Integrated .NET solution

[lightbringor]

Hey,

on your blog you asked for information if someone finds a default way to do this.

I got the digest authentication working for an IoT device on .NET 6 just with this little code:

using System.Net;

var handler = new HttpClientHandler(){
 Credentials = new NetworkCredential("user", "pw")
};
var httpClient = new HttpClient(handler);

var response = await httpClient.GetAsync("http://my.url");
response.EnsureSuccessStatusCode();

Seems the framework does automatically detect the authentication method from the initial 401 response and then performs the hashing stuff and so on.

[CallumHoughton18]

Hey,

on your blog you asked for information if someone finds a default way to do this.

I got the digest authentication working for an IoT device on .NET 6 just with this little code:

using System.Net;

var handler = new HttpClientHandler(){
 Credentials = new NetworkCredential("user", "pw")
};
var httpClient = new HttpClient(handler);

var response = await httpClient.GetAsync("http://my.url");
response.EnsureSuccessStatusCode();

Seems the framework does automatically detect the authentication method from the initial 401 response and then performs the hashing stuff and so on.

Thats great! I'll test it with .NET 6 and update the blog post and the projects README.md to point out it out. Should save people the hassle of doing it manually if they're on the latest .NET version :)

[EENZEE]

Any ideas on what do you do with the realm? I have been provided with a realm.

[CallumHoughton18]

Any ideas on what do you do with the realm? I have been provided with a realm.

The realm kind of tells you the protection scope of the resource you're accessing (usually it's retrieved from the www-authenticate header`on the initial request). You can use the realm to generate the Digest authentication header required for the second request similar to what's done in HttpClientExtensions.cs. The actual header generation looks like:

            var headerString =
                $"Digest username=\"{digest.Username}\", realm=\"{digest.Realm}\", nonce=\"{digest.Nonce}\", uri=\"{digestUri}\", " +
                $"algorithm=MD5, qop={digest.QualityOfProtection}, nc={digest.NonceCount:00000000}, cnonce=\"{digest.ClientNonce}\", " +
                $"response=\"{digestResponse}\", opaque=\"{digest.Opaque}\"";

[Val9000]

Did anyone of you find a way to work with IHttpClientFactory since this way we have to create a new HttpClient every single time.
Doing it in the startup.cs file is also not an option. Since you sometimes do not know the credentials before compiling.

[CallumHoughton18]

Did anyone of you find a way to work with IHttpClientFactory since this way we have to create a new HttpClient every single time.
Doing it in the startup.cs file is also not an option. Since you sometimes do not know the credentials before compiling.

If you’re referring to the way done in this repository you should just be able to use the extension method on the HttpClient instance that’s injected into your service (I think). If you give a code example of what isn’t working for you I’ll try and find the time to take a look :)

[YuriyNev]

Thank you really works in .NET 6 (probably even works in earlier versions).

[YuriyNev]

Thank you, @CallumHoughton18, your extension helped a lot at the time!

[CallumHoughton18]

Thank you, @CallumHoughton18, your extension helped a lot at the time!

You’re welcome @YuriyNev :)

[rickdgray]

This worked great! Thanks for the info!

[CallumHoughton18]

This worked great! Thanks for the info!

No problem - glad it was helpful :)