Improve documentation for authenticate_digest()

[catagits/Catalyst-Authentication-Credential-HTTP.git] / lib / Catalyst / Authentication / Credential / HTTP.pm

diff --git a/lib/Catalyst/Authentication/Credential/HTTP.pm b/lib/Catalyst/Authentication/Credential/HTTP.pm
index dc43280..1e2648d 100644 (file)
--- a/lib/Catalyst/Authentication/Credential/HTTP.pm
+++ b/lib/Catalyst/Authentication/Credential/HTTP.pm
@@ -20,14 +20,14 @@ __PACKAGE__->mk_accessors(qw/
     use_uri_for
 /);
 
-our $VERSION = '1.009';
+our $VERSION = '1.012';
 
 sub new {
     my ($class, $config, $app, $realm) = @_;
     
     $config->{username_field} ||= 'username';
     # _config is shity back-compat with our base class.
-    my $self = { %$config, _config => $config, _debug => $app->debug };
+    my $self = { %$config, _config => $config, _debug => $app->debug ? 1 : 0 };
     bless $self, $class;
     
     $self->realm($realm);
@@ -183,8 +183,8 @@ sub authenticate_digest {
                     $A2_digest );
             my $rq_digest = Digest::MD5::md5_hex($digest_in);
             $nonce->nonce_count($nonce_count);
-            $c->cache->set( __PACKAGE__ . '::opaque:' . $nonce->opaque,
-                $nonce );
+            my $key = __PACKAGE__ . '::opaque:' . $nonce->opaque;
+            $self->store_digest_authorization_nonce( $c, $key, $nonce );
             if ($rq_digest eq $res{response}) {
                 return $user_obj;
             }
@@ -528,12 +528,17 @@ Performs HTTP basic authentication.
 
 =item authenticate_digest $c, $realm, \%auth_info
 
-Performs HTTP digest authentication. Note that the password_type B<must> by I<clear> for
-digest authentication to succeed, and you must have L<Catalyst::Plugin::Session> in
-your application as digest authentication needs to store persistent data.
+Performs HTTP digest authentication.
 
-Note - if you do not want to store your user passwords as clear text, then it is possible
-to store instead the MD5 digest in hex of the string '$username:$realm:$password' 
+The password_type B<must> be I<clear> for digest authentication to
+succeed.  If you do not want to store your user passwords as clear
+text, you may instead store the MD5 digest in hex of the string
+'$username:$realm:$password'.
+
+L<Catalyst::Plugin::Cache> is used for persistent storage of the nonce
+values (see L</Nonce>).  It must be loaded in your application, unless
+you override the C<store_digest_authorization_nonce> and
+C<get_digest_authorization_nonce> methods as shown below.
 
 Takes an additional parameter of I<algorithm>, the possible values of which are 'MD5' (the default)
 and 'MD5-sess'. For more information about 'MD5-sess', see section 3.2.2.2 in RFC 2617.
@@ -635,6 +640,8 @@ Patches contributed by:
 
 =item Peter Corlett
 
+=item Devin Austin (dhoss) C<dhoss@cpan.org>
+
 =back
 
 =head1 SEE ALSO