Are there any digest auth client filters anywhere?...
# http4ka
Andrew O'Hara
07/09/2021, 5:11 PMAre there any digest auth client filters anywhere? I know there's an okhttp authenticator I can wrap into a filter, but it would be a pain.
d
dave
07/09/2021, 5:15 PMNot afaik. We've never used one. feel free to PR one back to the core though! 🙃
a
Andrew O'Hara
07/09/2021, 5:16 PMIf I end up having to write my own, I would be happy to.
👍 1
r
Razvan
07/10/2021, 11:54 AMLooking at ktor's implementation looks like a pain in the a** to implement a full specifications support one, so I guess better use a specific filter for your need.
a
Andrew O'Hara
07/10/2021, 5:06 PMThink it's better to not have a filter at all if it doesn't implement the full spec?
d
dave
07/10/2021, 5:10 PMTbh, I think it might be quite simple to take the Ktor version and transpose it onto a Filter.
dave
07/10/2021, 5:19 PMYou can maybe just modify it to inject the algorithm implementation...
a
Andrew O'Hara
07/10/2021, 5:20 PMBoth http4k and ktor are licensed under Apache 2.0; does that mean we can include the ktor version with only minor modifications?
d
dave
07/10/2021, 5:21 PMWe're not GPL so yep should be fine. We'll probably refactor it to.make it a bit more Http4k-y though if the style is different
a
Andrew O'Hara
07/10/2021, 5:24 PMModifying https://github.com/rburgst/okhttp-digest into a filter worked fine for my own project, but I think the ktor version IS better. I think I'll take a stab at the ktor version this weekend.
What kind of tests would be appropriate? I'd rather not make a full server filter just for testing; so maybe the test would send mock responses during the negotiation?
d
dave
07/10/2021, 7:00 PMAs with everything Http4k, testing should be pretty easy - just pass a function that returns the correct Response objects - no need for mocks. 😉
a
Andrew O'Hara
07/11/2021, 5:02 AMAlmost done with the client and server filters.
ktor wasn't actually fully compliant, and doesn't implement the
auth-intMD5-sess10 Views