finally fixed the digest auth; the real issue was lack of a cookie, which apparently httpbin needs

2025-12-05 00:02:12 -05:00 · 2018-01-05 23:04:53 +00:00 · 2018-01-05 23:04:53 +00:00 · ad1ff620b0
commit ad1ff620b0
parent 0821b13ba9
2 changed files with 13 additions and 31 deletions
--- a/lib/httpx/plugins/digest_authentication.rb
+++ b/lib/httpx/plugins/digest_authentication.rb
@ -72,6 +72,7 @@ module HTTPX
          # TODO: assert if auth-type is Digest
          auth_info = www[/^(\w+) (.*)/, 2]

+          uri = request.path

          params = Hash[ auth_info.scan(/(\w+)="(.*?)"/) ]

@ -112,43 +113,24 @@ module HTTPX
          end

          ha1 = algorithm.hexdigest(a1)
-          ha2 = algorithm.hexdigest("#{method}:#{request.path}")
-
+          ha2 = algorithm.hexdigest("#{method}:#{uri}")
          request_digest = [ha1, nonce]
          request_digest.push(nc, cnonce, qop) if qop
          request_digest << ha2
          request_digest = request_digest.join(":")

          header = [
-            "username=\"#{user}\"",
-            "response=\"#{algorithm.hexdigest(request_digest)}\"",
-            "uri=\"#{request.path}\"",
-            "nonce=\"#{nonce}\""
+            %[username="#{user}"],
+            %[nonce="#{nonce}"],
+            %[uri="#{uri}"],
+            %[response="#{algorithm.hexdigest(request_digest)}"]
          ]
-          header << "realm=\"#{params["realm"]}\"" if params.key?("realm")
-          header << "opaque=\"#{params["opaque"]}\"" if params.key?("opaque")
-          header << "algorithm=#{params["algorithm"]}" if params.key?("algorithm")
-          header << "cnonce=#{cnonce}" if cnonce
-          header << "nc=#{nc}"
-          header << "qop=#{qop}" if qop
-  #          
-  #          if qop.nil? then
-  #          elsif iis then
-  #            "qop=\"#{qop}\""
-  #          else
-  #            "qop=#{qop}"
-  #          end,
-  #          if qop then
-  #            [
-  #              "nc=#{"%08x" % nonce}",
-  #              "cnonce=\"#{cnonce}\"",
-  #            ]
-  #          end,
-  #          if params.key?("opaque") then
-  #            "opaque=\"#{params["opaque"]}\""
-  #          end
-  #        ].compact
-
+          header << %[realm="#{params["realm"]}"] if params.key?("realm")
+          header << %[algorithm=#{params["algorithm"]}"] if params.key?("algorithm")
+          header << %[opaque="#{params["opaque"]}"] if params.key?("opaque")
+          header << %[cnonce="#{cnonce}"] if cnonce
+          header << %[nc=#{nc}]
+          header << %[qop=#{qop}] if qop
          header.join ", "
        end

--- a/test/support/requests/plugins/authentication.rb
+++ b/test/support/requests/plugins/authentication.rb
@ -20,7 +20,7 @@ module Requests
      end

      def test_plugin_digest_authentication
-        client = HTTPX.plugin(:digest_authentication)
+        client = HTTPX.plugin(:digest_authentication).headers("cookie" => "fake=fake_value")
        response = client.digest_authentication(user, pass).get(digest_auth_uri)
        verify_status(response.status, 200)
        body = json_body(response)