Digest auth new #2098
Digest auth new #2098
Conversation
|
I'll have a look on the weekend. :) |
pratt4
force-pushed
the
digest-auth-new
branch
2 times, most recently
from
db10c8e to
735ab1c
Compare
|
I think only the |
|
Thanks @hyperxpro for pointing that out! I’ve started implementing auth-int |
|
things to do
|
|
@hyperxpro i have fews questions it would be helpfull if you answer them 1)in Proxy auth is auth-int relevant? because as far as i know proxies happen before getting body Thanks! |
| * @return 2×length lower-case hex string | ||
| * @throws IllegalArgumentException if {@code bytes} is null | ||
| */ | ||
| public static String bytesToHex(byte[] bytes) { |
There was a problem hiding this comment.
need to optimize this
|
Thanks. I will try to review it ASAP. |
|
Hi @hyperxpro Thanks! |
|
@pratt4 Sorry, I was behind schedule. Let me take this up now. |
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
|
|
||
| MessageDigest md = MessageDigestUtils.pooledMessageDigest(hashAlgorithm); | ||
| try { | ||
| md.update(responseInput.getBytes(StandardCharsets.ISO_8859_1)); |
There was a problem hiding this comment.
We can reference wireCharset.
| md.update(responseInput.getBytes(StandardCharsets.ISO_8859_1)); | ||
| return MessageDigestUtils.bytesToHex(md.digest()); | ||
| } finally { | ||
| md.reset(); |
There was a problem hiding this comment.
We don't need to reset MessageDigest since we will return the hash and it won't be reused anymore.
| // For -sess: HA1 = H(H(username:realm:password):nonce:cnonce) | ||
| String sessInput = ha1 + ":" + realm.getNonce() + ":" + realm.getCnonce(); | ||
| md.reset(); | ||
| md.update(sessInput.getBytes(StandardCharsets.ISO_8859_1)); |
|
|
||
| return ha1; | ||
| } finally { | ||
| md.reset(); |
| md.update(bb); | ||
| return MessageDigestUtils.bytesToHex(md.digest()); | ||
| } finally { | ||
| md.reset(); |
| md.update(request.getStringData().getBytes(charset)); | ||
| return MessageDigestUtils.bytesToHex(md.digest()); | ||
| } finally { | ||
| md.reset(); |
|
|
||
| return MessageDigestUtils.bytesToHex(md.digest()); | ||
| } finally { | ||
| md.reset(); |
| md.update(request.getByteData()); | ||
| return MessageDigestUtils.bytesToHex(md.digest()); | ||
| } finally { | ||
| md.reset(); |
| throw new RuntimeException("Failed to hash request body", ioe); | ||
| } finally { | ||
| try { | ||
| md.reset(); |
| return MessageDigestUtils.bytesToHex(md.digest()); | ||
|
|
||
| } catch (IOException ioe) { | ||
| throw new RuntimeException("Failed to hash request body", ioe); |
There was a problem hiding this comment.
This should be IOException not RuntimeException, because it is caused by an IO operation.
| md.update(bytes); | ||
| return MessageDigestUtils.bytesToHex(md.digest()); | ||
| } catch (IOException ioe) { | ||
| throw new RuntimeException("Failed to read file for auth-int hash", ioe); |
There was a problem hiding this comment.
This should be IOException not RuntimeException, because it is caused by an IO operation.
|
@pratt4 I will merge this into another branch where I will test it with the actual server implementation and see how it behaves before finally pushing to the main branch. It also requires some code formatting. Overall, great work! Thanks a lot :) |
|
@hyperxpro thanks for the review! I’m happy to fix the formatting issues myself if you can point them out along with the suggested changes and about testing in another branch.... i was just curious, Also, the improvements which I mentioned earlier in the previous comments for that i will create a separate PR, |
|
It won't be a zombie one; it will ship with the next release, but I need to test it. We don't have "SNAPSHOT" maven for this, so merging to a test branch is the only option before confirming full compliance with other implementations. |
This is build on top of #2089
and still some changes are required around new testcases and failing testcases
closes #2068