| 1 | #
|
|---|
| 2 | # httpauth/authenticator.rb -- Authenticator mix-in module.
|
|---|
| 3 | #
|
|---|
| 4 | # Author: IPR -- Internet Programming with Ruby -- writers
|
|---|
| 5 | # Copyright (c) 2003 Internet Programming with Ruby writers. All rights
|
|---|
| 6 | # reserved.
|
|---|
| 7 | #
|
|---|
| 8 | # $IPR: authenticator.rb,v 1.3 2003/02/20 07:15:47 gotoyuzo Exp $
|
|---|
| 9 |
|
|---|
| 10 | module WEBrick
|
|---|
| 11 | module HTTPAuth
|
|---|
| 12 | module Authenticator
|
|---|
| 13 | RequestField = "Authorization"
|
|---|
| 14 | ResponseField = "WWW-Authenticate"
|
|---|
| 15 | ResponseInfoField = "Authentication-Info"
|
|---|
| 16 | AuthException = HTTPStatus::Unauthorized
|
|---|
| 17 | AuthScheme = nil # must override by the derived class
|
|---|
| 18 |
|
|---|
| 19 | attr_reader :realm, :userdb, :logger
|
|---|
| 20 |
|
|---|
| 21 | private
|
|---|
| 22 |
|
|---|
| 23 | def check_init(config)
|
|---|
| 24 | [:UserDB, :Realm].each{|sym|
|
|---|
| 25 | unless config[sym]
|
|---|
| 26 | raise ArgumentError, "Argument #{sym.inspect} missing."
|
|---|
| 27 | end
|
|---|
| 28 | }
|
|---|
| 29 | @realm = config[:Realm]
|
|---|
| 30 | @userdb = config[:UserDB]
|
|---|
| 31 | @logger = config[:Logger] || Log::new($stderr)
|
|---|
| 32 | @reload_db = config[:AutoReloadUserDB]
|
|---|
| 33 | @request_field = self::class::RequestField
|
|---|
| 34 | @response_field = self::class::ResponseField
|
|---|
| 35 | @resp_info_field = self::class::ResponseInfoField
|
|---|
| 36 | @auth_exception = self::class::AuthException
|
|---|
| 37 | @auth_scheme = self::class::AuthScheme
|
|---|
| 38 | end
|
|---|
| 39 |
|
|---|
| 40 | def check_scheme(req)
|
|---|
| 41 | unless credentials = req[@request_field]
|
|---|
| 42 | error("no credentials in the request.")
|
|---|
| 43 | return nil
|
|---|
| 44 | end
|
|---|
| 45 | unless match = /^#{@auth_scheme}\s+/.match(credentials)
|
|---|
| 46 | error("invalid scheme in %s.", credentials)
|
|---|
| 47 | info("%s: %s", @request_field, credentials) if $DEBUG
|
|---|
| 48 | return nil
|
|---|
| 49 | end
|
|---|
| 50 | return match.post_match
|
|---|
| 51 | end
|
|---|
| 52 |
|
|---|
| 53 | def log(meth, fmt, *args)
|
|---|
| 54 | msg = format("%s %s: ", @auth_scheme, @realm)
|
|---|
| 55 | msg << fmt % args
|
|---|
| 56 | @logger.send(meth, msg)
|
|---|
| 57 | end
|
|---|
| 58 |
|
|---|
| 59 | def error(fmt, *args)
|
|---|
| 60 | if @logger.error?
|
|---|
| 61 | log(:error, fmt, *args)
|
|---|
| 62 | end
|
|---|
| 63 | end
|
|---|
| 64 |
|
|---|
| 65 | def info(fmt, *args)
|
|---|
| 66 | if @logger.info?
|
|---|
| 67 | log(:info, fmt, *args)
|
|---|
| 68 | end
|
|---|
| 69 | end
|
|---|
| 70 | end
|
|---|
| 71 |
|
|---|
| 72 | module ProxyAuthenticator
|
|---|
| 73 | RequestField = "Proxy-Authorization"
|
|---|
| 74 | ResponseField = "Proxy-Authenticate"
|
|---|
| 75 | InfoField = "Proxy-Authentication-Info"
|
|---|
| 76 | AuthException = HTTPStatus::ProxyAuthenticationRequired
|
|---|
| 77 | end
|
|---|
| 78 | end
|
|---|
| 79 | end
|
|---|
