Created
May 22, 2018 01:17
-
-
Save jbruni/8239af17fbc9e541900b2ca55759547d to your computer and use it in GitHub Desktop.
Digest Authentication for perry-mitchell/webdav-client
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Provide digestFetch function | |
| */ | |
| const crypto = require('crypto'); | |
| const nodeFetch = require('node-fetch'); | |
| const mergeOptions = require('merge-options'); | |
| const cnonceSize = 32; | |
| const nonceRaw = 'abcdef0123456789'; | |
| function makeNonce () { | |
| let uid = ''; | |
| for (let i = 0; i < cnonceSize; ++i) { | |
| uid += nonceRaw[Math.floor(Math.random() * nonceRaw.length)]; | |
| } | |
| return uid; | |
| } | |
| function md5(data) { | |
| return crypto.createHash('md5').update(data).digest('hex'); | |
| } | |
| function ha1Compute(algorithm, user, realm, pass, nonce, cnonce) { | |
| const ha1 = md5(`${user}:${realm}:${pass}`); | |
| if (algorithm && algorithm.toLowerCase() === 'md5-sess') { | |
| return md5(`${ha1}:${nonce}:${cnonce}`); | |
| } else { | |
| return ha1; | |
| } | |
| } | |
| function digestFetch(username, password) { | |
| const digest = { nc: 0, algorithm: 'md5' }; | |
| let hasAuth = false; | |
| function parseAuth (response) { | |
| const authHeader = response.headers.get('www-authenticate'); | |
| if (authHeader.split(/\s/)[0].toLowerCase() !== 'digest') { | |
| return false; | |
| } | |
| const re = /([a-z0-9_-]+)=(?:"([^"]+)"|([a-z0-9_-]+))/gi; | |
| for (;;) { | |
| var match = re.exec(authHeader); | |
| if (!match) { | |
| break; | |
| } | |
| digest[match[1]] = match[2] || match[3]; | |
| } | |
| digest.nc++; | |
| digest.cnonce = makeNonce(); | |
| return true; | |
| } | |
| function addAuth (url, options) { | |
| if (!hasAuth) { | |
| return options; | |
| } | |
| const _url = url.replace('//', ''); | |
| const uri = _url.indexOf('/') == -1 ? '/' : _url.slice(_url.indexOf('/')); | |
| const method = options.method ? options.method.toUpperCase() : 'GET'; | |
| const qop = /(^|,)\s*auth\s*($|,)/.test(digest.qop) && 'auth'; | |
| const ncString = (`00000000${digest.nc}`).slice(-8); | |
| const cnonce = digest.cnonce; | |
| const ha1 = ha1Compute(digest.algorithm, username, digest.realm, password, digest.nonce, digest.cnonce); | |
| const ha2 = md5(`${method}:${uri}`); | |
| const digestResponse = qop | |
| ? md5(`${ha1}:${digest.nonce}:${ncString}:${digest.cnonce}:${qop}:${ha2}`) | |
| : md5(`${ha1}:${digest.nonce}:${ha2}`); | |
| const authValues = { | |
| username, | |
| realm: digest.realm, | |
| nonce: digest.nonce, | |
| uri, | |
| qop, | |
| response: digestResponse, | |
| nc: ncString, | |
| cnonce: digest.cnonce, | |
| algorithm: digest.algorithm, | |
| opaque: digest.opaque | |
| }; | |
| const authHeader = []; | |
| for (var k in authValues) { | |
| if (authValues[k]) { | |
| if (k === 'qop' || k === 'nc' || k === 'algorithm') { | |
| authHeader.push(`${k}=${authValues[k]}`); | |
| } else { | |
| authHeader.push(`${k}="${authValues[k]}"`); | |
| } | |
| } | |
| } | |
| return mergeOptions(options, { headers: { Authorization: 'Digest ' + authHeader.join(', ') } }); | |
| } | |
| return async function fetch (url, options = {}) { | |
| const response = await nodeFetch(url, addAuth(url, options)); | |
| if (response.status == 401) { | |
| hasAuth = parseAuth(response); | |
| if (hasAuth) { | |
| const response2 = await nodeFetch(url, addAuth(url, options)); | |
| if (response2.status == 401) { | |
| hasAuth = false; | |
| } else { | |
| digest.nc++; | |
| } | |
| return response2; | |
| } | |
| } else { | |
| digest.nc++; | |
| } | |
| return response; | |
| } | |
| } | |
| module.exports = digestFetch; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const createClient = require('webdav'); | |
| const digestFetch = require('./digestFetch'); | |
| createClient.setFetchMethod(digestFetch('username', 'password')); | |
| const client = createClient('path'); |
@abhay25vyas - This gist was written five years ago, for the WebDAV client release version from that time. Digest authentication is now built-in the client. This gist is not necessary anymore.
Can you give me code example to get link of uploaded image to webdav
server. I am getting Auth error .
…On Sun, 3 Sep, 2023, 7:26 pm J Bruni, ***@***.***> wrote:
***@***.**** commented on this gist.
------------------------------
@abhay25vyas <https://github.com/abhay25vyas> - This gist was written
five years ago, for the WebDAV client release version from that time.
Digest authentication is now built-in the client. This gist is not
necessary anymore.
—
Reply to this email directly, view it on GitHub
<https://gist.github.com/jbruni/8239af17fbc9e541900b2ca55759547d#gistcomment-4679742>
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AT24RMCO3TQF6VISGPCAWDTXYSEAXBFKMF2HI4TJMJ2XIZLTSKBKK5TBNR2WLJDHNFZXJJDOMFWWLK3UNBZGKYLEL52HS4DFQKSXMYLMOVS2I5DSOVS2I3TBNVS3W5DIOJSWCZC7OBQXE5DJMNUXAYLOORPWCY3UNF3GS5DZVRZXKYTKMVRXIX3UPFYGLK2HNFZXIQ3PNVWWK3TUUZ2G64DJMNZZDAVEOR4XAZNEM5UXG5FFOZQWY5LFVA4DSNRZG42DKOFHORZGSZ3HMVZKMY3SMVQXIZI>
.
You are receiving this email because you were mentioned.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>
.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am getting error "createClient.setFetchMethod" is not a function