From: Tomas Doran Date: Wed, 19 Nov 2008 09:39:56 +0000 (+0000) Subject: Checking in changes prior to tagging of version 1.007. Changelog diff is: X-Git-Tag: v1.007^0 X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits%2FCatalyst-Authentication-Credential-HTTP.git;a=commitdiff_plain;h=2dad9ca67d911fc0a6da9caf66f033e81f72c8cb Checking in changes prior to tagging of version 1.007. Changelog diff is: === Changes ================================================================== --- Changes (revision 8542) +++ Changes (local) @@ -1,6 +1,9 @@ -1.007 - - Fix warning when used with self_check => 1 - - Added respository info to META.yml +1.007 2008-11-19 + - Add test for query strings in digest auth as digest header is built using + the full URI (t0m) + - Fix for this (Peter Corlett) + - Fix warning when used with self_check => 1 (t0m) + - Added respository info to META.yml (t0m) 1.006 2008-10-06 - Added username_field configuration option. I need this to play --- diff --git a/Changes b/Changes index ccdcfb5..c4781f8 100644 --- a/Changes +++ b/Changes @@ -1,6 +1,9 @@ -1.007 - - Fix warning when used with self_check => 1 - - Added respository info to META.yml +1.007 2008-11-19 + - Add test for query strings in digest auth as digest header is built using + the full URI (t0m) + - Fix for this (Peter Corlett) + - Fix warning when used with self_check => 1 (t0m) + - Added respository info to META.yml (t0m) 1.006 2008-10-06 - Added username_field configuration option. I need this to play diff --git a/lib/Catalyst/Authentication/Credential/HTTP.pm b/lib/Catalyst/Authentication/Credential/HTTP.pm index eacc14f..d668e53 100644 --- a/lib/Catalyst/Authentication/Credential/HTTP.pm +++ b/lib/Catalyst/Authentication/Credential/HTTP.pm @@ -13,7 +13,7 @@ BEGIN { __PACKAGE__->mk_accessors(qw/_config realm/); } -our $VERSION = "1.006"; +our $VERSION = "1.007"; sub new { my ($class, $config, $app, $realm) = @_; @@ -101,7 +101,7 @@ sub authenticate_digest { $c->log->debug('Checking authentication parameters.') if $c->debug; - my $uri = '/' . $c->request->path; + my $uri = $c->request->uri->path_query; my $algorithm = $res{algorithm} || 'MD5'; my $nonce_count = '0x' . $res{nc}; @@ -603,7 +603,7 @@ C methods return a hashed or salted version of the password. Updated to current name space and currently maintained by: Tomas Doran C. -Original module by: +Original module by: =over @@ -615,6 +615,16 @@ Original module by: =back +=head1 CONTRIBUTORS + +Patches contributed by: + +=over + +=item Peter Corlett + +=back + =head1 SEE ALSO RFC 2617 (or its successors), L, L diff --git a/t/04pod_spelling.t b/t/04pod_spelling.t index d9cdb5d..85e33d5 100644 --- a/t/04pod_spelling.t +++ b/t/04pod_spelling.t @@ -26,3 +26,4 @@ authorization sess init ok +Corlett diff --git a/t/live_app_digest.t b/t/live_app_digest.t index 32afff6..b77d256 100644 --- a/t/live_app_digest.t +++ b/t/live_app_digest.t @@ -12,7 +12,7 @@ BEGIN { eval { require Cache::FileCache } or plan skip_all => "Cache::FileCache is needed for this test"; - plan tests => 8; + plan tests => 12; } use Digest::MD5; use HTTP::Request; @@ -62,6 +62,7 @@ use Test::WWW::Mechanize::Catalyst qw/AuthTestApp/; sub do_test { my $username = shift; + my $uri = shift; my $mech = Test::WWW::Mechanize::Catalyst->new; $mech->get("http://localhost/moose"); is( $mech->status, 401, "status is 401" ); @@ -83,7 +84,7 @@ sub do_test { my $nc = '00000001'; my $method = 'GET'; my $qop = 'auth'; - my $uri = '/moose'; + $uri ||= '/moose'; my $ctx = Digest::MD5->new; $ctx->add( join( ':', $username, $realm, $password ) ); my $A1_digest = $ctx->hexdigest; @@ -97,7 +98,7 @@ sub do_test { $response = qq{Digest username="$username", realm="$realm", nonce="$nonce", uri="$uri", qop=$qop, nc=$nc, cnonce="$cnonce", response="$digest", opaque="$opaque"}; } - my $r = HTTP::Request->new( GET => "http://localhost/moose" ); + my $r = HTTP::Request->new( GET => "http://localhost" . $uri ); $mech->request($r); $r->headers->push_header( Authorization => $response ); $mech->request($r); @@ -106,4 +107,5 @@ sub do_test { } do_test('Mufasa'); -do_test('Mufasa2'); \ No newline at end of file +do_test('Mufasa2'); +do_test('Mufasa', '/moose?moose_id=1'); # Digest auth includes the full URL path, so need to test query strings