Digest Authentication header generator. Takes the www-authenticate
header response and returns the Digest...
header as a string.
- In your project, install via
npm install indigestion
- Import
indigestion
import indigestion = require("indigestion");
- Pass in the appropriate information to the
generateDigestAuth()
function
const digest = indigestion.generateDigestAuth({
authenticateHeader: `Digest qop="auth-int", realm="realm", nonce="nonce"`,
username: "username",
password: "password",
uri: "uri"
method: "method",
cnonce: "cnonce", //optional
nc: "nc", //optional
entityBody: "entityBody" //optional
})
- If
cnonce
is not provided, it will default to""
. - If
nc
(nonce count) is not provided, it will default to"00000000"
.- If
nc
is provided, the returnednc
will be the providednc
+ 1 (in hexadecimal)
- If
- If using
qop=auth-int
,entityBody
is not optional
- If the nonce count is needed for subsequent calls, use the
findNonceCount()
function to easily parse the information
const nc = indigestion.findNonceCount(`Digest username="username" realm="realm" nonce="ce16c4a1092c8152f673edab4e56cbdc" uri="/uri" algorithm="MD5" qop=auth-int nc=1234ABCD cnonce="" response=04f863229e7ea0b17120ab0ef97e4649`);
The above will return 1234ABCD
.
- What is the purpose of this library?
- This library will return a digest authentication header. Simply pass in the required information, including the
www-authenticate
response header from the initial 401 response.
- This library will return a digest authentication header. Simply pass in the required information, including the
- Why not use an existing Digest Authentication library?
- This library is for use cases not covered by existing libraries, such as
axios-digest
,digest-fetch
ornode-digest-auth-client
, where you want to control the request being sent and just need to be able to pass in the auth header. - What would that look like? Using
axios
, something like this...
- This library is for use cases not covered by existing libraries, such as
import axios = require("axios");
import indigestion = require("indigestion);
return new Promise((resolve, reject) => {
axios
.get("http://www.test.com/test")
.then(result => {
resolve(result);
})
.catch(error => {
if (error.response.status !== 401) reject(error);
else {
// If we get a 401 response, we know we have to generate a header.
// Pull the `www-authenticate` header from the response headers
const authenticateHeader = error.response.headers["www-authenticate"];
// Pass in required information to indigestion, which returns the auth string
const authorization = indigestion.generateDigestAuth({
authenticateHeader,
username: "username",
password: "password",
uri: "/test"
method: "GET"
})
// Try the GET again, this time with the Authorization header specified.
axios
.get("http://www.test.com/test", { headers: {Authorization: authorization}})
.then(result => {
resolve(result);
})
.catch(error => {
reject(error);
})
}
});
});
- I found an issue with the library or have a suggestion to improve the library.
- Please raise an issue or suggestion on the github. Or, if you feel so inclined, create a PR to fix the problem or implement the suggestion.
- Why does this library require node v12.0.0 or above?
- The
String.prototype.matchAll()
functionality used requires node v12.0.0 and above.
- The
- I've only been able to do extensive testing with real devices for the case where:
qop=auth
opaque
is insignificant and NOT provided by thewww-authenticate
headercnonce
is insignificant and NOT provided by thewww-authenticate
headeralgorithm
is not specified inwww-authenticate
header, somd5
is defaulted
- This means I've been unable to test:
qop=auth-int
orqop
is not provided bywww-authenticate
headeropaque
is significant and provided bywww-authenticate
headercnonce
is signficant and provided bywww-authenticate
headeralgorithm
is specified asmd5
ormd5-sess