plug_hyper_auth v0.1.0 HyperAuth.Scheme.Digest

Adapter for scheme Digest.

The opaque value is used to store a signed timestamp in UTC timezone, used to re-generate the nonce value, checking the opaque is not modified and the time.

RFC 7616 https://tools.ietf.org/html/rfc7616

Link to this section Summary

Functions

Hash md5 encoded in hexadecimal in lowercase

Process authorization with scheme Digest

Value of www-authenticate for scheme Digest

Hash sha256 encoded in hexadecimal in lowercase

Hash sha384 encoded in base64. This is used to have a nonce more secure than with md5

Verify timestamp difference in UTC timezone in seconds using now as new

Verify timestamps difference in UTC timezone in seconds

Link to this section Functions

Link to this function md5(clear_text)

Hash md5 encoded in hexadecimal in lowercase.

iex> HyperAuth.Scheme.Digest.md5 “Test” “0cbc6611f5540bd0809a388dc95a615b”

Link to this function process_authorization(conn, tokens, authorization, opts)

Process authorization with scheme Digest.

Examples

iex> HyperAuth.Scheme.Digest.process_authorization Plug.Test.conn(:get, “/“), [], %{}, [] nil

iex> HyperAuth.Scheme.Digest.process_authorization Plug.Test.conn(:get, “/“), [], %{}, [] nil

Link to this function request_authenticate(conn, opts)

Value of www-authenticate for scheme Digest.

Examples

iex> www_authenticate = HyperAuth.Scheme.Digest.request_authenticate Plug.Test.conn(:get, “/“), realm: “admin@localhost” …> www_authenticate =~ “algorithm=\”SHA-256\”” true …> www_authenticate =~ “realm=\”admin@localhost\”” true …> www_authenticate =~ “opaque” true …> www_authenticate =~ “nonce” true

Link to this function sha256(clear_text)

Hash sha256 encoded in hexadecimal in lowercase.

iex> HyperAuth.Scheme.Digest.sha256 “Test” “532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25”

Link to this function sha384_encode64(clear_text)

Hash sha384 encoded in base64. This is used to have a nonce more secure than with md5.

Examples

iex> HyperAuth.Scheme.Digest.sha384_encode64 “Test” “e49GVAdrgOuWORHxnPrRqvQoXtSOgm9s3hsBp5qnP621RG5mf8T5BBd4LJEnBUDz”

Link to this function verify_timestamp(old_timestamp, seconds)

Verify timestamp difference in UTC timezone in seconds using now as new.

Examples

iex> old_timestamp = DateTime.utc_now() …> |> DateTime.to_unix() …> old_timestamp …> |> HyperAuth.Scheme.Digest.verify_timestamp(10) true

Link to this function verify_timestamp(new_timestamp, old_timestamp, seconds)

Verify timestamps difference in UTC timezone in seconds.

Examples

iex> HyperAuth.Scheme.Digest.verify_timestamp 20, 15, 5 true

iex> HyperAuth.Scheme.Digest.verify_timestamp 23, 15, 5 false

iex> old_timestamp = DateTime.utc_now() …> |> DateTime.to_unix() …> DateTime.utc_now() …> |> DateTime.to_unix() …> |> HyperAuth.Scheme.Digest.verify_timestamp(old_timestamp, 10) true