request
Advanced tools
Comparing version 2.29.0 to 2.30.0
@@ -16,4 +16,5 @@ // Copyright 2010-2012 Mikeal Rogers | ||
var optional = require('./lib/optional') | ||
, Cookie = optional('tough-cookie') | ||
, CookieJar = Cookie && Cookie.CookieJar | ||
, cookie = optional('tough-cookie') | ||
, Cookie = cookie && cookie.Cookie | ||
, CookieJar = cookie && cookie.CookieJar | ||
, cookieJar = CookieJar && new CookieJar | ||
@@ -108,3 +109,3 @@ | ||
if (optionsArg) { | ||
for (option in optionsArg) { | ||
for (var option in optionsArg) { | ||
options[option] = optionsArg[option] | ||
@@ -111,0 +112,0 @@ } |
@@ -10,3 +10,3 @@ { | ||
], | ||
"version": "2.29.0", | ||
"version": "2.30.0", | ||
"author": "Mikeal Rogers <mikeal.rogers@gmail.com>", | ||
@@ -13,0 +13,0 @@ "repository": { |
@@ -706,14 +706,20 @@ var optional = require('./lib/optional') | ||
case 'Digest': | ||
// TODO: More complete implementation of RFC 2617. For reference: | ||
// TODO: More complete implementation of RFC 2617. | ||
// - check challenge.algorithm | ||
// - support algorithm="MD5-sess" | ||
// - handle challenge.domain | ||
// - support qop="auth-int" only | ||
// - handle Authentication-Info (not necessarily?) | ||
// - check challenge.stale (not necessarily?) | ||
// - increase nc (not necessarily?) | ||
// For reference: | ||
// http://tools.ietf.org/html/rfc2617#section-3 | ||
// https://github.com/bagder/curl/blob/master/lib/http_digest.c | ||
var matches = authHeader.match(/([a-z0-9_-]+)="([^"]+)"/gi) | ||
var challenge = {} | ||
for (var i = 0; i < matches.length; i++) { | ||
var eqPos = matches[i].indexOf('=') | ||
var key = matches[i].substring(0, eqPos) | ||
var quotedValue = matches[i].substring(eqPos + 1) | ||
challenge[key] = quotedValue.substring(1, quotedValue.length - 1) | ||
var re = /([a-z0-9_-]+)=(?:"([^"]+)"|([a-z0-9_-]+))/gi | ||
for (;;) { | ||
var match = re.exec(authHeader) | ||
if (!match) break | ||
challenge[match[1]] = match[2] || match[3]; | ||
} | ||
@@ -723,4 +729,6 @@ | ||
var ha2 = md5(self.method + ':' + self.uri.path) | ||
var cnonce = uuid().replace(/-/g, '') | ||
var digestResponse = md5(ha1 + ':' + challenge.nonce + ':1:' + cnonce + ':auth:' + ha2) | ||
var qop = /(^|,)\s*auth\s*($|,)/.test(challenge.qop) && 'auth' | ||
var nc = qop && '00000001' | ||
var cnonce = qop && uuid().replace(/-/g, '') | ||
var digestResponse = qop ? md5(ha1 + ':' + challenge.nonce + ':' + nc + ':' + cnonce + ':' + qop + ':' + ha2) : md5(ha1 + ':' + challenge.nonce + ':' + ha2) | ||
var authValues = { | ||
@@ -731,6 +739,8 @@ username: self._user, | ||
uri: self.uri.path, | ||
qop: challenge.qop, | ||
qop: qop, | ||
response: digestResponse, | ||
nc: 1, | ||
cnonce: cnonce | ||
nc: nc, | ||
cnonce: cnonce, | ||
algorithm: challenge.algorithm, | ||
opaque: challenge.opaque | ||
} | ||
@@ -740,3 +750,9 @@ | ||
for (var k in authValues) { | ||
authHeader.push(k + '="' + authValues[k] + '"') | ||
if (!authValues[k]) { | ||
//ignore | ||
} else if (k === 'qop' || k === 'nc' || k === 'algorithm') { | ||
authHeader.push(k + '=' + authValues[k]) | ||
} else { | ||
authHeader.push(k + '="' + authValues[k] + '"') | ||
} | ||
} | ||
@@ -743,0 +759,0 @@ authHeader = 'Digest ' + authHeader.join(', ') |
68007
1282