digest-fetch
Advanced tools
Comparing version 0.2.2 to 1.0.0
@@ -5,2 +5,3 @@ const canRequire = typeof(require) == 'function' | ||
const cryptojs = require('crypto-js') | ||
const base64 = require('base-64') | ||
@@ -29,9 +30,11 @@ const supported_algorithms = ['MD5', 'MD5-sess'] | ||
this.statusCode = options.statusCode || 401 | ||
this.basic = options.basic || false | ||
} | ||
async fetch (url, options={}) { | ||
if (this.basic) return fetch(url, this.addBasicAuth(options)) | ||
const resp = await fetch(url, this.addAuth(url, options)) | ||
if (resp.status == this.statusCode) { | ||
this.hasAuth = false | ||
await this.parseAuth(resp) | ||
await this.parseAuth(resp.headers.get('www-authenticate')) | ||
if (this.hasAuth) { | ||
@@ -50,2 +53,18 @@ const respFinal = await fetch(url, this.addAuth(url, options)) | ||
addBasicAuth (options={}) { | ||
let _options = {} | ||
if (typeof(options.factory) == 'function') { | ||
_options = options.factory() | ||
} else { | ||
_options = options | ||
} | ||
const auth = 'Basic ' + base64.encode(this.user + ":" + this.password) | ||
_options.headers = _options.headers || {} | ||
_options.headers.Authorization = auth | ||
if (this.logger) this.logger.debug(options) | ||
return _options | ||
} | ||
addAuth (url, options) { | ||
@@ -96,4 +115,3 @@ if (typeof(options.factory) == 'function') options = options.factory() | ||
async parseAuth (data) { | ||
const h = data.headers.get('www-authenticate') | ||
async parseAuth (h) { | ||
this.lastAuth = h | ||
@@ -100,0 +118,0 @@ |
{ | ||
"name": "digest-fetch", | ||
"version": "0.2.2", | ||
"version": "1.0.0", | ||
"description": "digest auth request plugin for fetch/node-fetch", | ||
@@ -8,3 +8,3 @@ "main": "digest-fetch-src.js", | ||
"lint": "eslint --plugin markdown --ext js,md .", | ||
"test": "mocha --check-leaks --bail --no-exit --reporter spec test/", | ||
"test": "mocha --check-leaks --bail --no-exit --reporter spec test/digest-*", | ||
"test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --check-leaks --no-exit --reporter dot test/", | ||
@@ -18,3 +18,6 @@ "test-travis": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --check-leaks --no-exit --reporter spec test/", | ||
"fetch", | ||
"node-feth" | ||
"node-feth", | ||
"http", | ||
"basic", | ||
"authentication" | ||
], | ||
@@ -39,8 +42,14 @@ "author": "stefanliu@outlook.com", | ||
"webpack": "^4.26.1", | ||
"webpack-cli": "^3.1.2" | ||
"webpack-cli": "^3.1.2", | ||
"express": "^4.17.1", | ||
"passport": "^0.4.0", | ||
"chai": "^4.2.0", | ||
"chai-http": "^4.3.0", | ||
"passport-http": "^0.3.0" | ||
}, | ||
"homepage": "https://github.com/devfans/digest-fetch#readme", | ||
"dependencies": { | ||
"base-64": "^0.1.0", | ||
"crypto-js": "^3.1.9-1" | ||
} | ||
} |
@@ -9,3 +9,3 @@ # digest-fetch | ||
digest auth request plugin for fetch/node-fetch. | ||
digest auth request plugin for fetch/node-fetch, supports http basic authentication as well | ||
@@ -39,3 +39,5 @@ ## Installation | ||
// https://stackoverflow.com/questions/9859627/how-to-prevent-browser-to-invoke-basic-auth-popup-and-handle-401-error-using-jqu | ||
statusCode: 401 // default 401 | ||
statusCode: 401, // default 401 | ||
basic: false // we support http basic authentication as well, enable it here if you want, default: false | ||
} | ||
@@ -45,2 +47,4 @@ | ||
const basic_auth_client = DigestFetch('user', 'password', { basic: true }) | ||
``` | ||
@@ -70,2 +74,8 @@ | ||
## About | ||
Digest authentication: https://en.wikipedia.org/wiki/Digest_access_authentication | ||
This plugin is implemented following RFC2069 and RFC2617, supports http basic authentication as well! | ||
Please open issues if you find bugs and meet problems during using this plugin. | ||
@@ -72,0 +82,0 @@ |
@@ -15,3 +15,3 @@ process.env.NO_DEPRECATION = 'digest-fetch'; | ||
assert.equal(typeof client.fetch, 'function') | ||
client.parseAuth({headers: { get() {} }}) | ||
client.parseAuth('') | ||
client.addAuth('', {headers: {}}) | ||
@@ -18,0 +18,0 @@ assert.equal(client.digest.nc, 0) |
Sorry, the diff of this file is too big to display
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
246986
24
1278
0
89
2
17
4
4
+ Addedbase-64@^0.1.0
+ Addedbase-64@0.1.0(transitive)