Permalink
Browse files

1.1.8 version stale option added.

  • Loading branch information...
1 parent 37c6ffe commit 87cdfbf905573f0214f0afaef4bc1a7d1a17a888 @gevorg gevorg committed Jan 28, 2012
Showing with 43 additions and 21 deletions.
  1. +8 −5 lib/auth/digest.js
  2. +3 −3 package.json
  3. +32 −13 tests/auth/test-digest.js
View
@@ -48,8 +48,8 @@ function Digest(authRealm, authUsers, algorithm) {
this.apply = function(request, response, next) {
// Processing authentication part.
var authenticated = self.isAuthenticated(request);
- if(!authenticated) {
- self.ask(response);
+ if(!authenticated || authenticated === 'stale') {
+ self.ask(response, authenticated === 'stale');
} else {
next(authenticated);
}
@@ -107,7 +107,9 @@ Digest.prototype.isAuthenticated = function(request) {
authenticated = (authRes == co.response) ? co.userid : undefined;
}
}
- }
+ } else {
+ authenticated = 'stale';
@mogsie
mogsie Jan 28, 2012 Contributor

Won't this fail if the authenticated user name is "stale"? Maybe some other token than a String should be used, or maybe even a separate flag...

@gevorg
gevorg Jan 29, 2012 Member

Good catch, fixed with 1.1.9 version.

+ }
}
return authenticated;
@@ -116,8 +118,9 @@ Digest.prototype.isAuthenticated = function(request) {
* Asks client for authentication.
*
* @param {Response} response HTTP response object.
+ * @param {Boolean} identifies stale option.
*/
-Digest.prototype.ask = function(response) {
+Digest.prototype.ask = function(response, stale) {
// Generating unique nonce.
var nonce = utils.md5(uuid());
// Adding nonce.
@@ -127,7 +130,7 @@ Digest.prototype.ask = function(response) {
// Generating authentication header.
var header = "Digest realm=\"" + this.realm + "\", qop=\"auth\", nonce=\"" + nonce +
- "\", algorithm=\"" + this.algorithm + "\"";
+ "\", algorithm=\"" + this.algorithm + "\", stale=\"" + (stale ? true : false) + "\"";
response.setHeader("WWW-Authenticate", header);
response.writeHead(401);
View
@@ -1,7 +1,7 @@
{
"name": "http-auth",
"description": "Node.js package for HTTP basic and digest access authentication.",
- "version": "1.1.7",
+ "version": "1.1.8",
"author": "Gevorg Harutyunyan (http://github.com/gevorg)",
"maintainers": [
{
@@ -26,8 +26,8 @@
},
"dependencies": {
"node-uuid": "1.2.0",
- "htpasswd": "1.0.9",
- "htdigest": "1.0.6"
+ "htpasswd": "1.1.0",
+ "htdigest": "1.0.7"
},
"devDependencies": {
"nodeunit": "0.6.4",
@@ -124,23 +124,42 @@ exports['testIsAuthenticatedTrue'] = function(test) {
test.done();
};
/**
+ * Test for isAuthenticated, false header case.
+ */
+exports['testIsAuthenticatedFalseHeader'] = function(test) {
+ // Header.
+ var header = 'Digest username="mia", realm="Private area.", ' +
+ 'nonce="2675ef554c8c872e80b946657e2e36a9", uri="/", algorithm=MD5, ' +
+ 'response="51045d0e1925225054e2435599ad67f3", qop=auth, nc=00000001, ' +
+ 'cnonce="68f1a150020e0928"';
+
+ // Initiates input request.
+ var request = {headers : {authorizationWrong : header}};
+
+ // Source method call, that must return false.
+ test.ok(!source.isAuthenticated(request), "User must be invalid!");
+
+ // Test is done.
+ test.done();
+};
+/**
* Test for isAuthenticated, false nc case.
*/
exports['testIsAuthenticatedFalseNC'] = function(test) {
- // Header.
- var header = 'Digest username="mia", realm="Private area.", ' +
- 'nonce="2675ef554c8c872e80b946657e2e36a9", uri="/", algorithm=MD5, ' +
- 'response="51045d0e1925225054e2435599ad67f3", qop=auth, nc=00000001, ' +
- 'cnonce="68f1a150020e0928"';
+ // Header.
+ var header = 'Digest username="mia", realm="Private area.", ' +
+ 'nonce="2675ef554c8c872e80b946657e2e36a9", uri="/", algorithm=MD5, ' +
+ 'response="51045d0e1925225054e2435599ad67f3", qop=auth, nc=00000001, ' +
+ 'cnonce="68f1a150020e0928"';
- // Initiates input request.
- var request = {headers : {authorization : header}};
-
- // Source method call, that must return false.
- test.ok(!source.isAuthenticated(request), "User must be invalid!");
-
- // Test is done.
- test.done();
+ // Initiates input request.
+ var request = {headers : {authorization : header}};
+
+ // Source method call, that must return 'stale'.
+ test.equals(source.isAuthenticated(request), "stale", "User must be invalid!");
+
+ // Test is done.
+ test.done();
};
/**
* Test for isAuthenticated, false response case.

2 comments on commit 87cdfbf

@mogsie
Contributor
mogsie commented on 87cdfbf Jan 28, 2012

It works perfectly. Restarting the server no longer causes the browser to pop up a confirmation dialog.

@gevorg
Member
gevorg commented on 87cdfbf Jan 28, 2012

Awesome!

Please sign in to comment.