net_dav icon indicating copy to clipboard operation
net_dav copied to clipboard

Published 20 hours ago verified publisher icon devrandom

Repairing digest authentication in handle_request

Open emarley opened this issue 13 years ago • 7 comments

Digest authentication stopped working for me sometime since the 0.5 gem. It seems digest_auth needs the result from the first unauthenticated request in order to build the proper headers for digest authentication. This change moves the digest_auth call from the beginning of the second handle_request (when it can't see the results from the first request) to the end of the first handle_request (when it can).

I changed as little as possible. It might make sense to change the case statement at line 157 to something else, since there's now only one case to consider there.

emarley avatar Jan 19 '12 00:01 emarley

You may have specific reasons not to want to use net-http-digest_auth directly. So I understand if you only want to pull the first commit and not the second one.

emarley avatar Jan 20 '12 22:01 emarley

Sorry for the delay.

I don't mind pulling both, but the dependency on the digest auth gem has to be declared in the Rakefile jeweler config.

devrandom avatar Mar 07 '12 19:03 devrandom

Ah, okay. I haven't worked much with rakefiles. I'll try to sort that out this weekend. Thanks!

emarley avatar Mar 12 '12 20:03 emarley

Ping?

devrandom avatar Jul 06 '12 20:07 devrandom

Sorry, got drowned in personal stuff. Still aim to do this soon-ish.

On Jul 6, 2012, at 1:45 PM, Dev [email protected] wrote:

Ping?

Reply to this email directly or view it on GitHub: https://github.com/devrandom/net_dav/pull/19#issuecomment-6815813

emarley avatar Jul 15 '12 03:07 emarley

I think this was the change you wanted. Thanks for your patience.

emarley avatar Jul 29 '12 04:07 emarley

I had to make the following change on top of the pull request to get it to work:

@@ -179,15 +184,18 @@
           return response
         when Net::HTTPUnauthorized     then
           response.error! unless @user
-          response.error! if req['authorization']
           new_req = clone_req(req.path, req, headers)
           if response['www-authenticate'] =~ /^basic/i
             if disable_basic_auth
               raise "server requested basic auth, but that is disabled"
             end
+            response.error! if req['authorization']
             @authorization = :basic
           else
             @authorization = :digest
            # Need to set up a new digest auth.

Otherwise I got the following (premature) error:

401 "Unauthorized ( The server requires authorization to fulfill the request. Access to the Web server is denied. Contact the server administrator.  )" (Net::HTTPServerException)
/usr/lib/ruby/2.3.0/net/http/response.rb:120:in `error!'
/usr/lib/ruby/vendor_ruby/net/dav.rb:187:in `handle_request'
/usr/lib/ruby/vendor_ruby/net/dav.rb:120:in `request_returning_body'
/usr/lib/ruby/vendor_ruby/net/dav.rb:586:in `get'

paulvt avatar Dec 20 '17 13:12 paulvt