Authentication Error when Nonce Includes a '='

mhoc / axios-digest-auth

Axios-like HTTP Digest Auth

https://axios-digest-auth.mhoc.co

The Unlicense

12 stars 20 forks source link

Authentication Error when Nonce Includes a '=' #11

Open samuel-puschacher opened 1 year ago

samuel-puschacher commented 1 year ago

Caused by the following Code index.ts Line 44 const authDetails = resp1.response.headers['www-authenticate'].split(',').map((v: string) => v.split('=')); The Nonce will be split if it has a '=' Character inside This leads to the miscalculation of the hashes and an 401 Auth failed.

DiegoMinatto commented 10 months ago

I´m having the same problem, made my own implementation and fixed it.

The fix is:

resp1.response.headers["www-authenticate"].split("\", ").map((v) => { const [first, ...rest] = v.split("\""); return [first.replace("=", ""), rest.join("")] });

It will split by only the first equals character, i also added support for commas in the attibute value for safety.