source: [view]
var dxed = dojox.encoding.digests;
var dxedo = dojox.encoding.digests.outputTypes;
var HEX = function(n){
return dxed.MD5(n, dxedo.Hex);
};
var H = function(s){
return dxed.MD5(s, dxedo.String);
};
var ch_str = dojox.xmpp.util.Base64.decode(msg.firstChild.nodeValue);
var ch = {
realm: "",
nonce: "",
qop: "auth",
maxbuf: 65536
};
ch_str.replace(/([a-z]+)=([^,]+)/g, function(t,k,v){
v = v.replace(/^"(.+)"$/, "$1");
ch[k] = v;
});
var A2_append = '';
switch(ch.qop){
case 'auth-int':
case 'auth-conf':
A2_append = ':00000000000000000000000000000000';
case 'auth':
break;
default:
return false;
}
var cnonce = dxed.MD5(Math.random() * 1234567890, dxedo.Hex);
var digest_uri = 'xmpp/' + this.session.domain;
var username = this.session.jid;
var index = this.session.jid.indexOf('@');
if (index != -1){
username = this.session.jid.substring(0, index);
}
username = dojox.xmpp.util.encodeJid(username);
var A1 = new dojox.string.Builder();
A1.append(H(username + ':' + ch.realm + ':' + this.session.password),
':', ch.nonce + ':' + cnonce);
delete this.session.password;
var A2_rspauth = ':' + digest_uri + A2_append;
var A2 = 'AUTHENTICATE' + A2_rspauth;
var response_value = new dojox.string.Builder();
response_value.append(HEX(A1.toString()), ':', ch.nonce, ':00000001:', cnonce, ':',
ch.qop, ':')
var ret = new dojox.string.Builder();
ret.append('username="', username, '",',
'realm="', ch.realm, '",',
'nonce=', ch.nonce, ',',
'cnonce="', cnonce, '",',
'nc="00000001",qop="', ch.qop, '",digest-uri="', digest_uri, '",',
'response="', HEX(response_value.toString() + HEX(A2)), '",charset="utf-8"');
var response = new dojox.string.Builder(dojox.xmpp.util.createElement("response", {
xmlns: dojox.xmpp.xmpp.SASL_NS
}, false));
response.append(dojox.xmpp.util.Base64.encode(ret.toString()));
response.append('');
this.rspauth = HEX(response_value.toString() + HEX(A2_rspauth));
this.session.dispatchPacket(response.toString());