DigestAuth

org.http4s.server.middleware.authentication.DigestAuth

object DigestAuth

Provides Digest Authentication from RFC 2617.

Attributes

Source: DigestAuth.scala
Supertypes: class Object

trait Matchable

class Any
Known subtypes: class Md5HashedAuthStore[F, A]

class PlainTextAuthStore[F, A]

A function mapping username to a user object and precomputed md5 hash of the username, realm, and password, or None if no user exists.

More secure than PlainTextAuthStore due to only needing to store the digested hash instead of the password in plain text.

A function mapping username to a user object and password, or None if no user exists.

Requires that the server can recover the password in clear text, which is _strongly_ discouraged. Please use Md5HashedAuthStore if you can.

nonceBits: The number of random bits a nonce should consist of.
nonceCleanupInterval: Interval (in milliseconds) at which stale nonces should be cleaned up.
nonceStaleTime: Amount of time (in milliseconds) after which a nonce is considered stale (i.e. not used for authentication purposes anymore).
realm: The realm used for authentication purposes.
store: A partial function mapping (realm, user) to the appropriate password.

Similar to apply, but exposing the underlying challenge cats.data.Kleisli instead of an entire AuthMiddleware

Side-effect of running the returned task: If req contains a valid AuthorizationHeader, the corresponding nonce counter (nc) is increased.

nonceBits: The number of random bits a nonce should consist of.
nonceCleanupInterval: Interval (in milliseconds) at which stale nonces should be cleaned up.
nonceStaleTime: Amount of time (in milliseconds) after which a nonce is considered stale (i.e. not used for authentication purposes anymore).
realm: The realm used for authentication purposes.
store: A partial function mapping (realm, user) to the appropriate password.

In this article

Generated with