1 package LWP::Authen::Digest;
8 my($class, $ua, $proxy, $auth_param, $response,
9 $request, $arg, $size) = @_;
11 my($user, $pass) = $ua->get_basic_credentials($auth_param->{realm},
12 $request->url, $proxy);
13 return $response unless defined $user and defined $pass;
15 my $nc = sprintf "%08X", ++$ua->{authen_md5_nonce_count}{$auth_param->{nonce}};
16 my $cnonce = sprintf "%8x", time;
18 my $uri = $request->url->path_query;
19 $uri = "/" unless length $uri;
21 my $md5 = Digest::MD5->new;
24 $md5->add(join(":", $user, $auth_param->{realm}, $pass));
25 push(@digest, $md5->hexdigest);
28 push(@digest, $auth_param->{nonce});
30 if ($auth_param->{qop}) {
31 push(@digest, $nc, $cnonce, ($auth_param->{qop} =~ m|^auth[,;]auth-int$|) ? 'auth' : $auth_param->{qop});
34 $md5->add(join(":", $request->method, $uri));
35 push(@digest, $md5->hexdigest);
38 $md5->add(join(":", @digest));
39 my($digest) = $md5->hexdigest;
42 my %resp = map { $_ => $auth_param->{$_} } qw(realm nonce opaque);
43 @resp{qw(username uri response algorithm)} = ($user, $uri, $digest, "MD5");
45 if (($auth_param->{qop} || "") =~ m|^auth([,;]auth-int)?$|) {
46 @resp{qw(qop cnonce nc)} = ("auth", $cnonce, $nc);
49 my(@order) = qw(username realm qop algorithm uri nonce nc cnonce response);
50 if($request->method =~ /^(?:POST|PUT)$/) {
51 $md5->add($request->content);
52 my $content = $md5->hexdigest;
54 $md5->add(join(":", @digest[0..1], $content));
56 $resp{"message-digest"} = $md5->hexdigest;
57 push(@order, "message-digest");
59 push(@order, "opaque");
62 next unless defined $resp{$_};
63 push(@pairs, "$_=" . qq("$resp{$_}"));
66 my $auth_header = $proxy ? "Proxy-Authorization" : "Authorization";
67 my $auth_value = "Digest " . join(", ", @pairs);
69 # Need to check this isn't a repeated fail!
72 my $u = $r->request->{digest_user_pass};
73 if ($u && $u->[0] eq $user && $u->[1] eq $pass) {
74 # here we know this failed before
75 $response->header("Client-Warning" =>
76 "Credentials for '$user' failed before");
82 my $referral = $request->clone;
83 $referral->header($auth_header => $auth_value);
84 # we shouldn't really do this, but...
85 $referral->{digest_user_pass} = [$user, $pass];
87 return $ua->request($referral, $arg, $size, $response);