Class Net::HTTP::DigestAuth
In: lib/net/http/digest_auth.rb
Parent: Object

An implementation of RFC 2617 Digest Access Authentication.

www.rfc-editor.org/rfc/rfc2617.txt

Here is a sample usage of DigestAuth on Net::HTTP:

  require 'uri'
  require 'net/http'
  require 'net/http/digest_auth'

  digest_auth = Net::HTTP::DigestAuth.new

  uri = URI.parse 'http://localhost:8000/'
  uri.user = 'username'
  uri.password = 'password'

  h = Net::HTTP.new uri.host, uri.port

  req = Net::HTTP::Get.new uri.request_uri

  res = h.request req
  # res is a 401 response with a WWW-Authenticate header

  auth = digest_auth.auth_header uri, res['www-authenticate'], 'GET'

  # create a new request with the Authorization header
  req = Net::HTTP::Get.new uri.request_uri
  req.add_field 'Authorization', auth

  # re-issue request with Authorization
  res = h.request req

Methods

Included Modules

MonitorMixin

Classes and Modules

Class Net::HTTP::DigestAuth::Error

Constants

VERSION = '1.2.1'   Version of Net::HTTP::DigestAuth you are using

Public Class methods

Creates a new DigestAuth header creator.

cnonce is the client nonce value. This should be an MD5 hexdigest of a secret value.

Public Instance methods

Creates a digest auth header for uri from the www_authenticate header for HTTP method method.

The result of this method should be sent along with the HTTP request as the "Authorization" header. In Net::HTTP this will look like:

  request.add_field 'Authorization', digest_auth.auth_header # ...

See Net::HTTP::DigestAuth for a complete example.

IIS servers handle the "qop" parameter of digest authentication differently so you may need to set iis to true for such servers.

Creates a client nonce value that is used across all requests based on the current time.

[Validate]