Skip to content

Digest Authentication with Escape

Description

The 'Digest' authentication preset employs a challenge-response mechanism for enhanced security:

  • Initial Request: Involves sending a request to a server endpoint that responds with a WWW-Authenticate header, initiating the authentication process.
  • Credentials Processing: The client creates a hashed version of the user's credentials using the challenge details received.
  • Second Request: The client sends a second request with this hashed information to authenticate.

This method enhances security by avoiding the transmission of actual passwords over the network. Digest Authentication is suitable for scenarios requiring enhanced security without the complexities of more advanced authentication methods.

Examples

presets:
-   type: digest
    first_request:
        url: https://api.example.com/request
        method: GET
        cookies:
            session_id: '123456'
        headers:
            Accept: application/json
        query_parameters:
            query: info
    second_request:
        url: https://api.example.com/authenticate
        method: POST
    users:
    -   username: alice
        password: aliceSecret
    -   username: bob
        password: bobSecret

Extensive Configuration

Property Type Default Description
first_request * HTTPRequestPreset The parameters of the first HTTP request executed during the digest procedure.It is the one that returns the WWW-Authenticate header.
second_request DigestSecondRequestConfiguration null The parameters of the second HTTP request executed during the digest procedure.It is the one that uses the digest authentication. By default, parameters of the first request are used.
type * Const[digest] digest
users * List[BasicUserPreset] The list of users to generate tokens for.

Objects

BasicUserPreset

Property Type Default Description
cookies Dict[string, string] null Optional cookies injected during the authentication process and in authentified requests.
headers Dict[string, string] null Optional headers injected during the authentication process and in authentified requests.
password * string The Basic password of the user.
username * string The Basic username of the user.

DigestSecondRequestConfiguration

Property Type Default Description
method HTTPMethod null The method of the second HTTP request executed during the digest procedure.By default, the method of the first request is used.
url string null The URL of the second HTTP request executed during the digest procedure.By default, the URL of the first request is used.

HTTPRequestPreset

Property Type Default Description
body object null The body of the request. It can be a string or a JSON object. It is merged with the user credentials body if provided. If bodies of the HTTP request and of the user credentials are both JSON objects, they are merged. If the two bodies are strings, they are concatenated. If the two bodies are of different types, the body of the user credentials is used instead of this value.
cookies Dict[string, string] The list of cookies to attach to the request. Cookies are merged with the user credentials cookies. It is possible to attach mutliple values to a cookie. Cookie values are url-encoded before being sent.
headers Dict[string, string] The list of headers to attach to the request. Headers are merged with the user credentials headers. It is possible to attach mutliple values to a header.
method * HTTPMethod The HTTP method to use
query_parameters Dict[string, string] The list of query parameters to attach to the request. Query parameters are merged with the user credentials query parameters. It is possible to attach mutliple values to a query parameter. Query parameter values are url-encoded before being sent.
url * string The URL to send the request to

Enums

HTTPMethod

Value
CONNECT
DELETE
GET
HEAD
OPTIONS
PATCH
POST
PUT
TRACE