server/org.http4s.server.middleware.authentication/DigestAuth

DigestAuth

object DigestAuth

Provides Digest Authentication from RFC 2617.

class Object
trait Matchable
class Any

Type members

Types

type AuthenticationStore[F[_], A] = String => F[Option[(A, String)]]

A function mapping username to a user object and password, or None if no user exists. Requires that the server can recover the password in clear text, which is strongly discouraged.

A function mapping username to a user object and password, or None if no user exists. Requires that the server can recover the password in clear text, which is strongly discouraged.

Value members

Concrete methods

def apply[F[_], A](realm: String, store: F => A, nonceCleanupInterval: Duration, nonceStaleTime: Duration, nonceBits: Int)(implicit evidence$1: Async[F]): F => A
Value Params
nonceBits

The number of random bits a nonce should consist of.

nonceCleanupInterval

Interval (in milliseconds) at which stale nonces should be cleaned up.

nonceStaleTime

Amount of time (in milliseconds) after which a nonce is considered stale (i.e. not used for authentication purposes anymore).

realm

The realm used for authentication purposes.

store

A partial function mapping (realm, user) to the appropriate password.

def challenge[F[_], A](realm: String, store: F => A, nonceKeeper: NonceKeeper)(implicit F: Async[F]): Kleisli[F, Request[F], Either[Challenge, ContextRequest[F, A]]]

Side-effect of running the returned task: If req contains a valid AuthorizationHeader, the corresponding nonce counter (nc) is increased.

Side-effect of running the returned task: If req contains a valid AuthorizationHeader, the corresponding nonce counter (nc) is increased.