ruby-mechanize 2.7.2-1 / usr / lib / ruby / vendor_ruby / mechanize / http / auth_store.rb

This file is indexed.

/usr/lib/ruby/vendor_ruby/mechanize/http/auth_store.rb is in ruby-mechanize 2.7.2-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
##
# A credential store for HTTP authentication.
#
#   uri = URI 'http://example'
#
#   store = Mechanize::HTTP::AuthStore.new
#   store.add_auth uri, 'user1', 'pass'
#   store.add_auth uri, 'user2', 'pass', 'realm'
#
#   user, pass = store.credentials_for uri, 'realm' #=> 'user2', 'pass'
#   user, pass = store.credentials_for uri, 'other' #=> 'user1', 'pass'
#
#   store.remove_auth uri # removes all credentials

class Mechanize::HTTP::AuthStore

  attr_reader :auth_accounts # :nodoc:

  attr_reader :default_auth # :nodoc:

  ##
  # Creates a new AuthStore

  def initialize
    @auth_accounts = Hash.new do |h, uri|
      h[uri] = {}
    end

    @default_auth = nil
  end

  ##
  # Adds credentials +user+, +pass+ for the server at +uri+.  If +realm+ is
  # set the credentials are used only for that realm.  If +realm+ is not set
  # the credentials become the default for any realm on that URI.
  #
  # +domain+ and +realm+ are exclusive as NTLM does not follow RFC
  # 2617.  If +domain+ is given it is only used for NTLM authentication.

  def add_auth uri, user, pass, realm = nil, domain = nil
    uri = URI uri unless URI === uri

    raise ArgumentError,
          'NTLM domain given with realm which NTLM does not use' if
      realm and domain

    uri += '/'

    auth_accounts[uri][realm] = [user, pass, domain]

    self
  end

  ##
  # USE OF add_default_auth IS NOT RECOMMENDED AS IT MAY EXPOSE PASSWORDS TO
  # THIRD PARTIES
  #
  # Adds credentials +user+, +pass+ as the default authentication credentials.
  # If no other credentials are available  these will be returned from
  # credentials_for.
  #
  # If +domain+ is given it is only used for NTLM authentication.

  def add_default_auth user, pass, domain = nil
    warn <<-WARN
You have supplied default authentication credentials that apply to ANY SERVER.
Your username and password can be retrieved by ANY SERVER using Basic
authentication.

THIS EXPOSES YOUR USERNAME AND PASSWORD TO DISCLOSURE WITHOUT YOUR KNOWLEDGE.

Use add_auth to set authentication credentials that will only be delivered
only to a particular server you specify.
    WARN

    @default_auth = [user, pass, domain]
  end

  ##
  # Returns true if credentials exist for the +challenges+ from the server at
  # +uri+.

  def credentials? uri, challenges
    challenges.any? do |challenge|
      credentials_for uri, challenge.realm_name
    end
  end

  ##
  # Retrieves credentials for +realm+ on the server at +uri+.

  def credentials_for uri, realm
    uri = URI uri unless URI === uri

    uri += '/'

    realms = @auth_accounts[uri]

    realms[realm] || realms[nil] || @default_auth
  end

  ##
  # Removes credentials for +realm+ on the server at +uri+.  If +realm+ is not
  # set all credentials for the server at +uri+ are removed.

  def remove_auth uri, realm = nil
    uri = URI uri unless URI === uri

    uri += '/'

    if realm then
      auth_accounts[uri].delete realm
    else
      auth_accounts.delete uri
    end

    self
  end

end

APT Browse - Built by Thomas Orozco.