Skip to main content

Digest Authentication with Escape

Description

The 'Digest' authentication preset employs a challenge-response mechanism for enhanced security:

  • Initial Request: Involves sending a request to a server endpoint that responds with a WWW-Authenticate header, initiating the authentication process.
  • Credentials Processing: The client creates a hashed version of the user's credentials using the challenge details received.
  • Second Request: The client sends a second request with this hashed information to authenticate.

This method enhances security by avoiding the transmission of actual passwords over the network. Digest Authentication is suitable for scenarios requiring enhanced security without the complexities of more advanced authentication methods.

Examples

presets:
- type: digest
first_request:
url: https://api.example.com/request
method: GET
cookies:
session_id: '123456'
headers:
Accept: application/json
query_parameters:
query: info
second_request:
url: https://api.example.com/authenticate
method: POST
users:
- username: alice
password: aliceSecret
- username: bob
password: bobSecret

Extensive Configuration

PropertyTypeRequiredDescriptionReference
typeConst[digest]True
usersBasicUserPresetTrueThe list of users to generate tokens for.BasicUserPreset
first_requestHTTPRequestPresetTrueThe parameters of the first HTTP request executed during the digest procedure.It is the one that returns the WWW-Authenticate header.HTTPRequestPreset
second_requestDigestSecondRequestConfigurationFalseThe parameters of the second HTTP request executed during the digest procedure.It is the one that uses the digest authentication. By default, parameters of the first request are used.DigestSecondRequestConfiguration

Objects

BasicUserPreset

PropertyTypeRequiredDescriptionReference
usernamestringTrueThe Basic username of the user.
headersDict[string, string]FalseOptional headers injected during the authentication process and in authentified requests.
cookiesDict[string, string]FalseOptional cookies injected during the authentication process and in authentified requests.
passwordstringTrueThe Basic password of the user.

HTTPRequestPreset

PropertyTypeRequiredDescriptionReference
urlstringTrueThe URL to send the request to
methodHTTPMethodTrueThe HTTP method to useHTTPMethod
headersDict[string, string]FalseThe list of headers to attach to the request. Headers are merged with the user credentials headers. It is possible to attach mutliple values to a header.
cookiesDict[string, string]FalseThe list of cookies to attach to the request. Cookies are merged with the user credentials cookies. It is possible to attach mutliple values to a cookie. Cookie values are url-encoded before being sent.
query_parametersDict[string, string]FalseThe list of query parameters to attach to the request. Query parameters are merged with the user credentials query parameters. It is possible to attach mutliple values to a query parameter. Query parameter values are url-encoded before being sent.
bodyAnyFalseThe body of the request. It can be a string or a JSON object. It is merged with the user credentials body if provided. If bodies of the HTTP request and of the user credentials are both JSON objects, they are merged. If the two bodies are strings, they are concatenated. If the two bodies are of different types, the body of the user credentials is used instead of this value.

DigestSecondRequestConfiguration

PropertyTypeRequiredDescriptionReference
urlstringFalseThe URL of the second HTTP request executed during the digest procedure.By default, the URL of the first request is used.
methodHTTPMethodFalseThe method of the second HTTP request executed during the digest procedure.By default, the method of the first request is used.HTTPMethod

Enums

HTTPMethod

  • CONNECT

  • DELETE

  • GET

  • HEAD

  • OPTIONS

  • PATCH

  • POST

  • PUT

  • TRACE