Documentation
¶
Overview ¶
Package httpDigestAuthentication implements server side of rfc2617: HTTP Authentication: Digest Access Authentication.
Index ¶
- Variables
- func CheckCredentialsFromClient(c *ChallengeToClient, creds *CredentialsFromClient, ...) (bool, error)
- func GenerateAuthorization(c *CredentialsFromClient) string
- func GenerateResponseAuthorizationParameter(hashUsernameRealmPassword string, cr *CredentialsFromClient) (string, error)
- func GenerateWWWAuthenticate(c *ChallengeToClient) string
- func HashUsernameRealmPassword(username, realm, password string) string
- func ProveThatPeerHasRightPasswordhash(hashUsernameRealmPassword, ResponseFromClient string) string
- type ChallengeToClient
- type CredentialsFromClient
Constants ¶
This section is empty.
Variables ¶
var KeyProvePeerHasRightPasswordhash = "X-ProveThatPeerHasTheRightHash"
KeyProvePeerHasRightPasswordhash is used by clients to check the server side has the write password hash.
Functions ¶
func CheckCredentialsFromClient ¶
func CheckCredentialsFromClient(c *ChallengeToClient, creds *CredentialsFromClient, hashUsernameRealmPassword string) (bool, error)
CheckCredentialsFromClient checks clients password with digest method. It is used at server side.
func GenerateAuthorization ¶
func GenerateAuthorization(c *CredentialsFromClient) string
GenerateAuthorization creates a http digest Authorization header at client side.
func GenerateResponseAuthorizationParameter ¶
func GenerateResponseAuthorizationParameter(hashUsernameRealmPassword string, cr *CredentialsFromClient) (string, error)
GenerateResponseAuthorizationParameter creates 'response' parameter. Server side uses it to validate clients response. Client side uses it to create 'response' parameter. On server side the cr *CredentialsFromClient is used to get all input parameters and _must_ be previously checked against ChallengeToClient.
func GenerateWWWAuthenticate ¶
func GenerateWWWAuthenticate(c *ChallengeToClient) string
GenerateWWWAuthenticate generates the "WWW-Authenticate" header that holds http digest authentication challenge. Used on server side. Returns for example: 'Digest realm=qweqwe, nonce=qweqwe, opaque=qweqwe, stale=qweqwe, algorithm=md5, domain=qweqwe, qop=qweqwe'
func HashUsernameRealmPassword ¶
HashUsernameRealmPassword returns a string that one may save to a password database.
func ProveThatPeerHasRightPasswordhash ¶
ProveThatPeerHasRightPasswordhash is used by clients to ask the server to prove that it has the write passwordhash. That is the server didn't just answered 'OK' on our authorization.
Types ¶
type ChallengeToClient ¶
type ChallengeToClient struct {
Realm string
Domain string
Nonce string
Opaque string
Stale string
Algorithm string
Qop string
}
ChallengeToClient is used to hold parameters that will be sent to client in WWW-Authenticate header.
type CredentialsFromClient ¶
type CredentialsFromClient struct {
ChallengeToClient
Username string
URI string
NonceCount string
Cnonce string
Method string
Response string
}
CredentialsFromClient is used to hold digest parameters that a client returned us.
func ParseStringIntoStruct ¶
func ParseStringIntoStruct(input string) (*CredentialsFromClient, error)
ParseStringIntoStruct extracts digest parameters from string. It is used both at server and client side to create a struct with extracted parameters.
Source Files