def auth_header uri, www_authenticate, method, iis = false
nonce_count = next_nonce
user = CGI.unescape uri.user
password = CGI.unescape uri.password
www_authenticate =~ /^(\w+) (.*)/
challenge = $2
params = {}
challenge.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
challenge =~ /algorithm=(.*?)([, ]|$)/
params['algorithm'] = $1 || 'MD5'
if params['algorithm'] =~ /(.*?)(-sess)?$/
algorithm = case $1
when 'MD5' then Digest::MD5
when 'SHA1' then Digest::SHA1
when 'SHA2' then Digest::SHA2
when 'SHA256' then Digest::SHA256
when 'SHA384' then Digest::SHA384
when 'SHA512' then Digest::SHA512
when 'RMD160' then Digest::RMD160
else raise Error, "unknown algorithm \"#{$1}\""
end
sess = $2
end
a1 = if sess then
[ algorithm.hexdigest("#{user}:#{params['realm']}:#{password}"),
params['nonce'],
@cnonce,
].join ':'
else
"#{user}:#{params['realm']}:#{password}"
end
qop = params['qop']
ha1 = algorithm.hexdigest a1
ha2 = algorithm.hexdigest "#{method}:#{uri.request_uri}"
request_digest = [ha1, params['nonce']]
request_digest.push(('%08x' % nonce_count), @cnonce, qop) if qop
request_digest << ha2
request_digest = request_digest.join ':'
header = [
"Digest username=\"#{user}\"",
"realm=\"#{params['realm']}\"",
"algorithm=#{params['algorithm']}",
if qop.nil? then
elsif iis then
"qop=\"#{qop}\""
else
"qop=#{qop}"
end,
"uri=\"#{uri.request_uri}\"",
"nonce=\"#{params['nonce']}\"",
"nc=#{'%08x' % @nonce_count}",
"cnonce=\"#{@cnonce}\"",
"response=\"#{algorithm.hexdigest(request_digest)[0, 32]}\"",
if params.key? 'opaque' then
"opaque=\"#{params['opaque']}\""
end
].compact
header.join ', '
end