Comments (12)
That's odd. Why does the nc need to be changed?
from needle.
Actually, it doesn't look like that is the problem now. Apologies for logging the issue prematurely. I went into the .npm/needle/0.7.2/package/lib/auth and changed the value to 0 as suggested. I ran it and it worked for the first time.
I am using Meteor to put some images to moodstock. I initially used http-digest-client to test the api, and it worked, but I needed to upload images so wanted to use needle. Unfortunately, where http-digest-client is working, needle is failing. Here is the code that is failing on needle, but working ondigest-client. Note this is just the echo service of moodstock, and the error returned is an 'Internal server error'
FAILING
var needle = Meteor.require('needlefix');
var options = {
username: settings.moodstockApiKey,
password: settings.moodstockApiSecret,
auth: 'digest'
};
needle.get('http://api.moodstocks.com/v2/echo/?hello=someone&moodstocks=working', options,
function(err, resp, body) {
if (!err)
console.log(resp);
});
WORKING
digest = Meteor.require('http-digest-client')(settings.moodstockApiKey, settings.moodstockApiSecret, false);
digest.request({
host: 'api.moodstocks.com',
path: '/v2/echo/?hello=someone&moodstocks=working',
port: 80,
method: 'GET'
}, function(res) {
res.on('data', function(data) {
console.log(data.toString());
});
res.on('error', function(err) {
console.log('oh noes');
});
});
This could be a problem with needle, but might be an issue with moodstock? Either way, odd it works for one, and not the other. I can post up key and secret if that will help, otherwise you could signup for free account.
from needle.
Ok, thanks for the update. I'll take a look at http-digest-client and see if there's anything we need to fix.
from needle.
Ok, finally took the time to check the http-digest-client library. It looks like it's not working either for them:
var digest = require('http-digest-client')('user', 'passwd');
digest.request({
host: 'httpbin.org',
path: '/digest-auth/test/user/passwd',
port: 80,
method: 'GET',
}, function (res) {
console.log('Got status code:' + res.statusCode);
res.on('data', function (data) {
console.log(data.toString());
});
res.on('error', function (err) {
console.log('oh noes');
});
});
I'm using httpbin.org to do the tests and I keep getting 401's. Any ideas?
from needle.
Same issue here. Is there any workaround ?
from needle.
Not still. I haven't been able to find a working implementation of the digest auth among the node libraries. If you find one, please let me know so we can get this fixed!
from needle.
Have there been any updates on this? I'd love to get the digest auth working
from needle.
Needle seems to use lowercase request method values when using the .get()
, .put()
, post()
, etc functions. The request method is used to calculate part of the hash used in the digest challenge response, shown here from Auth.js.
Line 68: ha2 = md5(method + ':' + path),
Most web servers I know report the request method in uppercase (we're using PHP's $_SERVER['REQUEST_METHOD'] global). This case difference is causing a mismatch in the challenge response, and therefore failing authentication.
A quick fix to test this theory is to change the request call from from needle.get(...)
to needle.request('GET', ...)
. Needle will pass that uppercase method through to the hashing function, which results in a matching challenge response (at least in my testing). So for the above example, you might try altering your code to this and see if it works.
var needle = Meteor.require('needlefix');
var options = {
username: settings.moodstockApiKey,
password: settings.moodstockApiSecret,
auth: 'digest'
};
needle.request('GET', 'http://api.moodstocks.com/v2/echo/?hello=someone&moodstocks=working', options,
function(err, resp, body) {
if (!err)
console.log(resp);
});
After making this change, I was able to successfully authenticate using digest auth.
from needle.
This is great news. I'll try it out in a sec.
from needle.
Ok so after chaging the method to uppercase letters in lib/auth.js
, the above example against httpbin still didn't work. I revised the header parsing and some other things and eventually got it to work against the test endpoint at test.webdav.org.
var needle = require('..');
var opts = {
username: 'user1',
password: 'user1',
auth: 'digest'
}
needle.get('http://test.webdav.org/auth-digest/', opts, function(err, resp) {
if (resp.statusCode == 401)
console.log('Nope')
else
console.log('Yep!')
})
This is currently on the digest-auth-fixes branch. @montanajob can you try and see if using that code it (still) works so I get it merged to master?
And thanks again!
from needle.
And I finally figured out the reason why the test against httpbin wasn't working. Turns out they expect cookies to be returned (which isn't actually part of the spec).
from needle.
Yes, the digest-auth-fixes branch still works for me. Thanks for the fix.
from needle.
Related Issues (20)
- Test failures on macOS w/ node v17 HOT 1
- Test failures on node v14-v16 HOT 3
- Test failures on node v4-v12
- Incorrect parsing of complex JS nested objects in POST request HOT 5
- Mangled file content when multipart-POSTing a file with a "text/*" content type HOT 2
- Very infrequent TypeError: iconv.encodingExists is not a function
- Tunnelling doesn't work in v3.1.0 HOT 12
- Proposal: Supporting User-Defined "Follow If" Conditions
- Piping needle request to Express response won't set the correct headers
- Multiple Files Upload Renames Input Field
- Uncaught asynchronous error
- Remote end closed socket abruptly errors HOT 2
- a ':' in nonce breaks digest authentication HOT 1
- Digest MD5 not working with Geovision IP Camera
- Uncaught ECONNRESET exception
- needle.get cannot guaranty getting the http stream HOT 2
- FEATURE: Retry HOT 1
- follow_set_cookies -> not working!!!
- Bug in 3.3.0: accidental creation of `global.signal`, gets caught in strict UTs
- README recommends mikeal's request HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from needle.