Dear, i have a working server with auth digest active, and it's work fine with other services, i have this code in titanium:
function sampleDigestAuth() { var xhr = Ti.Network.createHTTPClient(); xhr.onload = function() { Ti.API.info("status:" + this.status); if (this.status == 200) { Ti.API.info("responseText:" + this.responseText); Ti.API.info("Content-Type:" + this.getResponseHeader("Content-Type")); } } xhr.onerror = function() { Ti.API.info("status:" + this.status); if (this.status == 401) { var wwwAuth = xhr.getResponseHeader('WWW-Authenticate'); Ti.API.info("auth:" + wwwAuth); var authInfo = parseWWWAuth(wwwAuth);
var user = "admin";
var password = "12d34";
var authorization = createAuthHeader("GET", authInfo.realm,
authInfo.nonce, authInfo.opaque, authInfo.qop,
user, password, "/");
Ti.API.info(authorization);
xhr.open('GET', 'http://www.*****************************.com/apiserver/api');
xhr.setRequestHeader("Authorization", authorization);
xhr.send();
}
}
xhr.open('GET', 'http://www.*****************************.com/apiserver');
xhr.send();
}
function parseWWWAuth(wwwAuth) { var ret = {};
ret['realm'] = wwwAuth.match(/realm="([^"]+)"/)[1]; ret['qop'] = wwwAuth.match(/qop="([^"]+)"/)[1]; ret['nonce'] = wwwAuth.match(/nonce="([^"]+)"/)[1]; var opaqueMatch = wwwAuth.match(/opaque="([^"]+)"/); if (opaqueMatch) ret['opaque'] = opaqueMatch[0]; return ret; }
function createAuthHeader(method, realm, nonce, opaque, qop, username, password, uri) { var a1 = buildA1(realm, username, password) var ha1 = Titanium.Utils.md5HexDigest(a1) var a2 = buildA2(method, uri) var ha2 = Titanium.Utils.md5HexDigest(a2)
var nc = formatNonceCount(1) var cnonce = buildCnonce();
var response = buildResponse(ha1, ha2, nonce, nc, cnonce, qop) var hresp = Titanium.Utils.md5HexDigest(response) var ret = buildAuthHeader(username, realm, nonce, uri, cnonce, nc, qop, hresp, opaque);
return ret; }
// create client cnonce function buildCnonce() { return random(12, "0123456789abcdef"); }
function random(len, source) { var result = ''; var sourceLen = source.length; for (var i = 0; i < len; i++) { result += source.charAt(Math.floor(Math.random() * sourceLen)); } return result; }
function buildResponse(ha1, ha2, nonce, nc, cnonce, qop) { return ha1 + ":" + nonce + ":" + nc + ":" + qop + ":" + ha2 }
function buildAuthHeader(username, realm, nonce, uri, cnonce, nc, qop,
hresp, opaque) {
var ret =
'Digest username="' + username +
'", realm="' + realm +
'", nonce="' + nonce +
'", uri="' + uri +
'", nc=' + nc +
', qop="' + qop +
'", response="' + hresp +
'", cnonce="' + cnonce + '"'
'", algorithm="' + "MD5" + '"';
return ret;
}
function formatNonceCount(count) { var nc = count.toString(16); while(nc.length < 8) { nc = "0" + nc; } return nc }
function buildA1(realm, user, passwd) { return user + ":" + realm + ":" + passwd }
function buildA2(method, uri) { return method + ":" + uri }
sampleDigestAuth();
There are there step:
//Step 1: Send request to server with no credentials //Step 2: Get 401 response with Www-Authenticate header containing Digest variables and do magic //Step 3: Send back request with new magical header //Step 4: Receive original request data
Bun in step 4 i receive only 401 response, but if i try api server with an online service or i call server directly from browser it works fine!
Any idea?