Digest not working

[burnbrigther]

Describe the bug Digest not working as expected with Axis cameras.

Expected behavior Digest should work as expected

To Reproduce Steps to reproduce the behavior: My particular behavior was observed with Axis cameras - but digest configuration is working in stateless configuration.

1. Configure a stateless configuration with digest enabled
2. Configure a stateful configuration with digest enabled
3. Test both and stateless will work, but stateful will fail with 401 error

Version (output of npm list -g homebridge homebridge-http-switch)

• homebridge: pi@dockerpi-c:/var/lib/homebridge $ npm list -g homebridge /usr/lib └── homebridge@1.2.0-beta.29
• homebridge-http-switch: pi@dockerpi-c:/var/lib/homebridge $ npm list -g homebridge-http-switch /usr/lib └── homebridge-http-switch@0.5.30

Configuration

        {
            "accessory": "HTTP-SWITCH",
            "name": "FR(PTZ) HOME",
            "notificationID": "root",
            "notificationPassword": "XXXXXX",
            "switchType": "stateless",
            "onUrl": {
                "url": "http://192.168.1.233/axis-cgi/com/ptz.cgi?gotoserverpresetno=1",
                "method": "GET",
                "auth": {
                    "username": "root",
                    "password": "XXXXXX",
                    "sendImmediately": "false"
                }
            }
        },
        {
            "accessory": "HTTP-SWITCH",
            "name": "FC(PTZ) Door View",
            "notificationID": "root",
            "notificationPassword": "XXXXXX",
            "onUrl": {
                "url": "http://192.168.1.230/axis-cgi/com/ptz.cgi?gotoserverpresetno=8",
                "method": "GET",
                "auth": {
                    "username": "root",
                    "password": "XXXXXX",
                    "sendImmediately": "false"
                }
            },
            "offUrl": {
                "url": "http://192.168.1.230/axis-cgi/com/ptz.cgi?gotoserverpresetno=1",
                "method": "GET",
                "auth": {
                    "username": "root",
                    "password": "XXXXXX",
                    "sendImmediately": "false"
                }
            },
            "statusUrl": {
                "url": "http://192.168.1.230/axis-cgi/param.cgi?action=list&group=Properties.PTZ.PTZ",
                "method": "GET",
                "auth": {
                    "username": "root",
                    "password": "XXXXXX",
                    "sendImmediately": "false"
                }
            }
        },

Additional context All configurations work with pure basic auth. Using pure basic auth configuration is not a suitable workaround for me.

[burnbrigther]

I updated the title and description. It seems some of my cameras were set to digest+basic and some were set to basic. Those with basic are working. However, digest does not appear to work with Axis cameras. I turned up debug, and here is what I see in the logs with only digest selected. My password is known to be correct.

[7/14/2020, 8:37:05 PM] [FC(PTZ) HOME] setStatus() doing http request...
[7/14/2020, 8:37:05 PM] [FC(PTZ) HOME] Error occurred setting state of switch: HTTP request returned with error code 401
[7/14/2020, 8:37:05 PM] [FC(PTZ) HOME] Body of set response is: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>

[7/14/2020, 8:37:05 PM] [FC(PTZ) HOME] Resetting switch to OFF

Here is the relevant configuration:

            "name": "FC(PTZ) HOME",
            "switchType": "stateless",
            "debug": "true",
            "onUrl": {
                "url": "http://192.168.1.230/axis-cgi/com/ptz.cgi?gotoserverpresetno=1",
                "method": "GET",
                "auth": {
                    "username": "root",
                    "password": "XXXXXXXX",
                    "sendImmediately": "false"
                }
            }
        }

[burnbrigther]

In this second test, I changed sendImmediately to true. From my wireshark captures, it doesn't appear anything is being sent. In this image, you can see on the left, what homebridge-http-connect is doing. On the right, you see what homebridge-ffmpeg is sending (successfully with digest). Changing sendImmediately to true or false yields the same results for the capture on the left.

[burnbrigther]

@Supereg hoping you can have a look at this. I can provide a pcap directly to you if it helps. You can see my Axis camera is responding with the required "WWW-Authenticate" header, but the plugin doesn't seem to be respond back - it dies on the vine.

[Supereg]

Gave it a quick look. I doubt this error is related to the switchState configuration, as the code doing set request is the same for all states 🤔 I noted some different urls (ip and query parameters), anything substantial different with those?

Digest authentication is backed by the underlying request library: https://github.com/request/request#http-authentication:

It notes the following: Digest authentication is supported, but it only works with sendImmediately set to false; otherwise request will send basic authentication on the initial request, which will probably cause the request to fail.. But it seems like you've set that.

[Supereg]

Well, justed noticed you specified sendImmediately as a string (depending how the request library checks this, it is equivalent of specifying true [JavaScript LOL]), where it should be a boolean like so (without quotes):

{
  "sendImmediately": false
}

[burnbrigther]

Feeling silly. You are absolutely correct. Good catch. Thank you for your response. It IS now working as expected.

[Supereg]

great it works 👍