Add "Bearer" authentication scheme support

ruby · Jan 8, 2023 · c127726 · c127726
1 parent 4e02f93
commit c127726
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 3 deletions.
diff --git a/lib/net/http.rb b/lib/net/http.rb
@@ -309,6 +309,21 @@ class HTTPHeaderSyntaxError < StandardError; end
   #   }
   #   puts res.body
   #
+  # == Bearer Authentication
+  #
+  # Bearer authentication is performed according to
+  # [RFC8898](https://www.ietf.org/rfc/rfc8898.txt).
+  #
+  #   uri = URI('http://example.com/index.html?key=value')
+  #
+  #   req = Net::HTTP::Get.new(uri)
+  #   req.bearer_auth('access_token')
+  #
+  #   res = Net::HTTP.start(uri.hostname, uri.port) {|http|
+  #     http.request(req)
+  #   }
+  #   puts res.body
+  #
   # == Streaming Response Bodies
   #
   # By default Net::HTTP reads an entire response into memory.  If you are

diff --git a/lib/net/http/header.rb b/lib/net/http/header.rb
@@ -134,9 +134,11 @@
 # - #[]=: Sets the string or array value for the given key.
 # - #add_field: Creates or adds to the array value for the given key.
 # - #basic_auth: Sets the string authorization header for <tt>'Authorization'</tt>.
+# - #bearer_auth: Sets the string authorization header for <tt>'Authorization'</tt>.
 # - #content_length=: Sets the integer length for field <tt>'Content-Length</tt>.
 # - #content_type=: Sets the string value for field <tt>'Content-Type'</tt>.
 # - #proxy_basic_auth: Sets the string authorization header for <tt>'Proxy-Authorization'</tt>.
+# - #proxy_bearer_auth: Sets the string authorization header for <tt>'Proxy-Authorization'</tt>.
 # - #set_range: Sets the value for field <tt>'Range'</tt>.
 #
 # === Form Setters
@@ -871,21 +873,36 @@ def set_form(params, enctype='application/x-www-form-urlencoded', formopt={})
     end
   end
 
-  # Set the Authorization: header for "Basic" authorization.
+  # Sets the Authorization: header for "Basic" authorization.
   def basic_auth(account, password)
     @header['authorization'] = [basic_encode(account, password)]
   end
 
-  # Set Proxy-Authorization: header for "Basic" authorization.
+  # Sets the Authorization: header for "Bearer" authorization.
+  def bearer_auth(access_token)
+    @header['authorization'] = [bearer_encode(access_token)]
+  end
+
+  # Sets the Proxy-Authorization: header for "Basic" authorization.
   def proxy_basic_auth(account, password)
     @header['proxy-authorization'] = [basic_encode(account, password)]
   end
 
+  # Sets the Proxy-Authorization: header for "Bearer" authorization.
+  def proxy_bearer_auth(access_token)
+    @header['proxy-authorization'] = [bearer_encode(access_token)]
+  end
+
   def basic_encode(account, password)
     'Basic ' + ["#{account}:#{password}"].pack('m0')
   end
   private :basic_encode
 
+  def bearer_encode(access_token)
+    "Bearer #{access_token}"
+  end
+  private :bearer_encode
+
   def connection_close?
     token = /(?:\A|,)\s*close\s*(?:\z|,)/i
     @header['connection']&.grep(token) {return true}

diff --git a/test/net/http/test_httpheader.rb b/test/net/http/test_httpheader.rb
@@ -9,7 +9,7 @@ class C
     def initialize
       initialize_http_header({})
     end
-    attr_accessor :body
+    attr_accessor :body, :header
   end
 
   def setup
@@ -461,9 +461,23 @@ def test_set_form_data
   end
 
   def test_basic_auth
+    @c.basic_auth("test", "test")
+    assert_equal(@c.header["authorization"], ["Basic dGVzdDp0ZXN0"])
+  end
+
+  def test_bearer_auth
+    @c.bearer_auth("dGVzdA==")
+    assert_equal(@c.header["authorization"], ["Bearer dGVzdA=="])
   end
 
   def test_proxy_basic_auth
+    @c.proxy_basic_auth("test", "test")
+    assert_equal(@c.header["proxy-authorization"], ["Basic dGVzdDp0ZXN0"])
+  end
+
+  def test_proxy_bearer_auth
+    @c.proxy_bearer_auth("dGVzdA==")
+    assert_equal(@c.header["proxy-authorization"], ["Bearer dGVzdA=="])
   end
 
 end