Digest authentication?

Question

Digest authentication?

Opened this issue 9 years ago · 4 comments

Is it possible to add support for digest auth in node-scoped-http-client please?

(This is for use with Hubot - I'm hoping to use it with a HTTP API endpoint that needs Digest auth).

Answer 1 · 2015-06-05T06:30:59.000Z

Is it possible to add support for digest auth in node-scoped-http-client

Currently only basic authentication is supported, for digest support to be added you’d have to first issue the request and then parse the response from the server to capture the nonce value and issue the request again with the appropriate Authorization header.

If you were to try and implement this I’d look for a package that already implements it on npm.js and read the RFC for guidance.

Though, if you control the server in this case I might look to employ an HMAC based scheme instead.

Answer 2 · 2015-06-05T13:55:55.000Z

For reference https://github.com/technoweenie/node-scoped-http-client/blob/master/src/index.coffee#L39-L40 is where the authorization header gets built.

Answer 3 · 2015-06-05T13:56:21.000Z

This is for use with Hubot

cc hubotio/hubot#957

Answer 4 · 2016-02-01T03:52:08.000Z

👍 for supporting this. We shell out to curl instead of using this library in hubot.