Na}{

File Content: basicauth.rb

# frozen_string_literal: false
#
# httpauth/basicauth.rb -- HTTP basic access authentication
#
# Author: IPR -- Internet Programming with Ruby -- writers
# Copyright (c) 2003 Internet Programming with Ruby writers. All rights
# reserved.
#
# $IPR: basicauth.rb,v 1.5 2003/02/20 07:15:47 gotoyuzo Exp $

require_relative '../config'
require_relative '../httpstatus'
require_relative 'authenticator'

module WEBrick
  module HTTPAuth

##
    # Basic Authentication for WEBrick
    #
    # Use this class to add basic authentication to a WEBrick servlet.
    #
    # Here is an example of how to set up a BasicAuth:
    #
    #   config = { :Realm => 'BasicAuth example realm' }
    #
    #   htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file', password_hash: :bcrypt
    #   htpasswd.set_passwd config[:Realm], 'username', 'password'
    #   htpasswd.flush
    #
    #   config[:UserDB] = htpasswd
    #
    #   basic_auth = WEBrick::HTTPAuth::BasicAuth.new config

class BasicAuth
      include Authenticator

AuthScheme = "Basic" # :nodoc:

##
      # Used by UserDB to create a basic password entry

def self.make_passwd(realm, user, pass)
        pass ||= ""
        pass.crypt(Utils::random_string(2))
      end

attr_reader :realm, :userdb, :logger

##
      # Creates a new BasicAuth instance.
      #
      # See WEBrick::Config::BasicAuth for default configuration entries
      #
      # You must supply the following configuration entries:
      #
      # :Realm:: The name of the realm being protected.
      # :UserDB:: A database of usernames and passwords.
      #           A WEBrick::HTTPAuth::Htpasswd instance should be used.

def initialize(config, default=Config::BasicAuth)
        check_init(config)
        @config = default.dup.update(config)
      end

##
      # Authenticates a +req+ and returns a 401 Unauthorized using +res+ if
      # the authentication was not correct.

def authenticate(req, res)
        unless basic_credentials = check_scheme(req)
          challenge(req, res)
        end
        userid, password = basic_credentials.unpack("m*")[0].split(":", 2)
        password ||= ""
        if userid.empty?
          error("user id was not given.")
          challenge(req, res)
        end
        unless encpass = @userdb.get_passwd(@realm, userid, @reload_db)
          error("%s: the user is not allowed.", userid)
          challenge(req, res)
        end

case encpass
        when /\A\$2[aby]\$/
          password_matches = BCrypt::Password.new(encpass.sub(/\A\$2[aby]\$/, '$2a$')) == password
        else
          password_matches = password.crypt(encpass) == encpass
        end

unless password_matches
          error("%s: password unmatch.", userid)
          challenge(req, res)
        end
        info("%s: authentication succeeded.", userid)
        req.user = userid
      end

##
      # Returns a challenge response which asks for authentication information

def challenge(req, res)
        res[@response_field] = "#{@auth_scheme} realm=\"#{@realm}\""
        raise @auth_exception
      end
    end

##
    # Basic authentication for proxy servers.  See BasicAuth for details.

class ProxyBasicAuth < BasicAuth
      include ProxyAuthenticator
    end
  end
end

Name	Size	Permission
authenticator.rb	3101 bytes	0644
basicauth.rb	3328 bytes	0644
digestauth.rb	13103 bytes	0644
htdigest.rb	3515 bytes	0644
htgroup.rb	2489 bytes	0644
htpasswd.rb	4699 bytes	0644
userdb.rb	1346 bytes	0644