• Модуль: dav
  • Путь к файлу: ~/bitrix/modules/dav/classes/general/groupdavclient.php
  • Класс: CDavGroupdavClient
  • Вызов: CDavGroupdavClient::AuthenticateDigest
private function AuthenticateDigest($arDigestRequest, $request, $response, $verb = "Authorization")
{
	// qop="auth",algorithm=MD5-sess,nonce="+Upgraded+v1fdcb1e18d2cc7a72322c81c0d8d2a3c332f7908ef0dfcb01aa9fb63930eadf5722dc8f6ce7b82912353531b18360cd62382a6c2433939d3f",charset=utf-8,realm="Digest"

/*
TODO:
If the "qop" value is "auth" or "auth-int":

      request-digest  = <"> < KD ( H(A1),     unq(nonce-value)
                                          ":" nc-value
                                          ":" unq(cnonce-value)
                                          ":" unq(qop-value)
                                          ":" H(A2)
                                  ) <">

   If the "qop" directive is not present (this construction is for
   compatibility with RFC 2069):

      request-digest  =
                 <"> < KD ( H(A1), unq(nonce-value) ":" H(A2) ) > <">

If the "algorithm" directive's value is "MD5" or is unspecified, then
   A1 is:

      A1       = unq(username-value) ":" unq(realm-value) ":" passwd

   where

      passwd   = < user's password >

   If the "algorithm" directive's value is "MD5-sess", then A1 is
   calculated only once - on the first request by the client following
   receipt of a WWW-Authenticate challenge from the server.  It uses the
   server nonce from that challenge, and the first client nonce value to
   construct A1 as follows:

      A1       = H( unq(username-value) ":" unq(realm-value)
                     ":" passwd )
                     ":" unq(nonce-value) ":" unq(cnonce-value)

 If the "qop" directive's value is "auth" or is unspecified, then A2
   is:

      A2       = Method ":" digest-uri-value

   If the "qop" value is "auth-int", then A2 is:

      A2       = Method ":" digest-uri-value ":" H(entity-body)

*/

	$cn = md5(uniqid());

	$a1 = md5($this->userName . ':' . $arDigestRequest["realm"] . ':' . $this->userPassword) . ":"
		. $arDigestRequest["nonce"] . ":" . $cn;
	$a2 = $request->GetMethod().":".$request->GetPath();
	$hash = md5(md5($a1).":".$arDigestRequest["nonce"].":00000001:".$cn.":".$arDigestRequest["qop"].":".md5($a2));

	$request->SetHeader(
		$verb,
		sprintf(
			"Digest username="%s",realm="%s",nonce="%s",uri="%s",cnonce="%s",nc=00000001,algorithm=%s,response="%s",qop="%s",charset=utf-8",
			$this->userName,
			$arDigestRequest["realm"],
			$arDigestRequest["nonce"],
			$request->GetPath(),
			$cn,
			$arDigestRequest["algorithm"],
			$hash,
			$arDigestRequest["qop"]
		)
	);

	return $request;
}