관리-도구
편집 파일: MD5.html
<!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>class Rack::Auth::Digest::MD5 - rack-2.2.10 Documentation</title> <script type="text/javascript"> var rdoc_rel_prefix = "../../../"; var index_rel_prefix = "../../../"; </script> <script src="../../../js/navigation.js" defer></script> <script src="../../../js/search.js" defer></script> <script src="../../../js/search_index.js" defer></script> <script src="../../../js/searcher.js" defer></script> <script src="../../../js/darkfish.js" defer></script> <link href="../../../css/fonts.css" rel="stylesheet"> <link href="../../../css/rdoc.css" rel="stylesheet"> <body id="top" role="document" class="class"> <nav role="navigation"> <div id="project-navigation"> <div id="home-section" role="region" title="Quick navigation" class="nav-section"> <h2> <a href="../../../index.html" rel="home">Home</a> </h2> <div id="table-of-contents-navigation"> <a href="../../../table_of_contents.html#pages">Pages</a> <a href="../../../table_of_contents.html#classes">Classes</a> <a href="../../../table_of_contents.html#methods">Methods</a> </div> </div> <div id="search-section" role="search" class="project-section initially-hidden"> <form action="#" method="get" accept-charset="utf-8"> <div id="search-field-wrapper"> <input id="search-field" role="combobox" aria-label="Search" aria-autocomplete="list" aria-controls="search-results" type="text" name="search" placeholder="Search" spellcheck="false" title="Type to search, Up and Down to navigate, Enter to load"> </div> <ul id="search-results" aria-label="Search Results" aria-busy="false" aria-expanded="false" aria-atomic="false" class="initially-hidden"></ul> </form> </div> </div> <div id="class-metadata"> <div id="parent-class-section" class="nav-section"> <h3>Parent</h3> <p class="link"><a href="../AbstractHandler.html">Rack::Auth::AbstractHandler</a> </div> <!-- Method Quickref --> <div id="method-list-section" class="nav-section"> <h3>Methods</h3> <ul class="link-list" role="directory"> <li class="calls-super" ><a href="#method-c-new">::new</a> <li ><a href="#method-i-A1">#A1</a> <li ><a href="#method-i-A2">#A2</a> <li ><a href="#method-i-H">#H</a> <li ><a href="#method-i-KD">#KD</a> <li ><a href="#method-i-call">#call</a> <li ><a href="#method-i-challenge">#challenge</a> <li ><a href="#method-i-digest">#digest</a> <li ><a href="#method-i-md5">#md5</a> <li ><a href="#method-i-params">#params</a> <li ><a href="#method-i-passwords_hashed-3F">#passwords_hashed?</a> <li ><a href="#method-i-valid-3F">#valid?</a> <li ><a href="#method-i-valid_digest-3F">#valid_digest?</a> <li ><a href="#method-i-valid_nonce-3F">#valid_nonce?</a> <li ><a href="#method-i-valid_opaque-3F">#valid_opaque?</a> <li ><a href="#method-i-valid_qop-3F">#valid_qop?</a> </ul> </div> </div> </nav> <main role="main" aria-labelledby="class-Rack::Auth::Digest::MD5"> <h1 id="class-Rack::Auth::Digest::MD5" class="class"> class Rack::Auth::Digest::MD5 </h1> <section class="description"> <p><a href="MD5.html"><code>Rack::Auth::Digest::MD5</code></a> implements the <a href="MD5.html"><code>MD5</code></a> algorithm version of HTTP <a href="../Digest.html"><code>Digest</code></a> Authentication, as per RFC 2617.</p> <p>Initialize with the [Rack] application that you want protecting, and a block that looks up a plaintext password for a given username.</p> <p><code>opaque</code> needs to be set to a constant base64/hexadecimal string.</p> </section> <section id="5Buntitled-5D" class="documentation-section"> <section class="constants-list"> <header> <h3>Constants</h3> </header> <dl> <dt id="QOP">QOP <dd> </dl> </section> <section class="attribute-method-details" class="method-section"> <header> <h3>Attributes</h3> </header> <div id="attribute-i-opaque" class="method-detail"> <div class="method-heading attribute-method-heading"> <span class="method-name">opaque</span><span class="attribute-access-type">[RW]</span> </div> <div class="method-description"> </div> </div> <div id="attribute-i-passwords_hashed" class="method-detail"> <div class="method-heading attribute-method-heading"> <span class="method-name">passwords_hashed</span><span class="attribute-access-type">[W]</span> </div> <div class="method-description"> </div> </div> </section> <section id="public-class-5Buntitled-5D-method-details" class="method-section"> <header> <h3>Public Class Methods</h3> </header> <div id="method-c-new" class="method-detail "> <div class="method-heading"> <span class="method-name">new</span><span class="method-args">(app, realm = nil, opaque = nil, &authenticator)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-calls-super"> Calls superclass method <a href="../AbstractHandler.html#method-c-new"><code>Rack::Auth::AbstractHandler::new</code></a> </div> <div class="method-source-code" id="new-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 26</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">initialize</span>(<span class="ruby-identifier">app</span>, <span class="ruby-identifier">realm</span> = <span class="ruby-keyword">nil</span>, <span class="ruby-identifier">opaque</span> = <span class="ruby-keyword">nil</span>, <span class="ruby-operator">&</span><span class="ruby-identifier">authenticator</span>) <span class="ruby-ivar">@passwords_hashed</span> = <span class="ruby-keyword">nil</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">opaque</span>.<span class="ruby-identifier">nil?</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">realm</span>.<span class="ruby-identifier">respond_to?</span> <span class="ruby-value">:values_at</span> <span class="ruby-identifier">realm</span>, <span class="ruby-identifier">opaque</span>, <span class="ruby-ivar">@passwords_hashed</span> = <span class="ruby-identifier">realm</span>.<span class="ruby-identifier">values_at</span> <span class="ruby-value">:realm</span>, <span class="ruby-value">:opaque</span>, <span class="ruby-value">:passwords_hashed</span> <span class="ruby-keyword">end</span> <span class="ruby-keyword">super</span>(<span class="ruby-identifier">app</span>, <span class="ruby-identifier">realm</span>, <span class="ruby-operator">&</span><span class="ruby-identifier">authenticator</span>) <span class="ruby-ivar">@opaque</span> = <span class="ruby-identifier">opaque</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> </section> <section id="public-instance-5Buntitled-5D-method-details" class="method-section"> <header> <h3>Public Instance Methods</h3> </header> <div id="method-i-call" class="method-detail "> <div class="method-heading"> <span class="method-name">call</span><span class="method-args">(env)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="call-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 39</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">call</span>(<span class="ruby-identifier">env</span>) <span class="ruby-identifier">auth</span> = <span class="ruby-constant">Request</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">env</span>) <span class="ruby-keyword">unless</span> <span class="ruby-identifier">auth</span>.<span class="ruby-identifier">provided?</span> <span class="ruby-keyword">return</span> <span class="ruby-identifier">unauthorized</span> <span class="ruby-keyword">end</span> <span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">auth</span>.<span class="ruby-identifier">digest?</span> <span class="ruby-operator">||</span> <span class="ruby-operator">!</span><span class="ruby-identifier">auth</span>.<span class="ruby-identifier">correct_uri?</span> <span class="ruby-operator">||</span> <span class="ruby-operator">!</span><span class="ruby-identifier">valid_qop?</span>(<span class="ruby-identifier">auth</span>) <span class="ruby-keyword">return</span> <span class="ruby-identifier">bad_request</span> <span class="ruby-keyword">end</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">valid?</span>(<span class="ruby-identifier">auth</span>) <span class="ruby-keyword">if</span> <span class="ruby-identifier">auth</span>.<span class="ruby-identifier">nonce</span>.<span class="ruby-identifier">stale?</span> <span class="ruby-keyword">return</span> <span class="ruby-identifier">unauthorized</span>(<span class="ruby-identifier">challenge</span>(<span class="ruby-value">stale:</span> <span class="ruby-keyword">true</span>)) <span class="ruby-keyword">else</span> <span class="ruby-identifier">env</span>[<span class="ruby-string">'REMOTE_USER'</span>] = <span class="ruby-identifier">auth</span>.<span class="ruby-identifier">username</span> <span class="ruby-keyword">return</span> <span class="ruby-ivar">@app</span>.<span class="ruby-identifier">call</span>(<span class="ruby-identifier">env</span>) <span class="ruby-keyword">end</span> <span class="ruby-keyword">end</span> <span class="ruby-identifier">unauthorized</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-passwords_hashed-3F" class="method-detail "> <div class="method-heading"> <span class="method-name">passwords_hashed?</span><span class="method-args">()</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="passwords_hashed-3F-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 35</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">passwords_hashed?</span> <span class="ruby-operator">!</span><span class="ruby-operator">!</span><span class="ruby-ivar">@passwords_hashed</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> </section> <section id="private-instance-5Buntitled-5D-method-details" class="method-section"> <header> <h3>Private Instance Methods</h3> </header> <div id="method-i-A1" class="method-detail "> <div class="method-heading"> <span class="method-name">A1</span><span class="method-args">(auth, password)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="A1-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 114</span> <span class="ruby-keyword">def</span> <span class="ruby-constant">A1</span>(<span class="ruby-identifier ruby-title">auth</span>, <span class="ruby-identifier">password</span>) <span class="ruby-node">"#{auth.username}:#{auth.realm}:#{password}"</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-A2" class="method-detail "> <div class="method-heading"> <span class="method-name">A2</span><span class="method-args">(auth)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="A2-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 118</span> <span class="ruby-keyword">def</span> <span class="ruby-constant">A2</span>(<span class="ruby-identifier ruby-title">auth</span>) <span class="ruby-node">"#{auth.method}:#{auth.uri}"</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-H" class="method-detail method-alias"> <div class="method-heading"> <span class="method-name">H</span><span class="method-args">(data)</span> </div> <div class="method-description"> </div> <div class="aliases"> Alias for: <a href="MD5.html#method-i-md5">md5</a> </div> </div> <div id="method-i-KD" class="method-detail "> <div class="method-heading"> <span class="method-name">KD</span><span class="method-args">(secret, data)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="KD-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 110</span> <span class="ruby-keyword">def</span> <span class="ruby-constant">KD</span>(<span class="ruby-identifier ruby-title">secret</span>, <span class="ruby-identifier">data</span>) <span class="ruby-constant">H</span> <span class="ruby-node">"#{secret}:#{data}"</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-challenge" class="method-detail "> <div class="method-heading"> <span class="method-name">challenge</span><span class="method-args">(hash = {})</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="challenge-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 79</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">challenge</span>(<span class="ruby-identifier">hash</span> = {}) <span class="ruby-node">"Digest #{params(hash)}"</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-digest" class="method-detail "> <div class="method-heading"> <span class="method-name">digest</span><span class="method-args">(auth, password)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="digest-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 122</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">digest</span>(<span class="ruby-identifier">auth</span>, <span class="ruby-identifier">password</span>) <span class="ruby-identifier">password_hash</span> = <span class="ruby-identifier">passwords_hashed?</span> <span class="ruby-operator">?</span> <span class="ruby-identifier">password</span> <span class="ruby-operator">:</span> <span class="ruby-constant">H</span>(<span class="ruby-constant">A1</span>(<span class="ruby-identifier">auth</span>, <span class="ruby-identifier">password</span>)) <span class="ruby-constant">KD</span> <span class="ruby-identifier">password_hash</span>, <span class="ruby-node">"#{auth.nonce}:#{auth.nc}:#{auth.cnonce}:#{QOP}:#{H A2(auth)}"</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-md5" class="method-detail "> <div class="method-heading"> <span class="method-name">md5</span><span class="method-args">(data)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="md5-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 104</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">md5</span>(<span class="ruby-identifier">data</span>) <span class="ruby-operator">::</span><span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">MD5</span>.<span class="ruby-identifier">hexdigest</span>(<span class="ruby-identifier">data</span>) <span class="ruby-keyword">end</span></pre> </div> </div> <div class="aliases"> Also aliased as: <a href="MD5.html#method-i-H">H</a> </div> </div> <div id="method-i-params" class="method-detail "> <div class="method-heading"> <span class="method-name">params</span><span class="method-args">(hash = {})</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="params-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 68</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">params</span>(<span class="ruby-identifier">hash</span> = {}) <span class="ruby-constant">Params</span>.<span class="ruby-identifier">new</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">params</span><span class="ruby-operator">|</span> <span class="ruby-identifier">params</span>[<span class="ruby-string">'realm'</span>] = <span class="ruby-identifier">realm</span> <span class="ruby-identifier">params</span>[<span class="ruby-string">'nonce'</span>] = <span class="ruby-constant">Nonce</span>.<span class="ruby-identifier">new</span>.<span class="ruby-identifier">to_s</span> <span class="ruby-identifier">params</span>[<span class="ruby-string">'opaque'</span>] = <span class="ruby-constant">H</span>(<span class="ruby-identifier">opaque</span>) <span class="ruby-identifier">params</span>[<span class="ruby-string">'qop'</span>] = <span class="ruby-constant">QOP</span> <span class="ruby-identifier">hash</span>.<span class="ruby-identifier">each</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">k</span>, <span class="ruby-identifier">v</span><span class="ruby-operator">|</span> <span class="ruby-identifier">params</span>[<span class="ruby-identifier">k</span>] = <span class="ruby-identifier">v</span> } <span class="ruby-keyword">end</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-valid-3F" class="method-detail "> <div class="method-heading"> <span class="method-name">valid?</span><span class="method-args">(auth)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="valid-3F-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 83</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">valid?</span>(<span class="ruby-identifier">auth</span>) <span class="ruby-identifier">valid_opaque?</span>(<span class="ruby-identifier">auth</span>) <span class="ruby-operator">&&</span> <span class="ruby-identifier">valid_nonce?</span>(<span class="ruby-identifier">auth</span>) <span class="ruby-operator">&&</span> <span class="ruby-identifier">valid_digest?</span>(<span class="ruby-identifier">auth</span>) <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-valid_digest-3F" class="method-detail "> <div class="method-heading"> <span class="method-name">valid_digest?</span><span class="method-args">(auth)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="valid_digest-3F-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 99</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">valid_digest?</span>(<span class="ruby-identifier">auth</span>) <span class="ruby-identifier">pw</span> = <span class="ruby-ivar">@authenticator</span>.<span class="ruby-identifier">call</span>(<span class="ruby-identifier">auth</span>.<span class="ruby-identifier">username</span>) <span class="ruby-identifier">pw</span> <span class="ruby-operator">&&</span> <span class="ruby-constant">Rack</span><span class="ruby-operator">::</span><span class="ruby-constant">Utils</span>.<span class="ruby-identifier">secure_compare</span>(<span class="ruby-identifier">digest</span>(<span class="ruby-identifier">auth</span>, <span class="ruby-identifier">pw</span>), <span class="ruby-identifier">auth</span>.<span class="ruby-identifier">response</span>) <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-valid_nonce-3F" class="method-detail "> <div class="method-heading"> <span class="method-name">valid_nonce?</span><span class="method-args">(auth)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="valid_nonce-3F-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 95</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">valid_nonce?</span>(<span class="ruby-identifier">auth</span>) <span class="ruby-identifier">auth</span>.<span class="ruby-identifier">nonce</span>.<span class="ruby-identifier">valid?</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-valid_opaque-3F" class="method-detail "> <div class="method-heading"> <span class="method-name">valid_opaque?</span><span class="method-args">(auth)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="valid_opaque-3F-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 91</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">valid_opaque?</span>(<span class="ruby-identifier">auth</span>) <span class="ruby-constant">H</span>(<span class="ruby-identifier">opaque</span>) <span class="ruby-operator">==</span> <span class="ruby-identifier">auth</span>.<span class="ruby-identifier">opaque</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-valid_qop-3F" class="method-detail "> <div class="method-heading"> <span class="method-name">valid_qop?</span><span class="method-args">(auth)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="valid_qop-3F-source"> <pre><span class="ruby-comment"># File lib/rack/auth/digest/md5.rb, line 87</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">valid_qop?</span>(<span class="ruby-identifier">auth</span>) <span class="ruby-constant">QOP</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">auth</span>.<span class="ruby-identifier">qop</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> </section> </section> </main> <footer id="validator-badges" role="contentinfo"> <p><a href="https://validator.w3.org/check/referer">Validate</a> <p>Generated by <a href="https://ruby.github.io/rdoc/">RDoc</a> 6.2.1.1. <p>Based on <a href="http://deveiate.org/projects/Darkfish-RDoc/">Darkfish</a> by <a href="http://deveiate.org">Michael Granger</a>. </footer>