instance method `expected_response`

Ruby on Rails 4.0.13

Since v2.3.18

Available in: v2.3.18 v3.0.20 v3.1.12 v3.2.22.5 v4.0.13 v4.1.16 v4.2.9 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2

Compare with:

expected_response(http_method, uri, credentials, password, password_is_ha1=true)

Returns the expected response for a request of http_method to uri with the decoded credentials and the expected password Optional parameter password_is_ha1 is set to true by default, since best practice is to store ha1 digest instead of a plain-text password.

Parameters

http_method req
uri req
credentials req
password req
password_is_ha1 opt = true

Source

# File actionpack/lib/action_controller/metal/http_authentication.rb, line 211
      def expected_response(http_method, uri, credentials, password, password_is_ha1=true)
        ha1 = password_is_ha1 ? password : ha1(credentials, password)
        ha2 = ::Digest::MD5.hexdigest([http_method.to_s.upcase, uri].join(':'))
        ::Digest::MD5.hexdigest([ha1, credentials[:nonce], credentials[:nc], credentials[:cnonce], credentials[:qop], ha2].join(':'))
      end

Defined in actionpack/lib/action_controller/metal/http_authentication.rb line 211 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActionController::HttpAuthentication::Digest

Signature

Parameters