2015-12-16 00:07:31 -05:00
|
|
|
# frozen_string_literal: false
|
2011-05-09 15:22:41 -04:00
|
|
|
#--
|
2003-07-23 12:51:36 -04:00
|
|
|
# httpauth/authenticator.rb -- Authenticator mix-in module.
|
|
|
|
#
|
|
|
|
# Author: IPR -- Internet Programming with Ruby -- writers
|
|
|
|
# Copyright (c) 2003 Internet Programming with Ruby writers. All rights
|
|
|
|
# reserved.
|
|
|
|
#
|
|
|
|
# $IPR: authenticator.rb,v 1.3 2003/02/20 07:15:47 gotoyuzo Exp $
|
|
|
|
|
|
|
|
module WEBrick
|
|
|
|
module HTTPAuth
|
2011-05-10 19:37:43 -04:00
|
|
|
|
|
|
|
##
|
|
|
|
# Module providing generic support for both Digest and Basic
|
|
|
|
# authentication schemes.
|
|
|
|
|
2003-07-23 12:51:36 -04:00
|
|
|
module Authenticator
|
2011-05-10 19:37:43 -04:00
|
|
|
|
2013-01-25 20:12:54 -05:00
|
|
|
RequestField = "Authorization" # :nodoc:
|
|
|
|
ResponseField = "WWW-Authenticate" # :nodoc:
|
|
|
|
ResponseInfoField = "Authentication-Info" # :nodoc:
|
|
|
|
AuthException = HTTPStatus::Unauthorized # :nodoc:
|
2003-07-23 12:51:36 -04:00
|
|
|
|
2011-05-10 19:37:43 -04:00
|
|
|
##
|
2011-05-11 06:22:16 -04:00
|
|
|
# Method of authentication, must be overridden by the including class
|
2011-05-10 19:37:43 -04:00
|
|
|
|
|
|
|
AuthScheme = nil
|
|
|
|
|
|
|
|
##
|
|
|
|
# The realm this authenticator covers
|
|
|
|
|
|
|
|
attr_reader :realm
|
|
|
|
|
|
|
|
##
|
|
|
|
# The user database for this authenticator
|
|
|
|
|
|
|
|
attr_reader :userdb
|
|
|
|
|
|
|
|
##
|
|
|
|
# The logger for this authenticator
|
|
|
|
|
|
|
|
attr_reader :logger
|
2003-07-23 12:51:36 -04:00
|
|
|
|
|
|
|
private
|
|
|
|
|
2013-01-25 20:12:54 -05:00
|
|
|
# :stopdoc:
|
|
|
|
|
2011-05-10 19:37:43 -04:00
|
|
|
##
|
|
|
|
# Initializes the authenticator from +config+
|
|
|
|
|
2003-07-23 12:51:36 -04:00
|
|
|
def check_init(config)
|
|
|
|
[:UserDB, :Realm].each{|sym|
|
|
|
|
unless config[sym]
|
|
|
|
raise ArgumentError, "Argument #{sym.inspect} missing."
|
|
|
|
end
|
2009-03-05 22:56:38 -05:00
|
|
|
}
|
2003-07-23 12:51:36 -04:00
|
|
|
@realm = config[:Realm]
|
|
|
|
@userdb = config[:UserDB]
|
|
|
|
@logger = config[:Logger] || Log::new($stderr)
|
|
|
|
@reload_db = config[:AutoReloadUserDB]
|
|
|
|
@request_field = self::class::RequestField
|
|
|
|
@response_field = self::class::ResponseField
|
|
|
|
@resp_info_field = self::class::ResponseInfoField
|
|
|
|
@auth_exception = self::class::AuthException
|
|
|
|
@auth_scheme = self::class::AuthScheme
|
|
|
|
end
|
|
|
|
|
2011-05-10 19:37:43 -04:00
|
|
|
##
|
|
|
|
# Ensures +req+ has credentials that can be authenticated.
|
|
|
|
|
2003-07-23 12:51:36 -04:00
|
|
|
def check_scheme(req)
|
|
|
|
unless credentials = req[@request_field]
|
|
|
|
error("no credentials in the request.")
|
2009-03-05 22:56:38 -05:00
|
|
|
return nil
|
|
|
|
end
|
2007-07-04 10:51:22 -04:00
|
|
|
unless match = /^#{@auth_scheme}\s+/i.match(credentials)
|
2003-07-23 12:51:36 -04:00
|
|
|
error("invalid scheme in %s.", credentials)
|
|
|
|
info("%s: %s", @request_field, credentials) if $DEBUG
|
|
|
|
return nil
|
|
|
|
end
|
|
|
|
return match.post_match
|
|
|
|
end
|
|
|
|
|
|
|
|
def log(meth, fmt, *args)
|
|
|
|
msg = format("%s %s: ", @auth_scheme, @realm)
|
|
|
|
msg << fmt % args
|
|
|
|
@logger.send(meth, msg)
|
|
|
|
end
|
|
|
|
|
|
|
|
def error(fmt, *args)
|
|
|
|
if @logger.error?
|
|
|
|
log(:error, fmt, *args)
|
|
|
|
end
|
2009-03-05 22:56:38 -05:00
|
|
|
end
|
2003-07-23 12:51:36 -04:00
|
|
|
|
|
|
|
def info(fmt, *args)
|
|
|
|
if @logger.info?
|
|
|
|
log(:info, fmt, *args)
|
|
|
|
end
|
|
|
|
end
|
2013-01-25 20:12:54 -05:00
|
|
|
|
|
|
|
# :startdoc:
|
2003-07-23 12:51:36 -04:00
|
|
|
end
|
|
|
|
|
2011-05-10 19:37:43 -04:00
|
|
|
##
|
|
|
|
# Module providing generic support for both Digest and Basic
|
|
|
|
# authentication schemes for proxies.
|
|
|
|
|
2003-07-23 12:51:36 -04:00
|
|
|
module ProxyAuthenticator
|
2013-01-25 20:12:54 -05:00
|
|
|
RequestField = "Proxy-Authorization" # :nodoc:
|
|
|
|
ResponseField = "Proxy-Authenticate" # :nodoc:
|
|
|
|
InfoField = "Proxy-Authentication-Info" # :nodoc:
|
|
|
|
AuthException = HTTPStatus::ProxyAuthenticationRequired # :nodoc:
|
2003-07-23 12:51:36 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|