Authentication filter for handling authentication negotiation between Proxy server. Parses ‘Proxy-Authentication’ header in response and generates ‘Proxy-Authorization’ header in request.
Authentication filter is implemented using request filter of HTTPClient. It traps HTTP response header and maintains authentication state, and traps HTTP request header for inserting necessary authentication header.
ProxyAuth has sub filters (BasicAuth, NegotiateAuth, and SSPINegotiateAuth) and delegates some operations to it. NegotiateAuth requires ‘ruby/ntlm’ module. SSPINegotiateAuth requires ‘win32/sspi’ module.
Filter API implementation. Traps HTTP request and insert ‘Proxy-Authorization’ header if needed.
# File lib/httpclient/auth.rb, line 195 def filter_request(req) @authenticator.each do |auth| next unless auth.set? # hasn't be set, don't use it if cred = auth.get(req) req.header.set('Proxy-Authorization', auth.scheme + " " + cred) return end end end
Filter API implementation. Traps HTTP response and parses ‘Proxy-Authenticate’ header.
# File lib/httpclient/auth.rb, line 207 def filter_response(req, res) command = nil if res.status == HTTP::Status::PROXY_AUTHENTICATE_REQUIRED if challenge = parse_authentication_header(res, 'proxy-authenticate') uri = req.header.request_uri challenge.each do |scheme, param_str| @authenticator.each do |auth| next unless auth.set? # hasn't be set, don't use it if scheme.downcase == auth.scheme.downcase challengeable = auth.challenge(uri, param_str) command = :retry if challengeable end end end # ignore unknown authentication scheme end end command end
Creates new ProxyAuth.
# File lib/httpclient/auth.rb, line 168 def initialize @basic_auth = ProxyBasicAuth.new @negotiate_auth = NegotiateAuth.new @ntlm_auth = NegotiateAuth.new('NTLM') @sspi_negotiate_auth = SSPINegotiateAuth.new @digest_auth = ProxyDigestAuth.new # sort authenticators by priority @authenticator = [@negotiate_auth, @ntlm_auth, @sspi_negotiate_auth, @digest_auth, @basic_auth] end
Generated with the Darkfish Rdoc Generator 2.