Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
张重言
rails
提交
ba924a51
R
rails
项目概览
张重言
/
rails
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
rails
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
ba924a51
编写于
5月 01, 2015
作者:
K
Keenan Brock
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Give authentication methods the ability to customize response message.
Digest allowed the messages. Add the same feature to basic and token
上级
b67197ee
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
22 addition
and
20 deletion
+22
-20
actionpack/lib/action_controller/metal/http_authentication.rb
...onpack/lib/action_controller/metal/http_authentication.rb
+16
-14
actionpack/test/controller/http_basic_authentication_test.rb
actionpack/test/controller/http_basic_authentication_test.rb
+3
-3
actionpack/test/controller/http_token_authentication_test.rb
actionpack/test/controller/http_token_authentication_test.rb
+3
-3
未找到文件。
actionpack/lib/action_controller/metal/http_authentication.rb
浏览文件 @
ba924a51
...
...
@@ -74,16 +74,16 @@ def http_basic_authenticate_with(options = {})
end
end
def
authenticate_or_request_with_http_basic
(
realm
=
"Application"
,
&
login_procedure
)
authenticate_with_http_basic
(
&
login_procedure
)
||
request_http_basic_authentication
(
realm
)
def
authenticate_or_request_with_http_basic
(
realm
=
"Application"
,
message
=
nil
,
&
login_procedure
)
authenticate_with_http_basic
(
&
login_procedure
)
||
request_http_basic_authentication
(
realm
,
message
)
end
def
authenticate_with_http_basic
(
&
login_procedure
)
HttpAuthentication
::
Basic
.
authenticate
(
request
,
&
login_procedure
)
end
def
request_http_basic_authentication
(
realm
=
"Application"
)
HttpAuthentication
::
Basic
.
authentication_request
(
self
,
realm
)
def
request_http_basic_authentication
(
realm
=
"Application"
,
message
=
nil
)
HttpAuthentication
::
Basic
.
authentication_request
(
self
,
realm
,
message
)
end
end
...
...
@@ -117,10 +117,11 @@ def encode_credentials(user_name, password)
"Basic
#{
::
Base64
.
strict_encode64
(
"
#{
user_name
}
:
#{
password
}
"
)
}
"
end
def
authentication_request
(
controller
,
realm
)
def
authentication_request
(
controller
,
realm
,
message
)
message
||=
"HTTP Basic: Access denied.
\n
"
controller
.
headers
[
"WWW-Authenticate"
]
=
%(Basic realm="#{realm.tr('"'.freeze, "".freeze)}")
controller
.
status
=
401
controller
.
response_body
=
"HTTP Basic: Access denied.
\n
"
controller
.
response_body
=
message
end
end
...
...
@@ -170,8 +171,8 @@ module Digest
extend
self
module
ControllerMethods
def
authenticate_or_request_with_http_digest
(
realm
=
"Application"
,
&
password_procedure
)
authenticate_with_http_digest
(
realm
,
&
password_procedure
)
||
request_http_digest_authentication
(
realm
)
def
authenticate_or_request_with_http_digest
(
realm
=
"Application"
,
message
=
nil
,
&
password_procedure
)
authenticate_with_http_digest
(
realm
,
&
password_procedure
)
||
request_http_digest_authentication
(
realm
,
message
)
end
# Authenticate with HTTP Digest, returns true or false
...
...
@@ -401,16 +402,16 @@ module Token
extend
self
module
ControllerMethods
def
authenticate_or_request_with_http_token
(
realm
=
"Application"
,
&
login_procedure
)
authenticate_with_http_token
(
&
login_procedure
)
||
request_http_token_authentication
(
realm
)
def
authenticate_or_request_with_http_token
(
realm
=
"Application"
,
message
=
nil
,
&
login_procedure
)
authenticate_with_http_token
(
&
login_procedure
)
||
request_http_token_authentication
(
realm
,
message
)
end
def
authenticate_with_http_token
(
&
login_procedure
)
Token
.
authenticate
(
self
,
&
login_procedure
)
end
def
request_http_token_authentication
(
realm
=
"Application"
)
Token
.
authentication_request
(
self
,
realm
)
def
request_http_token_authentication
(
realm
=
"Application"
,
message
=
nil
)
Token
.
authentication_request
(
self
,
realm
,
message
)
end
end
...
...
@@ -498,9 +499,10 @@ def encode_credentials(token, options = {})
# realm - String realm to use in the header.
#
# Returns nothing.
def
authentication_request
(
controller
,
realm
)
def
authentication_request
(
controller
,
realm
,
message
=
nil
)
message
||=
"HTTP Token: Access denied.
\n
"
controller
.
headers
[
"WWW-Authenticate"
]
=
%(Token realm="#{realm.tr('"'.freeze, "".freeze)}")
controller
.
__send__
:render
,
:text
=>
"HTTP Token: Access denied.
\n
"
,
:status
=>
:unauthorized
controller
.
__send__
:render
,
:text
=>
message
,
:status
=>
:unauthorized
end
end
end
...
...
actionpack/test/controller/http_basic_authentication_test.rb
浏览文件 @
ba924a51
...
...
@@ -36,7 +36,7 @@ def authenticate_with_request
if
authenticate_with_http_basic
{
|
username
,
password
|
username
==
'pretty'
&&
password
==
'please'
}
@logged_in
=
true
else
request_http_basic_authentication
(
"SuperSecret"
)
request_http_basic_authentication
(
"SuperSecret"
,
"Authentication Failed
\n
"
)
end
end
...
...
@@ -104,7 +104,7 @@ def test_encode_credentials_has_no_newline
get
:display
assert_response
:unauthorized
assert_equal
"
HTTP Basic: Access denied.
\n
"
,
@response
.
body
assert_equal
"
Authentication Failed
\n
"
,
@response
.
body
assert_equal
'Basic realm="SuperSecret"'
,
@response
.
headers
[
'WWW-Authenticate'
]
end
...
...
@@ -113,7 +113,7 @@ def test_encode_credentials_has_no_newline
get
:display
assert_response
:unauthorized
assert_equal
"
HTTP Basic: Access denied.
\n
"
,
@response
.
body
assert_equal
"
Authentication Failed
\n
"
,
@response
.
body
assert_equal
'Basic realm="SuperSecret"'
,
@response
.
headers
[
'WWW-Authenticate'
]
end
...
...
actionpack/test/controller/http_token_authentication_test.rb
浏览文件 @
ba924a51
...
...
@@ -30,7 +30,7 @@ def authenticate_with_request
if
authenticate_with_http_token
{
|
token
,
options
|
token
==
'"quote" pretty'
&&
options
[
:algorithm
]
==
'test'
}
@logged_in
=
true
else
request_http_token_authentication
(
"SuperSecret"
)
request_http_token_authentication
(
"SuperSecret"
,
"Authentication Failed
\n
"
)
end
end
...
...
@@ -91,7 +91,7 @@ def authenticate_long_credentials
get
:display
assert_response
:unauthorized
assert_equal
"
HTTP Token: Access denied.
\n
"
,
@response
.
body
assert_equal
"
Authentication Failed
\n
"
,
@response
.
body
assert_equal
'Token realm="SuperSecret"'
,
@response
.
headers
[
'WWW-Authenticate'
]
end
...
...
@@ -100,7 +100,7 @@ def authenticate_long_credentials
get
:display
assert_response
:unauthorized
assert_equal
"
HTTP Token: Access denied.
\n
"
,
@response
.
body
assert_equal
"
Authentication Failed
\n
"
,
@response
.
body
assert_equal
'Token realm="SuperSecret"'
,
@response
.
headers
[
'WWW-Authenticate'
]
end
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录