Digest Authentication header generator. Takes the www-authenticate header response and returns the Digest... header as a string.
- In your project, install via
npm install indigestion
- Import
indigestion
import indigestion = require("indigestion");
- Pass in the appropriate information to the
generateDigestAuth()function
const digest = indigestion.generateDigestAuth({
authenticateHeader: `Digest qop="auth-int", realm="realm", nonce="nonce"`,
username: "username",
password: "password",
uri: "uri"
method: "method",
cnonce: "cnonce", //optional
nc: "nc", //optional
entityBody: "entityBody" //optional
})
- If
cnonceis not provided, it will default to"". - If
nc(nonce count) is not provided, it will default to"00000000".- If
ncis provided, the returnedncwill be the providednc+ 1 (in hexadecimal)
- If
- If using
qop=auth-int,entityBodyis not optional
- If the nonce count is needed for subsequent calls, use the
findNonceCount()function to easily parse the information
const nc = indigestion.findNonceCount(`Digest username="username" realm="realm" nonce="ce16c4a1092c8152f673edab4e56cbdc" uri="/uri" algorithm="MD5" qop=auth-int nc=1234ABCD cnonce="" response=04f863229e7ea0b17120ab0ef97e4649`);
The above will return 1234ABCD.
- What is the purpose of this library?
- This library will return a digest authentication header. Simply pass in the required information, including the
www-authenticateresponse header from the initial 401 response.
- This library will return a digest authentication header. Simply pass in the required information, including the
- Why not use an existing Digest Authentication library?
- This library is for use cases not covered by existing libraries, such as
axios-digest,digest-fetchornode-digest-auth-client, where you want to control the request being sent and just need to be able to pass in the auth header. - What would that look like? Using
axios, something like this...
- This library is for use cases not covered by existing libraries, such as
import axios = require("axios");
import indigestion = require("indigestion);
return new Promise((resolve, reject) => {
axios
.get("http://www.test.com/test")
.then(result => {
resolve(result);
})
.catch(error => {
if (error.response.status !== 401) reject(error);
else {
// If we get a 401 response, we know we have to generate a header.
// Pull the `www-authenticate` header from the response headers
const authenticateHeader = error.response.headers["www-authenticate"];
// Pass in required information to indigestion, which returns the auth string
const authorization = indigestion.generateDigestAuth({
authenticateHeader,
username: "username",
password: "password",
uri: "/test"
method: "GET"
})
// Try the GET again, this time with the Authorization header specified.
axios
.get("http://www.test.com/test", { headers: {Authorization: authorization}})
.then(result => {
resolve(result);
})
.catch(error => {
reject(error);
})
}
});
});
- I found an issue with the library or have a suggestion to improve the library.
- Please raise an issue or suggestion on the github. Or, if you feel so inclined, create a PR to fix the problem or implement the suggestion.
- Why does this library require node v12.0.0 or above?
- The
String.prototype.matchAll()functionality used requires node v12.0.0 and above.
- The
- I've only been able to do extensive testing with real devices for the case where:
qop=authopaqueis insignificant and NOT provided by thewww-authenticateheadercnonceis insignificant and NOT provided by thewww-authenticateheaderalgorithmis not specified inwww-authenticateheader, somd5is defaulted
- This means I've been unable to test:
qop=auth-intorqopis not provided bywww-authenticateheaderopaqueis significant and provided bywww-authenticateheadercnonceis signficant and provided bywww-authenticateheaderalgorithmis specified asmd5ormd5-sess