Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #272 from jsternberg/digest-auth-multiple-headers

Fix digest auth when multiple headers are sent by the server
  • Loading branch information...
commit 2d66101282e8c3443c400e69857824554d465eef 2 parents 3b513d8 + 875be37
@jnunemaker authored
View
4 lib/httparty/net_digest_auth.rb
@@ -44,9 +44,9 @@ def authorization_header
private
def parse(response_header)
- response_header['www-authenticate'] =~ /^(\w+) (.*)/
+ response_header['www-authenticate'] =~ /Digest (.*)/
params = {}
- $2.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
+ $1.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
params
end
View
37 spec/httparty/net_digest_auth_spec.rb
@@ -112,4 +112,41 @@ def authorization_header
authorization_header.should include(%Q(response="#{request_digest}"))
end
end
+
+ context "with multiple authenticate headers" do
+ before do
+ @digest = setup_digest({
+ 'www-authenticate' => 'NTLM, Digest realm="myhost@testrealm.com", nonce="NONCE", qop="auth"',
+ })
+ end
+
+ it "should set prefix" do
+ authorization_header.should =~ /^Digest /
+ end
+
+ it "should set username" do
+ authorization_header.should include(%Q(username="Mufasa"))
+ end
+
+ it "should set digest-uri" do
+ authorization_header.should include(%Q(uri="/dir/index.html"))
+ end
+
+ it "should set qop" do
+ authorization_header.should include(%Q(qop="auth"))
+ end
+
+ it "should set cnonce" do
+ authorization_header.should include(%Q(cnonce="md5(deadbeef)"))
+ end
+
+ it "should set nonce-count" do
+ authorization_header.should include(%Q(nc=00000001))
+ end
+
+ it "should set response" do
+ request_digest = "md5(md5(Mufasa:myhost@testrealm.com:Circle Of Life):NONCE:00000001:md5(deadbeef):auth:md5(GET:/dir/index.html))"
+ authorization_header.should include(%Q(response="#{request_digest}"))
+ end
+ end
end
Please sign in to comment.
Something went wrong with that request. Please try again.