package LWP::Authen::Digest; use strict; require MD5; sub authenticate { my($class, $ua, $proxy, $auth_param, $response, $request, $arg, $size) = @_; my($user, $pass) = $ua->get_basic_credentials($auth_param->{realm}, $request->url, $proxy); return $response unless defined $user and defined $pass; my $nc = sprintf "%08X", ++$ua->{authen_md5_nonce_count}{$auth_param->{nonce}}; my $cnonce = sprintf "%8x", time; my $uri = $request->url->path_query; $uri = "/" unless length $uri; my $md5 = new MD5; my(@digest); $md5->add(join(":", $user, $auth_param->{realm}, $pass)); push(@digest, $md5->hexdigest); $md5->reset; push(@digest, $auth_param->{nonce}); if ($auth_param->{qop}) { push(@digest, $nc, $cnonce, $auth_param->{qop}); } $md5->add(join(":", $request->method, $uri)); push(@digest, $md5->hexdigest); $md5->reset; $md5->add(join(":", @digest)); my($digest) = $md5->hexdigest; $md5->reset; my %resp = map { $_ => $auth_param->{$_} } qw(realm nonce opaque); @resp{qw(username uri response algorithm)} = ($user, $uri, $digest, "MD5"); if($auth_param->{qop} eq "auth") { @resp{qw(qop cnonce nc)} = ("auth", $cnonce, $nc); } my(@order) = qw(username realm qop algorithm uri nonce nc cnonce response); if($request->method =~ /^(?:POST|PUT)$/) { $md5->add($request->content); my $content = $md5->hexdigest; $md5->reset; $md5->add(join(":", @digest[0..1], $content)); $md5->reset; $resp{"message-digest"} = $md5->hexdigest; push(@order, "message-digest"); } push(@order, "opaque"); my @pairs; for (@order) { next unless defined $resp{$_}; push(@pairs, "$_=" . qq("$resp{$_}")); } my $auth_header = $proxy ? "Proxy-Authorization" : "Authorization"; my $auth_value = "Digest " . join(", ", @pairs); # Need to check this isn't a repeated fail! my $r = $response; while ($r) { my $auth = $r->request->header($auth_header); if ($auth && $auth eq $auth_value) { # here we know this failed before $response->header("Client-Warning" => "Credentials for '$user' failed before"); return $response; } $r = $r->previous; } my $referral = $request->clone; $referral->header($auth_header => $auth_value); return $ua->request($referral, $arg, $size, $response); } 1;