", params)
134
http.request(g){|res| assert_equal("hoge", res.body, log.call)}
136
params['algorithm'].downcase! #4936
137
g['Authorization'] = credentials_for_request('webrick', "supersecretpassword", params)
138
http.request(g){|res| assert_equal("hoge", res.body, log.call)}
140
g['Authorization'] = credentials_for_request('webrick', "not super", params)
141
http.request(g){|res| assert_not_equal("hoge", res.body, log.call)}
147
def credentials_for_request(user, password, params)
150
ha1 = "#{user}:#{params['realm']}:#{password}"
151
ha2 = "GET:#{params['uri']}"
153
"#{Digest::MD5.hexdigest(ha1)}:" \
154
"#{params['nonce']}:#{'%08x' % nonce_count}:#{cnonce}:#{params['qop']}:" \
155
"#{Digest::MD5.hexdigest(ha2)}"
156
"Digest username=\"#{user}\"" \
157
", realm=\"#{params['realm']}\"" \
158
", nonce=\"#{params['nonce']}\"" \
159
", uri=\"#{params['uri']}\"" \
160
", qop=#{params['qop']}" \
161
", nc=#{'%08x' % nonce_count}" \
162
", cnonce=\"#{cnonce}\"" \
163
", response=\"#{Digest::MD5.hexdigest(request_digest)}\"" \
164
", opaque=\"#{params['opaque']}\"" \
165
", algorithm=#{params['algorithm']}"