New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@koush/axios-digest-auth
Advanced tools
@koush/axios-digest-auth - npm Package Compare versions
to
0.8.1
@@ -6,2 +6,5 @@ "use strict"; | ||
| const axios = require("axios"); | ||
| const authHeader = require("auth-header"); | ||
| // from auth-header, but not exposed | ||
| const quote = (str) => `"${str.replace(/"/g, '\\"')}"`; | ||
| class AxiosDigestAuth { | ||
@@ -25,8 +28,12 @@ constructor({ axios: axiosInst, password, username }) { | ||
| } | ||
| const authDetails = resp1.response.headers['www-authenticate'].split(',').map((v) => v.split('=')); | ||
| // const authDetails = resp1.response.headers['www-authenticate'].split(',').map((v: string) => v.split('=')); | ||
| const wwwAuthenticate = resp1.response.headers['www-authenticate']; | ||
| const parsedAuthorization = authHeader.parse(wwwAuthenticate); | ||
| ++this.count; | ||
| const nonceCount = ('00000000' + this.count).slice(-8); | ||
| const cnonce = crypto.randomBytes(24).toString('hex'); | ||
| const realm = authDetails.find((el) => el[0].toLowerCase().indexOf("realm") > -1)[1].replace(/"/g, ''); | ||
| const nonce = authDetails.find((el) => el[0].toLowerCase().indexOf("nonce") > -1)[1].replace(/"/g, ''); | ||
| // const realm = authDetails.find((el: any) => el[0].toLowerCase().indexOf("realm") > -1)[1].replace(/"/g, ''); | ||
| const realm = parsedAuthorization.params['realm']; | ||
| // const nonce = authDetails.find((el: any) => el[0].toLowerCase().indexOf("nonce") > -1)[1].replace(/"/g, ''); | ||
| const nonce = parsedAuthorization.params['nonce']; | ||
| const ha1 = crypto.createHash('md5').update(`${this.username}:${realm}:${this.password}`).digest('hex'); | ||
@@ -36,3 +43,16 @@ const path = url.parse(opts.url).pathname; | ||
| const response = crypto.createHash('md5').update(`${ha1}:${nonce}:${nonceCount}:${cnonce}:auth:${ha2}`).digest('hex'); | ||
| const authorization = `Digest username="${this.username}",realm="${realm}",` + | ||
| const params = { | ||
| username: this.username, | ||
| realm, | ||
| nonce, | ||
| uri: path || '', | ||
| qop: 'auth', | ||
| algorithm: 'MD5', | ||
| response, | ||
| nc: nonceCount, | ||
| cnonce, | ||
| }; | ||
| const paramsString = Object.entries(params).map(([key, value]) => `${key}=${value && quote(value)}`).join(', '); | ||
| const authorization = `Digest ${paramsString}`; | ||
| const authorization2 = `Digest username="${this.username}",realm="${realm}",` + | ||
| `nonce="${nonce}",uri="${path}",qop="auth",algorithm="MD5",` + | ||
@@ -51,2 +71,2 @@ `response="${response}",nc="${nonceCount}",cnonce="${cnonce}"`; | ||
| exports.default = AxiosDigestAuth; | ||
| //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFBQSxpQ0FBaUM7QUFDakMsMkJBQTJCO0FBQzNCLCtCQUErQjtBQWlCL0IsTUFBcUIsZUFBZTtJQU9sQyxZQUFZLEVBQUUsS0FBSyxFQUFFLFNBQVMsRUFBRSxRQUFRLEVBQUUsUUFBUSxFQUF1QjtRQUN2RSxJQUFJLENBQUMsS0FBSyxHQUFHLFNBQVMsQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDO1FBQ25ELElBQUksQ0FBQyxLQUFLLEdBQUcsQ0FBQyxDQUFDO1FBQ2YsSUFBSSxDQUFDLFFBQVEsR0FBRyxRQUFRLENBQUM7UUFDekIsSUFBSSxDQUFDLFFBQVEsR0FBRyxRQUFRLENBQUM7SUFDM0IsQ0FBQztJQUVNLEtBQUssQ0FBQyxPQUFPLENBQUMsSUFBOEI7O1FBQ2pELElBQUk7WUFDRixPQUFPLE1BQU0sSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUM7U0FDdkM7UUFBQyxPQUFPLEtBQUssRUFBRTtZQUNkLElBQUksS0FBSyxDQUFDLFFBQVEsS0FBSyxTQUFTO21CQUN6QixLQUFLLENBQUMsUUFBUSxDQUFDLE1BQU0sS0FBSyxHQUFHO21CQUM3QixDQUFDLENBQUEsTUFBQSxLQUFLLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxrQkFBa0IsQ0FBQywwQ0FBRSxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUEsRUFDbkU7Z0JBQ0EsTUFBTSxLQUFLLENBQUM7YUFDYjtZQUNELE1BQU0sV0FBVyxHQUFHLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLGtCQUFrQixDQUFDLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQVMsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO1lBQzNHLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQztZQUNiLE1BQU0sVUFBVSxHQUFHLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUN2RCxNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUN0RCxNQUFNLEtBQUssR0FBRyxXQUFXLENBQUMsSUFBSSxDQUFDLENBQUMsRUFBTyxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsV0FBVyxFQUFFLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsQ0FBQztZQUM1RyxNQUFNLEtBQUssR0FBRyxXQUFXLENBQUMsSUFBSSxDQUFDLENBQUMsRUFBTyxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsV0FBVyxFQUFFLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsQ0FBQztZQUM1RyxNQUFNLEdBQUcsR0FBRyxNQUFNLENBQUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDLE1BQU0sQ0FBQyxHQUFHLElBQUksQ0FBQyxRQUFRLElBQUksS0FBSyxJQUFJLElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUN4RyxNQUFNLElBQUksR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxHQUFJLENBQUMsQ0FBQyxRQUFRLENBQUM7WUFDM0MsTUFBTSxHQUFHLEdBQUcsTUFBTSxDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxNQUFNLENBQUMsR0FBRyxNQUFBLElBQUksQ0FBQyxNQUFNLG1DQUFJLEtBQUssSUFBSSxJQUFJLEVBQUUsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUM3RixNQUFNLFFBQVEsR0FBRyxNQUFNLENBQUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDLE1BQU0sQ0FBQyxHQUFHLEdBQUcsSUFBSSxLQUFLLElBQUksVUFBVSxJQUFJLE1BQU0sU0FBUyxHQUFHLEVBQUUsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUN0SCxNQUFNLGFBQWEsR0FBRyxvQkFBb0IsSUFBSSxDQUFDLFFBQVEsWUFBWSxLQUFLLElBQUk7Z0JBQzFFLFVBQVUsS0FBSyxVQUFVLElBQUksK0JBQStCO2dCQUM1RCxhQUFhLFFBQVEsU0FBUyxVQUFVLGFBQWEsTUFBTSxHQUFHLENBQUM7WUFDakUsSUFBSSxJQUFJLENBQUMsT0FBTyxFQUFFO2dCQUNoQixJQUFJLENBQUMsT0FBTyxDQUFDLGVBQWUsQ0FBQyxHQUFHLGFBQWEsQ0FBQzthQUMvQztpQkFBTTtnQkFDTCxJQUFJLENBQUMsT0FBTyxHQUFHLEVBQUUsYUFBYSxFQUFFLENBQUM7YUFDbEM7WUFDRCxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO1NBQ2pDO0lBQ0gsQ0FBQztDQUVGO0FBOUNELGtDQThDQyJ9 | ||
| //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFBQSxpQ0FBaUM7QUFDakMsMkJBQTJCO0FBQzNCLCtCQUErQjtBQUMvQiwwQ0FBMEM7QUFFMUMsb0NBQW9DO0FBQ3BDLE1BQU0sS0FBSyxHQUFHLENBQUMsR0FBVyxFQUFVLEVBQUUsQ0FBQyxJQUFJLEdBQUcsQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLEtBQUssQ0FBQyxHQUFHLENBQUM7QUFpQnZFLE1BQXFCLGVBQWU7SUFPbEMsWUFBWSxFQUFFLEtBQUssRUFBRSxTQUFTLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBdUI7UUFDdkUsSUFBSSxDQUFDLEtBQUssR0FBRyxTQUFTLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQztRQUNuRCxJQUFJLENBQUMsS0FBSyxHQUFHLENBQUMsQ0FBQztRQUNmLElBQUksQ0FBQyxRQUFRLEdBQUcsUUFBUSxDQUFDO1FBQ3pCLElBQUksQ0FBQyxRQUFRLEdBQUcsUUFBUSxDQUFDO0lBQzNCLENBQUM7SUFFTSxLQUFLLENBQUMsT0FBTyxDQUFDLElBQThCOztRQUNqRCxJQUFJO1lBQ0YsT0FBTyxNQUFNLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO1NBQ3ZDO1FBQUMsT0FBTyxLQUFVLEVBQUU7WUFDbkIsSUFBSSxLQUFLLENBQUMsUUFBUSxLQUFLLFNBQVM7bUJBQ3pCLEtBQUssQ0FBQyxRQUFRLENBQUMsTUFBTSxLQUFLLEdBQUc7bUJBQzdCLENBQUMsQ0FBQSxNQUFBLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLGtCQUFrQixDQUFDLDBDQUFFLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQSxFQUNuRTtnQkFDQSxNQUFNLEtBQUssQ0FBQzthQUNiO1lBRUQsOEdBQThHO1lBRTlHLE1BQU0sZUFBZSxHQUFHLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLGtCQUFrQixDQUFDLENBQUM7WUFDbkUsTUFBTSxtQkFBbUIsR0FBRyxVQUFVLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxDQUFDO1lBRzlELEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQztZQUNiLE1BQU0sVUFBVSxHQUFHLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUN2RCxNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUV0RCwrR0FBK0c7WUFDL0csTUFBTSxLQUFLLEdBQUcsbUJBQW1CLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBRWxELCtHQUErRztZQUMvRyxNQUFNLEtBQUssR0FBRyxtQkFBbUIsQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLENBQUM7WUFFbEQsTUFBTSxHQUFHLEdBQUcsTUFBTSxDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxNQUFNLENBQUMsR0FBRyxJQUFJLENBQUMsUUFBUSxJQUFJLEtBQUssSUFBSSxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDeEcsTUFBTSxJQUFJLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsR0FBSSxDQUFDLENBQUMsUUFBUSxDQUFDO1lBQzNDLE1BQU0sR0FBRyxHQUFHLE1BQU0sQ0FBQyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUMsTUFBTSxDQUFDLEdBQUcsTUFBQSxJQUFJLENBQUMsTUFBTSxtQ0FBSSxLQUFLLElBQUksSUFBSSxFQUFFLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDN0YsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxNQUFNLENBQUMsR0FBRyxHQUFHLElBQUksS0FBSyxJQUFJLFVBQVUsSUFBSSxNQUFNLFNBQVMsR0FBRyxFQUFFLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7WUFFdEgsTUFBTSxNQUFNLEdBQUc7Z0JBQ2IsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRO2dCQUN2QixLQUFLO2dCQUNMLEtBQUs7Z0JBQ0wsR0FBRyxFQUFFLElBQUksSUFBSSxFQUFFO2dCQUNmLEdBQUcsRUFBRSxNQUFNO2dCQUNYLFNBQVMsRUFBRSxLQUFLO2dCQUNoQixRQUFRO2dCQUNSLEVBQUUsRUFBRSxVQUFVO2dCQUNkLE1BQU07YUFDUCxDQUFDO1lBRUYsTUFBTSxZQUFZLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEdBQUcsRUFBRSxLQUFLLENBQUMsRUFBRSxFQUFFLENBQUUsR0FBRyxHQUFHLElBQUksS0FBSyxJQUFJLEtBQUssQ0FBQyxLQUFlLENBQUMsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQzNILE1BQU0sYUFBYSxHQUFHLFVBQVUsWUFBWSxFQUFFLENBQUM7WUFFL0MsTUFBTSxjQUFjLEdBQUcsb0JBQW9CLElBQUksQ0FBQyxRQUFRLFlBQVksS0FBSyxJQUFJO2dCQUMzRSxVQUFVLEtBQUssVUFBVSxJQUFJLCtCQUErQjtnQkFDNUQsYUFBYSxRQUFRLFNBQVMsVUFBVSxhQUFhLE1BQU0sR0FBRyxDQUFDO1lBQ2pFLElBQUksSUFBSSxDQUFDLE9BQU8sRUFBRTtnQkFDaEIsSUFBSSxDQUFDLE9BQU8sQ0FBQyxlQUFlLENBQUMsR0FBRyxhQUFhLENBQUM7YUFDL0M7aUJBQU07Z0JBQ0wsSUFBSSxDQUFDLE9BQU8sR0FBRyxFQUFFLGFBQWEsRUFBRSxDQUFDO2FBQ2xDO1lBQ0QsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FBQztTQUNqQztJQUNILENBQUM7Q0FFRjtBQXpFRCxrQ0F5RUMifQ== |
| { | ||
| "name": "@koush/axios-digest-auth", | ||
| "description": "axios-like http digest auth", | ||
| "version": "0.7.2", | ||
| "version": "0.8.1", | ||
| "homepage": "https://github.com/mhoc/axios-digest-auth", | ||
@@ -14,5 +14,7 @@ "license": "MIT", | ||
| "dependencies": { | ||
| "auth-header": "^1.0.0", | ||
| "axios": "0.21.1" | ||
| }, | ||
| "devDependencies": { | ||
| "@types/auth-header": "^1.0.2", | ||
| "@types/node": "16.4.6", | ||
@@ -19,0 +21,0 @@ "mocha": "9.0.3", |
| import * as crypto from "crypto"; | ||
| import * as url from "url"; | ||
| import * as axios from "axios"; | ||
| import * as authHeader from 'auth-header'; | ||
| // from auth-header, but not exposed | ||
| const quote = (str: string): string => `"${str.replace(/"/g, '\\"')}"`; | ||
| /** | ||
@@ -37,3 +41,3 @@ * Options to configure the AxiosDigestAuth instance. | ||
| return await this.axios.request(opts); | ||
| } catch (resp1) { | ||
| } catch (resp1: any) { | ||
| if (resp1.response === undefined | ||
@@ -45,8 +49,19 @@ || resp1.response.status !== 401 | ||
| } | ||
| const authDetails = resp1.response.headers['www-authenticate'].split(',').map((v: string) => v.split('=')); | ||
| // const authDetails = resp1.response.headers['www-authenticate'].split(',').map((v: string) => v.split('=')); | ||
| const wwwAuthenticate = resp1.response.headers['www-authenticate']; | ||
| const parsedAuthorization = authHeader.parse(wwwAuthenticate); | ||
| ++this.count; | ||
| const nonceCount = ('00000000' + this.count).slice(-8); | ||
| const cnonce = crypto.randomBytes(24).toString('hex'); | ||
| const realm = authDetails.find((el: any) => el[0].toLowerCase().indexOf("realm") > -1)[1].replace(/"/g, ''); | ||
| const nonce = authDetails.find((el: any) => el[0].toLowerCase().indexOf("nonce") > -1)[1].replace(/"/g, ''); | ||
| // const realm = authDetails.find((el: any) => el[0].toLowerCase().indexOf("realm") > -1)[1].replace(/"/g, ''); | ||
| const realm = parsedAuthorization.params['realm']; | ||
| // const nonce = authDetails.find((el: any) => el[0].toLowerCase().indexOf("nonce") > -1)[1].replace(/"/g, ''); | ||
| const nonce = parsedAuthorization.params['nonce']; | ||
| const ha1 = crypto.createHash('md5').update(`${this.username}:${realm}:${this.password}`).digest('hex'); | ||
@@ -56,5 +71,18 @@ const path = url.parse(opts.url!).pathname; | ||
| const response = crypto.createHash('md5').update(`${ha1}:${nonce}:${nonceCount}:${cnonce}:auth:${ha2}`).digest('hex'); | ||
| const authorization = `Digest username="${this.username}",realm="${realm}",` + | ||
| `nonce="${nonce}",uri="${path}",qop="auth",algorithm="MD5",` + | ||
| `response="${response}",nc="${nonceCount}",cnonce="${cnonce}"`; | ||
| const params = { | ||
| username: this.username, | ||
| realm, | ||
| nonce, | ||
| uri: path || '', | ||
| qop: 'auth', | ||
| algorithm: 'MD5', | ||
| response, | ||
| nc: nonceCount, | ||
| cnonce, | ||
| }; | ||
| const paramsString = Object.entries(params).map(([key, value]) => `${key}=${value && quote(value as string)}`).join(', '); | ||
| const authorization = `Digest ${paramsString}`; | ||
| if (opts.headers) { | ||
@@ -61,0 +89,0 @@ opts.headers["authorization"] = authorization; |
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
31539
7.68%- Lines of code
208
21.64%Worsened metrics
- Dependency count
2
100%- Dev dependency count
4
33.33%