Is there a way for custom AuthenticationProvider to access t kotlinlang #ktor

Join Slack

Is there a way for custom AuthenticationProvider t...

# ktor

Daniel

03/20/2023, 10:08 AM

Is there a way for custom AuthenticationProvider to access the body of the request (for hash computation)?

Daniel

03/20/2023, 12:01 PM

I found the plugin DoubleReceive, but I would rather avoid it. Is there perhaps some hook deeper/earlier in the pipepiline I could use to calculate the hash and pass it into 'call.attributes' for the latter stages?

Aleksei Tirman [JB]

03/20/2023, 12:42 PM

Do you want to calculate hash of a request based on its body too?

Daniel

03/20/2023, 12:56 PM

What do you mean based on its body?

Daniel

03/20/2023, 12:59 PM

If the request has a body, I need to calculate its md5 digest so I could use this value as part of Hmac calculation

Aleksei Tirman [JB]

03/20/2023, 1:02 PM

The problem is that the body of a request can be read only once. So it doesn’t matter how early you’re receiving it.

Aleksei Tirman [JB]

03/20/2023, 1:03 PM

The

DoubleReceive

plugin solves the problem by reading a whole body and storing it for future reads.

Daniel

03/20/2023, 1:06 PM

How does ktor handle decompression of request body in the receive pipeline? Could it be possible to add a hook somewhere at that stage (the function would return the body unchanged, ie. identity transform)?

Daniel

03/20/2023, 1:09 PM

Btw, why is the read only once limitation imposed?

Aleksei Tirman [JB]

03/20/2023, 1:30 PM

Because it may be inefficient to read a whole body in memory, especially, if it’s a huge one.

9 Views

Open in Slack

Previous Next