module ActionController::HttpAuthentication::Digest

def validate_digest_response(request, realm, &password_procedure)

text password.
First try the password as a ha1 digest password. If this fails, then try it as a plain
Returns false unless the request credentials response value matches the expected value.

def validate_digest_response(request, realm, &password_procedure)
  secret_key  = secret_token(request)
  credentials = decode_credentials_header(request)
  valid_nonce = validate_nonce(secret_key, request, credentials[:nonce])
  if valid_nonce && realm == credentials[:realm] && opaque(secret_key) == credentials[:opaque]
    password = password_procedure.call(credentials[:username])
    return false unless password
    method = request.get_header("rack.methodoverride.original_method") || request.get_header("REQUEST_METHOD")
    uri    = credentials[:uri]
    [true, false].any? do |trailing_question_mark|
      [true, false].any? do |password_is_ha1|
        _uri = trailing_question_mark ? uri + "?" : uri
        expected = expected_response(method, _uri, credentials, password, password_is_ha1)
        expected == credentials[:response]
      end
    end
  end
end

Modules

Classes

module ActionController::HttpAuthentication::Digest

def validate_digest_response(request, realm, &password_procedure)

Instance Methods