What is digest-fetch?
The digest-fetch npm package is a library that provides HTTP Digest Access Authentication for making HTTP requests. It is particularly useful for interacting with APIs that require digest authentication, which is a more secure method compared to basic authentication.
What are digest-fetch's main functionalities?
Basic Usage
This feature demonstrates how to create a DigestFetch client with a username and password, and make a simple authenticated GET request.
const DigestFetch = require('digest-fetch');
const client = new DigestFetch('username', 'password');
client.fetch('http://httpbin.org/digest-auth/auth/user/pass').then(response => response.json()).then(data => console.log(data));
Custom Headers
This feature shows how to add custom headers to the request. The headers are specified in the options object passed to the fetch method.
const DigestFetch = require('digest-fetch');
const client = new DigestFetch('username', 'password');
const options = {
headers: {
'Custom-Header': 'CustomValue'
}
};
client.fetch('http://httpbin.org/digest-auth/auth/user/pass', options).then(response => response.json()).then(data => console.log(data));
POST Request
This feature demonstrates how to make a POST request with a JSON body. The method and body are specified in the options object passed to the fetch method.
const DigestFetch = require('digest-fetch');
const client = new DigestFetch('username', 'password');
const options = {
method: 'POST',
body: JSON.stringify({ key: 'value' }),
headers: {
'Content-Type': 'application/json'
}
};
client.fetch('http://httpbin.org/digest-auth/auth/user/pass', options).then(response => response.json()).then(data => console.log(data));
Other packages similar to digest-fetch
axios
Axios is a popular HTTP client for Node.js and the browser. While it does not natively support digest authentication, it can be extended with custom interceptors to handle digest authentication. Axios is more versatile and widely used compared to digest-fetch.
node-fetch
Node-fetch is a lightweight module that brings window.fetch to Node.js. Similar to axios, it does not natively support digest authentication but can be extended with custom logic. Node-fetch is simpler and more lightweight compared to digest-fetch.
request
Request is a comprehensive HTTP client for Node.js that supports various authentication methods, including digest authentication. However, it is now deprecated and not recommended for new projects. Request is more feature-rich but less maintained compared to digest-fetch.
digest-fetch
digest auth request plugin for fetch/node-fetch also supports http basic authentication
Installation
For digest-fetch 3.0.0 or above
npm install digest-fetch@latest node-fetch@latest
For digest-fetch 2.0.3 or below
npm install digest-fetch@v2 node-fetch@v2
Get Started
// Use require for digest-fetch 2.0.3 or below
const DigestClient = require('digest-fetch')
// Use import
import DigestClient from "digest-fetch"
Typescript
For digest-fetch 3.0.0 or above
Since digest-fetch becomes ES module starting 3.0.0, you need to set your project as module to use import.
- Specify
"type": "module"
in your package.json - Specify
--esm
for ts-node like npx ts-node --esm src/index.ts
- Specify
"module": "ESNext", "moduleResolution": "node"
in your tsconfig.json
// Install dependencies
npm install digest-fetch@latest node-fetch@latest
// Import
import DigestClient from "digest-fetch"
For digest-fetch 2.0.3 or below
// Install dependencies
npm install digest-fetch@v2 node-fetch@v2
// Import
import DigestClient from "digest-fetch"
Http Basic Authentication
Create a client using basic authentication challenge
const client = new DigestClient('user', 'password', { basic: true })
client.fetch(url, options).then(res => res.json).then(console.dir)
Digest Access Authentication
Create a digest authentication request client with default options
const client = new DigestClient('user', 'password')
Specify options for digest authentication
const client = new DigestClient('user', 'password', { algorithm: 'MD5' })
Supported Algorithm
['MD5', 'MD5-sess', 'SHA-256', 'SHA-256-sess', 'SHA-512-256', 'SHA-512-256-sess']
Options fields:
field | type | default | description |
---|
algorithm | string | 'MD5' | algorithm to be used: 'MD5', 'SHA-256', 'SHA-512-256' or with '-sess' |
statusCode | number | 401 | custom alternate authentication failure code for avoiding browser prompt, see details below |
cnonceSize | number | 32 | length of the cnonce |
logger | object | none | logger for debug, can use console , default no logging |
basic | bool | false | switch to use basic authentication |
precomputeHash | bool | false | wether to attach hash of credentials to the client instance instead of raw credential |
Details:
Do request same way as fetch or node-fetch
const url = ''
const options = {}
client.fetch(url, options)
.then(resp=>resp.json())
.then(data=>console.log(data))
.catch(e=>console.error(e))
Pass in refresh request options factory function for conditions options needs be refreshed when trying again.
For example when posting with file stream:
const factory = () => ({ method: 'post', body: fs.createReadStream('path-to-file') })
client.fetch(url, {factory})
.then(resp=>resp.json())
.then(data=>console.log(data))
.catch(e=>console.error(e))
About
Digest authentication: https://en.wikipedia.org/wiki/Digest_access_authentication or https://www.rfc-editor.org/rfc/rfc7616
This plugin is implemented following RFC2069, RFC2617 and RFC7616 supports http basic authentication as well!
Please open issues if you find bugs or meet problems during using this plugin.
Feel free to open PRs whenever you have better ideas on this project!