Thanks, Andy! That's very handy. So, when I test against httpbin, the same thing happens.
curl request: curl --digest --user user:pw -X GET ' http://httpbin.org/digest-auth/auth/user/pw'
response: { "authenticated": true, "user": "user" }
BaseX request: let $endpoint := "http://httpbin.org/digest-auth/auth/user/pw"
let $response := ( http:send-request( <http:request method="GET" href="{$endpoint}" username="user" password="pw" auth-method="Digest" send-authorization="true"> <http:header name="Content-Type" value="{$type}; charset=utf-8"/> </http:request> ) ) return $response
response: <http:response xmlns:http="http://expath.org/ns/http-client" status="401" message="UNAUTHORIZED"> <http:header name="Server" value="gunicorn/19.9.0"/> <http:header name="Access-Control-Allow-Origin" value="*"/> <http:header name="Access-Control-Allow-Credentials" value="true"/> <http:header name="WWW-Authenticate" value="Digest realm=& quot;me@kennethreitz.com", nonce="36d59385e96e1689595f4f14fa2921ca", qop="auth", opaque="a21df3287b5cb9cbf8b6a68b2c15fa1d", algorithm=MD5, stale=FALSE"/> <http:header name="Connection" value="keep-alive"/> <http:header name="Set-Cookie" value="fake=fake_value; Path=/"/> <http:header name="Set-Cookie" value="stale_after=never; Path=/"/> <http:header name="Content-Length" value="0"/> <http:header name="Date" value="Wed, 02 Feb 2022 17:14:13 GMT"/> <http:header name="Content-Type" value="text/html; charset=utf-8"/> </http:response>
-- Tim A. Thompson Metadata Librarian Yale University Library
On Wed, Feb 2, 2022 at 12:06 PM Andy Bunce bunce.andy@gmail.com wrote:
I find httpbin.org a useful resource to test this kind of thing [1] and [2] /Andy
[1] http://httpbin.org/#/Auth/get_basic_auth__user___passwd_ [2] http://httpbin.org/basic-auth/user1/mypass
On Wed, 2 Feb 2022 at 16:58, Christian Grün christian.gruen@gmail.com wrote:
Good to hear; so at least Digest is detected at this stage ;)
Tim Thompson timathom@gmail.com schrieb am Mi., 2. Feb. 2022, 17:54:
With "digest" I get: "[experr:HC0004] Invalid authentication method: digest."
-- Tim A. Thompson Metadata Librarian Yale University Library
On Wed, Feb 2, 2022 at 11:52 AM Christian Grün < christian.gruen@gmail.com> wrote:
Yes, it should still be supported. I assume it doesn't make a difference if you use "Digest" or "digest"?
Tim Thompson timathom@gmail.com schrieb am Mi., 2. Feb. 2022, 17:48:
Thanks, Christian. Right, that wasn't a working example. The server I'm querying is behind a firewall, so I can't really reproduce the issue unfortunately.
The BaseX documentation states that the HTTP client does support Digest authentication. However, I did some poking around using Wireshark and limited knowledge of network traffic. When I run the request in curl, the expected protocol is played out, and I see the evidence in Wireshark:
(1) The server responds with "401 Unauthorized" and provides the nonce value. (2) The client (curl) then does its business (supplies the username and password, resends the request, etc.)
But when I submit the request via BaseX, it never gets past step (1). It never seems to send the username and password at all. Is Digest authentication still supported?
Best, Tim
-- Tim A. Thompson Metadata Librarian Yale University Library
On Wed, Feb 2, 2022 at 10:13 AM Christian Grün < christian.gruen@gmail.com> wrote:
Hi Tim,
Difficult to tell; both the curl and the XQuery variants give me 404. Do you think you could provide us with an example that works out of the box?
Best, Christian
On Wed, Feb 2, 2022 at 12:54 AM Tim Thompson timathom@gmail.com wrote: > > Hello, > > I'm trying to post a SPARQL query to an endpoint using Digest authentication with the HTTP client. > > The query works fine using curl: > > curl --digest --user user:pass -X POST -d@'test.rq' \ > -H "Content-type: application/sparql-query" \ > 'http://example.org/sparql' > > But the equivalent request in BaseX fails with 401 Unauthorized: > > let $endpoint := "http://example.org/sparql" > let $user := "user" > let $pass := "pass" > let $type := "application/sparql-query" > > let $response := ( > http:send-request( > http:request method="POST" > href="{$endpoint}" > username="{$user}" > password="{$pass}" > auth-method="Digest" > send-authorization="true"> > http:header name="Content-Type" > value="{$type}; charset=utf-8"/> > http:body media-type="{$type}">{ > ``[ > select * where {?s ?p ?o} limit 1 > ]`` > }</http:body> > </http:request> > ) > ) > return > $response > > Any ideas about what might be causing the BaseX HTTP client to be denied here? > > Thanks in advance, > Tim > > > -- > Tim A. Thompson > Metadata Librarian > Yale University Library >