rayan/bruno
1
0
Fork 0
mirror of https://github.com/usebruno/bruno.git synced 2026-06-26 06:05:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: improve digest authorization header opaque

Browse Source
This commit is contained in:
Pragadesh-45
2024-12-26 07:51:55 +05:30
parent 26daee5d98
commit 284519cd43
1 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
packages/bruno-electron/src/ipc/network/digestauth-helper.js
View File

@@ -24,7 +24,6 @@ function md5(input) {
function addDigestInterceptor(axiosInstance, request) {
const { username, password } = request.digestConfig;
console.debug(request);
if (!isStrPresent(username) || !isStrPresent(password)) {
@@ -54,30 +53,36 @@ function addDigestInterceptor(axiosInstance, request) {
return acc;
}, {});
console.debug(authDetails);
console.debug("Auth Details: \n", authDetails);
const nonceCount = '00000001';
const cnonce = crypto.randomBytes(24).toString('hex');
if (authDetails.algorithm && authDetails.algorithm.toUpperCase() !== 'MD5') {
console.warn(`Unsupported Digest algorithm: ${algo}`);
console.warn(`Unsupported Digest algorithm: ${authDetails.algorithm}`);
return Promise.reject(error);
} else {
authDetails.algorithm = 'MD5';
}
const uri = new URL(request.url).pathname;
const HA1 = md5(`${username}:${authDetails['Digest realm']}:${password}`);
const HA2 = md5(`${request.method}:${uri}`);
const response = md5(`${HA1}:${authDetails.nonce}:${nonceCount}:${cnonce}:auth:${HA2}`);
const response = md5(
`${HA1}:${authDetails.nonce}:${nonceCount}:${cnonce}:auth:${HA2}`
);
const authorizationHeader =
`Digest username="${username}",realm="${authDetails['Digest realm']}",` +
`Digest username="${username}",realm="${authDetails.realm}",` +
`nonce="${authDetails.nonce}",uri="${uri}",qop="auth",algorithm="${authDetails.algorithm}",` +
`response="${response}",nc="${nonceCount}",cnonce="${cnonce}"`;
`response="${response}",nc="${nonceCount}",cnonce="${cnonce}"` +
(authDetails.opaque ? `,opaque="${authDetails.opaque}"` : '');
originalRequest.headers['Authorization'] = authorizationHeader;
console.debug(`Authorization: ${originalRequest.headers['Authorization']}`);
delete originalRequest.digestConfig;
return axiosInstance(originalRequest);
}