You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Yves Piel (Jira)" <ji...@apache.org> on 2022/08/10 05:41:00 UTC
[jira] [Created] (CXF-8747) Digest authentication - support of qop="auth-int"
Yves Piel created CXF-8747:
------------------------------
Summary: Digest authentication - support of qop="auth-int"
Key: CXF-8747
URL: https://issues.apache.org/jira/browse/CXF-8747
Project: CXF
Issue Type: New Feature
Reporter: Yves Piel
Digest authentication has a parameter qop that can take 2 value 'auth' or 'auth-int': [https://www.rfc-editor.org/rfc/rfc7616.html]
It seems cxf only support 'auth'. We can try with [https://httpbin.org/#/Auth/get_digest_auth__qop___user___passwd___algorithm_]
{noformat}
@ParameterizedTest
@CsvSource({"auth,MD5",
"auth,SHA-256",
"auth,SHA-512",
"auth-int,MD5",
"auth-int,SHA-256",
"auth-int,SHA-512",})
public void digest(String qop, String algo){
String myUser = "myUser";
String myPassword = "myPassword";
WebClient client = WebClient.create("https://httpbin.org/digest-auth/")
.path("{qop}/{user}/{passwd}/{algorithm}", qop, myUser, myPassword, algo);
HTTPConduit httpConduit = WebClient.getConfig(client).getHttpConduit();
AuthorizationPolicy digestAuthPolicy = new AuthorizationPolicy();
digestAuthPolicy.setUserName(myUser);
digestAuthPolicy.setPassword(myPassword);
digestAuthPolicy.setAuthorizationType(HttpAuthHeader.AUTH_TYPE_DIGEST);
httpConduit.setAuthorization(digestAuthPolicy);
Response response = client.invoke("GET", null);
System.out.println(String.format("qop=%s, algo=%s => status: %s", qop, algo, response.getStatus())); // is 200 OK
}
{noformat}
That generates this output:
{noformat}
qop=auth, algo=MD5 => status: 200
qop=auth, algo=SHA-256 => status: 200
qop=auth, algo=SHA-512 => status: 200
qop=auth-int, algo=MD5 => status: 401
qop=auth-int, algo=SHA-256 => status: 401
qop=auth-int, algo=SHA-512 => status: 401
{noformat}
It could be great to support it.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)