The realm used for authentication purposes.
A partial function mapping (realm, user) to the appropriate password.
Interval (in milliseconds) at which stale nonces should be cleaned up.
Amount of time (in milliseconds) after which a nonce is considered stale (i.e. not used for authentication purposes anymore).
The number of random bits a nonce should consist of.
Side-effect of running the returned task: If req contains a valid AuthorizationHeader, the corresponding nonce counter (nc) is increased.
The request received from the client.
If req contains valid credentials, a copy of req is returned that contains additional attributes pertaining to authentication such as the username and realm from the valid credentials. If req does not contain valid credentials, a challenge is returned. This challenge will be included in the HTTP 401 Unauthorized response that is returned to the client.