pub struct DigestAuthProvider { /* private fields */ }Expand description
Digest authentication provider implementing RFC 7616.
This provider handles the complex challenge-response protocol required for Digest authentication, including:
- HA1 computation (hash of username:realm:password)
- HA2 computation (hash of method:uri or method:uri:entity_hash)
- Response computation (KD function combining HA1 with challenge parameters)
- Atomic nonce counter management for replay attack prevention
Implementations§
Source§impl DigestAuthProvider
impl DigestAuthProvider
Sourcepub fn new(
username: String,
password: String,
algorithm: Option<DigestAlgorithm>,
) -> Self
pub fn new( username: String, password: String, algorithm: Option<DigestAlgorithm>, ) -> Self
Creates a new Digest authentication provider.
§Arguments
username- The username for authenticationpassword- The password for authenticationalgorithm- The hash algorithm to use (defaults to MD5)
Sourcepub fn algorithm(&self) -> DigestAlgorithm
pub fn algorithm(&self) -> DigestAlgorithm
Returns the current hash algorithm being used.
Sourcepub fn compute_ha1(&self, realm: &str) -> String
pub fn compute_ha1(&self, realm: &str) -> String
Sourcepub fn compute_ha2(
&self,
method: &str,
uri: &str,
qop: Option<&str>,
entity_body: Option<&[u8]>,
) -> String
pub fn compute_ha2( &self, method: &str, uri: &str, qop: Option<&str>, entity_body: Option<&[u8]>, ) -> String
Computes HA2 = H(method:uri) or H(method:uri:H(entity-body)).
When qop is “auth-int”, includes the hash of the entity body.
§Arguments
method- HTTP method (GET, POST, etc.)uri- Request URIqop- Quality of protection modeentity_body- Optional entity body for auth-int mode
§Returns
Hex-encoded hash string
Sourcepub fn compute_response(
&self,
ha1: &str,
nonce: &str,
nonce_count: &str,
cnonce: &str,
qop: Option<&str>,
ha2: &str,
) -> String
pub fn compute_response( &self, ha1: &str, nonce: &str, nonce_count: &str, cnonce: &str, qop: Option<&str>, ha2: &str, ) -> String
Computes the final response = KD(HA1, nonce:nc:cnonce:qop:HA2).
KD(secret, data) = H(concat(secret, “:”, data))
§Arguments
ha1- Pre-computed HA1 valuenonce- Server-provided noncenonce_count- Hex-encoded 8-digit nonce countcnonce- Client-generated nonceqop- Quality of protection modeha2- Pre-computed HA2 value
§Returns
Hex-encoded response string
Builds a complete Digest Authorization header value.
Constructs all necessary components including:
- Username, realm, nonce, uri
- Algorithm specification
- Response hash
- Optional: qop, nc, cnonce, opaque
§Arguments
challenge- Server authentication challengemethod- HTTP method for the requesturi- Request URIentity_body- Optional entity body for auth-int
§Returns
Complete Authorization header value starting with “Digest “
Sourcepub fn reset_nonce_counter(&self)
pub fn reset_nonce_counter(&self)
Resets the nonce counter (useful for testing or new sessions).