Authentication filter for handling authentication negotiation between Proxy server. Parses ‘Proxy-Authentication’ header in response and generates ‘Proxy-Authorization’ header in request.
Authentication filter is implemented using request filter of HTTPClient. It traps HTTP response header and maintains authentication state, and traps HTTP request header for inserting necessary authentication header.
ProxyAuth has sub filters (BasicAuth, NegotiateAuth, and SSPINegotiateAuth) and delegates some operations to it. NegotiateAuth requires 'ruby/ntlm' module. SSPINegotiateAuth requires 'win32/sspi' module.
Creates new ProxyAuth.
# File lib/httpclient/auth.rb, line 169 def initialize @basic_auth = ProxyBasicAuth.new @negotiate_auth = NegotiateAuth.new @ntlm_auth = NegotiateAuth.new('NTLM') @sspi_negotiate_auth = SSPINegotiateAuth.new @digest_auth = ProxyDigestAuth.new # sort authenticators by priority @authenticator = [@negotiate_auth, @ntlm_auth, @sspi_negotiate_auth, @digest_auth, @basic_auth] end
Filter API implementation. Traps HTTP request and insert ‘Proxy-Authorization’ header if needed.
# File lib/httpclient/auth.rb, line 196 def filter_request(req) @authenticator.each do |auth| next unless auth.set? # hasn't be set, don't use it if cred = auth.get(req) req.header.set('Proxy-Authorization', auth.scheme + " " + cred) return end end end
Filter API implementation. Traps HTTP response and parses ‘Proxy-Authenticate’ header.
# File lib/httpclient/auth.rb, line 208 def filter_response(req, res) command = nil if res.status == HTTP::Status::PROXY_AUTHENTICATE_REQUIRED if challenge = parse_authentication_header(res, 'proxy-authenticate') uri = req.header.request_uri challenge.each do |scheme, param_str| @authenticator.each do |auth| next unless auth.set? # hasn't be set, don't use it if scheme.downcase == auth.scheme.downcase challengeable = auth.challenge(uri, param_str) command = :retry if challengeable end end end # ignore unknown authentication scheme end end command end
Generated with the Darkfish Rdoc Generator 2.