libwww-mechanize-ruby1.8 1.0.0-1 / usr / lib / ruby / 1.8 / mechanize / chain / auth_headers.rb

This file is indexed.

/usr/lib/ruby/1.8/mechanize/chain/auth_headers.rb is in libwww-mechanize-ruby1.8 1.0.0-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
class Mechanize
  class Chain
    class AuthHeaders
      include Mechanize::Handler

      @@nonce_count = Hash.new(0)
      CNONCE = Digest::MD5.hexdigest("%x" % (Time.now.to_i + rand(65535)))

      def initialize(auth_hash, user, password, digest)
        @auth_hash = auth_hash
        @user      = user
        @password  = password
        @digest    = digest
      end

      def handle(ctx, params)
        uri     = params[:uri]
        request = params[:request]

        if( @auth_hash[uri.host] )
          case @auth_hash[uri.host]
          when :basic
            request.basic_auth(@user, @password)
          when :iis_digest
            digest_response = self.gen_auth_header(uri,request, @digest, true)
            request['Authorization'] = digest_response
          when :digest
            if @digest
              digest_response = self.gen_auth_header(uri,request, @digest)
              request['Authorization'] = digest_response
            end
          end
        end
        super
      end

      def gen_auth_header(uri, request, auth_header, is_IIS = false)
        auth_header =~ /^(\w+) (.*)/

        params = {}
        $2.gsub(/(\w+)=("[^"]*"|[^,]*)/) {
          params[$1] = $2.gsub(/^"/, '').gsub(/"$/, '')
        }

        @@nonce_count[params['nonce']] += 1

        a_1 = "#{@user}:#{params['realm']}:#{@password}"
        a_2 = "#{request.method}:#{uri.path}"
        request_digest = ''
        request_digest << Digest::MD5.hexdigest(a_1)
        request_digest << ':' << params['nonce']
        request_digest << ':' << ('%08x' % @@nonce_count[params['nonce']])
        request_digest << ':' << CNONCE
        request_digest << ':' << params['qop']
        request_digest << ':' << Digest::MD5.hexdigest(a_2)

        header = ''
        header << "Digest username=\"#{@user}\", "
        if is_IIS then
          header << "qop=\"#{params['qop']}\", "
        else
          header << "qop=#{params['qop']}, "
        end
        header << "uri=\"#{uri.path}\", "
        header << %w{ algorithm opaque nonce realm }.map { |field|
          next unless params[field]
          "#{field}=\"#{params[field]}\""
        }.compact.join(', ')

        header << ", nc=#{'%08x' % @@nonce_count[params['nonce']]}, "
        header << "cnonce=\"#{CNONCE}\", "
        header << "response=\"#{Digest::MD5.hexdigest(request_digest)}\""

        return header
      end
    end
  end
end

APT Browse - Built by Thomas Orozco.