method
check_nonce
v1_9_2_180 -
Show latest stable
-
0 notes -
Class: WEBrick::HTTPAuth::DigestAuth
- 1_8_6_287 (0)
- 1_8_7_72 (0)
- 1_8_7_330 (0)
- 1_9_1_378 (0)
- 1_9_2_180 (0)
- 1_9_3_125 (0)
- 1_9_3_392 (0)
- 2_1_10
- 2_2_9
- 2_4_6
- 2_5_5
- 2_6_3
- What's this?
check_nonce(req, auth_req)
private
Hide source
# File lib/webrick/httpauth/digestauth.rb, line 260 def check_nonce(req, auth_req) username = auth_req['username'] nonce = auth_req['nonce'] pub_time, pk = nonce.unpack("m*")[0].split(":", 2) if (!pub_time || !pk) error("%s: empty nonce is given", username) return false elsif (hexdigest(pub_time, @instance_key)[0,32] != pk) error("%s: invalid private-key: %s for %s", username, hexdigest(pub_time, @instance_key)[0,32], pk) return false end diff_time = req.request_time.to_i - pub_time.to_i if (diff_time < 0) error("%s: difference of time-stamp is negative.", username) return false elsif diff_time > @nonce_expire_period error("%s: nonce is expired.", username) return false end return true end