Lasso Soft Inc. > Home

[Include_URL_Digest]

LinkInclude_URL_Digest
AuthorSidney San Martin
CategoryNetworking
Version8.5.x
LicensePublic Domain
Posted08 Mar 2010
Updated10 Aug 2011
More by this author...

Description

This tag provides support for making requests to URLs that require digest authentication. Any parameters other than Username and Password will be forwarded to [Include_URL] untouched.

This is an early release, so please report any issues you have with it.

August 10, 2011 Update: Removed method parameter. Forward other parameters to [Include_URL] instead of making up my own syntax.

From DeepTech, Inc.

Sample Usage

Include_URL_Digest: 'https://example.com/',
                    -Username = 'user',
                    -Password = 'pass';

Source Code

Click the "Download" button below to retrieve a copy of this tag, including the complete documentation and sample usage shown on this page. Place the downloaded ".inc" file in your LassoStartup folder, restart Lasso, and you can begin using this tag immediately.

Define_Tag('Include_URL_Digest',
	-Required = 'url', -Type = 'string',
	-Required = 'Username', -Type = 'string',
	-Required = 'Password', -Type = 'string',
	-Optional = 'POSTParams',
	-Optional = 'SendMIMEHeaders', -Type = 'array'
);
	Local('includeParams' = Params, 'splitURL', 'path', 'authRequestHeaders', 'wwwAuthenticate', 'responseHeaders' = Array, 'realm', 'nonce', 'algorithm', 'authResponse', 'response');
	
	#includeParams->RemoveAll(-Username);
	#includeParams->RemoveAll(-Password);
	
	// Retrieve path portion of URL ( proto://example.com(/path) )
	#splitURL = String_FindRegExp(#url, -Find = '^[a-z]+:\/\/[^:\/\\s]+(?::[^\/]*)?(.*)$', -ignoreCase);
	Fail_If((#splitURL->Size !== 2), -1, #url+" is not a valid address");
	#path = #splitURL->Get(2);
	
	Include_URL(#url, -RetrieveMIMEHeaders='authRequestHeaders', -NoData);
	#wwwAuthenticate = #authRequestHeaders->find('WWW-Authenticate');
	Local('currentHeader', 'realmMatch', 'nonceMatch', 'algorithmMatch');
	Loop(#wwwAuthenticate->Size);
		#currentHeader = #wwwAuthenticate->Get(Loop_Count)->Value;
		#realmMatch = String_FindRegExp(#currentHeader, -Find = 'realm="(.+?)"');
		#nonceMatch = String_FindRegExp(#currentHeader, -Find = 'nonce="(.+?)"');
		#algorithmMatch = String_FindRegExp(#currentHeader, -Find = 'algorithm="(.+?)"');
		If (#realmMatch->Size == 2 && #nonceMatch->Size == 2);
			#realm = #realmMatch->Get(2);
			#nonce = #nonceMatch->Get(2);
			If (#algorithmMatch-> Size == 2);
				#algorithm = #algorithmMatch->Get(2);
			/If;
			Loop_Abort;
		/If;
	/Loop;
	If (!(#realm && #nonce));
		Return;
	/If;
	Fail_If(#algorithm && ((String_UpperCase: #algorithm) !== 'MD5'), -1, #algorithm+' is not a supported digest authentication algorithm ');
	If(Local_Defined('SendMIMEHeaders'));
		#responseHeaders->Merge(#SendMIMEHeaders);
	/If;
	#authResponse = Encrypt_MD5(Encrypt_MD5(#Username + ':' + #realm + ':' + #Password) + ':' + #nonce + ':' + Encrypt_MD5((Local_Defined('POSTParams') ? 'POST' | 'GET') + ':' + #path));
	#responseHeaders->Insert('Authorization'='Digest username="'+#Username+'", realm="'+#realm+'", nonce="'+#nonce+'", uri="'+#path+'", response="'+#authResponse+(#algorithm ? '", algorithm="'+#algorithm+'"' | ''));
	
	#includeParams->RemoveAll(-SendMIMEHeaders);
	#includeParams->Insert(-SendMIMEHeaders = #responseHeaders);
	
	return(\Include_URL->Run(-Params = #includeParams));
/Define_Tag;

Comments

No comments

Please log in to comment

Subscribe to the LassoTalk mail list

LassoSoft Inc. > Home

 

 

©LassoSoft Inc 2015 | Web Development by Treefrog Inc | PrivacyLegal terms and Shipping | Contact LassoSoft