[Feature Request] Authentication support for HMAC

microsoft / restler-fuzzer

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

MIT License

2.59k stars 296 forks source link

[Feature Request] Authentication support for HMAC #710

Open anmolbohra97 opened 1 year ago

anmolbohra97 commented 1 year ago

💡 Idea

In our service, we do HMAC authentication. Currently RESTler doesn't support that. Having that feature will be really helpful for us to fuzz test our service.

Design Notes

No response

marina-p commented 1 year ago

Example: https://learn.microsoft.com/en-us/azure/communication-services/tutorials/hmac-header-tutorial?pivots=programming-language-csharp#add-headers-to-requestmessage

marina-p commented 1 year ago

The authentication module should be extended to pass the request in order to generate the hash.

TBD: supporting this with the command-line option