@redocly/respect-core/lib/utils/digest-auth/generate-digest-auth-header.js

API testing framework core

import { md5 } from '@noble/hashes/legacy.js';
import { sha256 } from '@noble/hashes/sha2.js';
import { bytesToHex } from '@noble/hashes/utils';
const DEFAULT_ALGORITHM = 'MD5';
const DEFAULT_NC = '00000001';
export function generateDigestAuthHeader({ username, password, nonce, realm, cnonce, algorithm = DEFAULT_ALGORITHM, qop, nc = DEFAULT_NC, opaque, uri, method, bodyContent = '', }) {
    const requiredParams = {
        username,
        password,
        realm,
        nonce,
        qop,
        opaque,
        uri,
        method,
    };
    const missingParams = Object.entries(requiredParams)
        .filter(([_, value]) => !value)
        .map(([key]) => key);
    if (missingParams.length > 0) {
        throw new Error(`Missing required digest auth parameters: ${missingParams.join(', ')}`);
    }
    const response = generateResponse({
        ...requiredParams,
        cnonce,
        algorithm,
        nc,
        bodyContent,
    });
    const parts = [
        `username="${username}"`,
        `realm="${realm}"`,
        `nonce="${nonce}"`,
        `uri="${uri}"`,
        `qop=${qop}`,
        `nc=${nc}`,
        `cnonce="${cnonce}"`,
        `response="${response}"`,
        `algorithm=${algorithm}`,
    ];
    if (opaque) {
        parts.push(`opaque="${opaque}"`);
    }
    return `Digest ${parts.join(', ')}`;
}
export function generateResponse(data) {
    const { username, password, realm, nonce, cnonce, algorithm = DEFAULT_ALGORITHM, qop, nc = DEFAULT_NC, uri, method, bodyContent, } = data;
    const hashA1 = algorithm.endsWith('-sess')
        ? getHashFunction(algorithm)(getHashFunction(algorithm)(`${username}:${realm}:${password}`) + `:${nonce}:${cnonce}`)
        : getHashFunction(algorithm)(`${username}:${realm}:${password}`);
    const hashA2 = qop.includes('auth-int')
        ? getHashFunction(algorithm)(`${method}:${uri}:${getHashFunction(algorithm)(bodyContent)}`)
        : getHashFunction(algorithm)(`${method}:${uri}`);
    return getHashFunction(algorithm)(`${hashA1}:${nonce}:${nc}:${cnonce}:${qop}:${hashA2}`);
}
function getHashFunction(algorithm) {
    const normalizedAlgorithm = algorithm.replace('-sess', '').toUpperCase();
    switch (normalizedAlgorithm) {
        case 'SHA-256':
            return (input) => bytesToHex(sha256(input));
        default:
            return (input) => bytesToHex(md5(input));
    }
}
//# sourceMappingURL=generate-digest-auth-header.js.map