Closed adapt0 closed 2 years ago
This pull request introduces 4 alerts when merging e317eebc03ca29c40d98243bf1b16c66ac5ce4ac into 64bbe48810bc2621e308879d27ce57d149acdfdf - view on LGTM.com
new alerts:
Merging #396 (e317eeb) into master (64bbe48) will not change coverage. The diff coverage is
n/a
.
@@ Coverage Diff @@
## master #396 +/- ##
=======================================
Coverage 98.67% 98.67%
=======================================
Files 4 4
Lines 378 378
Branches 124 124
=======================================
Hits 373 373
Misses 5 5
Impacted Files | Coverage Δ | |
---|---|---|
src/HttpClient.ts | 98.55% <ø> (ø) |
:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more
3.1.3
@adapt0 Thanks!
Discovered that digest authentication was failing with request 3.1.2 when the URL contains query parameters:
This fails as the uri parameter in the authorization header doesn't match the requested uri:
(note the lack of query in uri="/api/v1/public")
Per section 2.1.2 in RFC2069:
and section 3.2.1 in RFC2068:
query is considered part of the URI
Specifically Passport.js digest strategy checks that the uri matches. And also confirmed this same request with Postman which did include the query parameters and successfully authenticated.
As such here's a PR which appends the query parameters, along with an additional test case to make sure they made it through.
Thanks for your great lib!