Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Only send opaque auth attribute if the server sent it with the challenge #84

Open
wants to merge 2 commits into from

2 participants

@gmoore

Apache's mod_digest will not accept a client response that includes opaque unless the server also includes opaque. By default, mod_digest does not send opaque which means ActiveResource doesn't work with mod_digest out of the box.

This change modifies auth_attributes_for to only include opaque if it was not blank.

@gmoore gmoore Only send opaque auth attribute if the server sent it with the challenge
Apache's mod_digest will not accept a client response that includes opaque unless the server also includes opaque. By default, mod_digest does not send opaque which means ActiveResource doesn't work with mod_digest out of the box.

This change modifies auth_attributes_for to only include opaque if it was not blank.
4f22f68
@guilleiguaran

There are some broken tests with this :grin:

@gmoore gmoore Move [].join
The [].join call was in the wrong spot which meant opaque was tagged onto the end incorrectly.

Fix tests.
0d7ea15
@gmoore

@guilleiguaran All set now. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jul 13, 2013
  1. @gmoore

    Only send opaque auth attribute if the server sent it with the challenge

    gmoore authored
    Apache's mod_digest will not accept a client response that includes opaque unless the server also includes opaque. By default, mod_digest does not send opaque which means ActiveResource doesn't work with mod_digest out of the box.
    
    This change modifies auth_attributes_for to only include opaque if it was not blank.
Commits on Jul 15, 2013
  1. @gmoore

    Move [].join

    gmoore authored
    The [].join call was in the wrong spot which meant opaque was tagged onto the end incorrectly.
    
    Fix tests.
This page is out of date. Refresh to see the latest.
Showing with 15 additions and 12 deletions.
  1. +13 −10 lib/active_resource/connection.rb
  2. +2 −2 test/cases/authorization_test.rb
View
23 lib/active_resource/connection.rb
@@ -260,16 +260,19 @@ def extract_params_from_response
end
def auth_attributes_for(uri, request_digest, params)
- [
- %Q(username="#{@user}"),
- %Q(realm="#{params['realm']}"),
- %Q(qop="#{params['qop']}"),
- %Q(uri="#{uri.path}"),
- %Q(nonce="#{params['nonce']}"),
- %Q(nc="0"),
- %Q(cnonce="#{params['cnonce']}"),
- %Q(opaque="#{params['opaque']}"),
- %Q(response="#{request_digest}")].join(", ")
+ auth_attrs =
+ [
+ %Q(username="#{@user}"),
+ %Q(realm="#{params['realm']}"),
+ %Q(qop="#{params['qop']}"),
+ %Q(uri="#{uri.path}"),
+ %Q(nonce="#{params['nonce']}"),
+ %Q(nc="0"),
+ %Q(cnonce="#{params['cnonce']}"),
+ %Q(response="#{request_digest}")]
+
+ auth_attrs << %Q(opaque="#{params['opaque']}") unless params['opaque'].blank?
+ auth_attrs.join(", ")
end
def http_format_header(http_method)
View
4 test/cases/authorization_test.rb
@@ -238,11 +238,11 @@ def test_raises_invalid_request_on_unauthorized_requests_with_digest_auth
private
def blank_digest_auth_header(uri, response)
- %Q(Digest username="david", realm="", qop="", uri="#{uri}", nonce="", nc="0", cnonce="i-am-a-client-nonce", opaque="", response="#{response}")
+ %Q(Digest username="david", realm="", qop="", uri="#{uri}", nonce="", nc="0", cnonce="i-am-a-client-nonce", response="#{response}")
end
def request_digest_auth_header(uri, response)
- %Q(Digest username="david", realm="RailsTestApp", qop="auth", uri="#{uri}", nonce="#{@nonce}", nc="0", cnonce="i-am-a-client-nonce", opaque="ef6dfb078ba22298d366f99567814ffb", response="#{response}")
+ %Q(Digest username="david", realm="RailsTestApp", qop="auth", uri="#{uri}", nonce="#{@nonce}", nc="0", cnonce="i-am-a-client-nonce", response="#{response}", opaque="ef6dfb078ba22298d366f99567814ffb")
end
def response_digest_auth_header
Something went wrong with that request. Please try again.