This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Digest Authentication

Posted on 01-17-2023 05:41 AM
Peeyush_Singhai
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Hi All,

We have requirement to do digest authentication in our proxy we know apigee doesn't have built-in policy for that so we are doing with java script policy. 

We are sending a request to server(with username and password) and server is responding with ( WWW-Authenticate →Digest realm="Users", nonce="YywQ5zlDGgTQs7Ki2r6HnPFQSemyS7Ea", qop="auth")

So we need to send  nonce and an encrypted version of the username, password and realm (a hash) with the use of md5 algorithm to the server.

So we are creating a java script policy to send above request but not getting correct response.

If anyone has done  digest-auth their advise will help us.

Thanks

 

Solved Solved
0 5 737
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to dknezic
Reply posted on --/--/---- --:-- AM

The problem with the MD5 in Message Templates is... the payload for the digest is sort of dynamic.  There's a bunch of If..THEN...ELSE stuff you need to deal with, to implement HTTP Digest correctly. 

I wrote a callout that shows how to do it. 

https://github.com/DinoChiesa/Apigee-Java-HttpDigest

I tested this with a few known-good HTTP Digest endpoints and it works.  It is limited in a few ways. Check the README.

View solution in original post

Jump to Solution
5 REPLIES 5

Posted on --/--/---- --:-- AM
Peeyush_Singhai
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

+

@Harish123

@shrenikkumar-s 

 

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

I suggest that you use a Java or Python callout to compute the Digest. 

 

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Peeyush_Singhai
Bronze 5
Bronze 5
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Hi @dchiesa1 ,

I have tried  python callout also in that  I am using 'request' module but it is not supported in apigee. Can you provide some refrence how to do in python or java that supports in apigee.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dknezic
Staff
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Another approach could be to use the message templates hash function since this just requires MD5 hash? Then avoiding java/python callouts

https://docs.apigee.com/api-platform/reference/message-template-intro#hash-functions

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to dknezic
Reply posted on --/--/---- --:-- AM

The problem with the MD5 in Message Templates is... the payload for the digest is sort of dynamic.  There's a bunch of If..THEN...ELSE stuff you need to deal with, to implement HTTP Digest correctly. 

I wrote a callout that shows how to do it. 

https://github.com/DinoChiesa/Apigee-Java-HttpDigest

I tested this with a few known-good HTTP Digest endpoints and it works.  It is limited in a few ways. Check the README.

Jump to Solution