add digest auth features

Sandro edited this commit from gilles to utilize his cucumber tests but
leave the existing digest auth implementation in place

features/digest_authentication.feature

@@ -0,0 +1,20 @@
+Feature:  Digest Authentication
+
+  As a developer
+  I want to be able to use a service that requires Digest Authentication
+  Because that is not an uncommon requirement
+
+  Scenario: Passing no credentials to a page requiring Digest Authentication
+    Given a restricted page at '/protected.html'
+    When I call HTTParty#get with '/protected.html'
+    Then it should return a response with a 401 response code
+
+  Scenario: Passing proper credentials to a page requiring Digest Authentication
+    Given a remote service that returns 'Digest Authenticated Page'
+    And that service is accessed at the path '/protected.html'
+    And that service is protected by Digest Authentication
+    And that service requires the username 'jcash' with the password 'maninblack'
+    When I call HTTParty#get with '/protected.html' and a digest_auth hash:
+       | username | password   |
+       | jcash    | maninblack |
+    Then the return value should match 'Digest Authenticated Page'

features/steps/httparty_steps.rb

@@ -17,3 +17,11 @@ When /I call HTTParty#get with '(.*)' and a basic_auth hash:/ do |url, auth_tabl
     :basic_auth => { :username => h["username"], :password => h["password"] }
   )
 end
+
+When /I call HTTParty#get with '(.*)' and a digest_auth hash:/ do |url, auth_table|
+  h = auth_table.hashes.first
+  @response_from_httparty = HTTParty.get(
+    "http://#{@host_and_port}#{url}",
+    :digest_auth => { :username => h["username"], :password => h["password"] }
+  )
+end

features/steps/mongrel_helper.rb

@@ -50,6 +50,35 @@ def add_basic_authentication_to(handler)
   handler.extend(m)
 end
 
+def add_digest_authentication_to(handler)
+  m = Module.new do
+    attr_writer :username, :password
+
+    def self.extended(base)
+      base.instance_eval { @custom_headers["WWW-Authenticate"] = 'Digest realm="testrealm@host.com",qop="auth,auth-int",nonce="nonce",opaque="opaque"' }
+      base.class_eval { alias_method_chain :process, :digest_authentication }
+    end
+
+    def process_with_digest_authentication(request, response)
+      if authorized?(request)
+        process_without_digest_authentication(request, response)
+        #does not work. At this point response.body_sent is nil and
+        #response.body.string is set to the correct value
+        # -> it's not a stream issue
+        #The else close is never called after this point, yet the result is whatever I put in the else statement
+        # -> don't get it
+      else
+          reply_with(response, 401, "Incorrect.  You have 20 seconds to comply.")
+      end
+    end
+
+    def authorized?(request)
+      request.params["HTTP_AUTHORIZATION"] =~ /Digest.*uri=/
+    end
+  end
+  handler.extend(m)
+end
+
 def new_mongrel_redirector(target_url, relative_path = false)
   target_url = "http://#{@host_and_port}#{target_url}" unless relative_path
   Mongrel::RedirectHandler.new(target_url)

features/steps/remote_service_steps.rb

@@ -33,6 +33,10 @@ Given /that service is protected by Basic Authentication/ do
   add_basic_authentication_to @handler
 end
 
+Given /that service is protected by Digest Authentication/ do
+  add_digest_authentication_to @handler
+end
+
 Given /that service requires the username '(.*)' with the password '(.*)'/ do |username, password|
   @handler.username = username
   @handler.password = password

lib/httparty.rb

@@ -84,7 +84,6 @@ module HTTParty
       default_options[:digest_auth] = {:username => u, :password => p}
     end
 
-
     # Allows setting default parameters to be appended to each request.
     # Great for api keys and such.
     #

lib/httparty/request.rb

@@ -52,7 +52,6 @@ module HTTParty
       options[:parser]
     end
 
-
     def perform
       validate
       setup_raw_request
@@ -205,4 +204,3 @@ module HTTParty
     end
   end
 end
-