Digest auth new

[pratt4]

This is build on top of https://github.com/AsyncHttpClient/async-http-client/pull/2089

and still some changes are required around new testcases and failing testcases

[hyperxpro]

I'll have a look on the weekend. :)

[hyperxpro]

I think only the auth-int implementation is not complete.

[pratt4]

Thanks @hyperxpro for pointing that out! I’ve started implementing auth-int I will push phase 1 in 1-2 days

[pratt4]

things to do

• Support unlimited size request bodies using streaming: implement DigestingBodyGenerator that hashes while streaming (no upfront buffer), lifting the 10 MB limit
• Adding a repeatability contract (e.g... isRepeatable()) to BodyGenerator so client auto-selects buffering or streaming modes
• Optimization of FileBodyGenerator hashing by using zero-copy techniques (FileChannel + ByteBuffer or mmmap slices).
• seamless auth-int support for ReactiveStreams and multipart body generators, preserving async back-pressure.
• Negotiation of strongest hash algorithm automatically when server advertises multiple options (SHA-512-256 first, then SHA-256, then MD5).
• Implementation of the RFC 7616 userhash=true parameter and handle UTF-8 encoded usernames properly.
• Performance improvements on hex-encoding method with lookup-table-based implementation and consider mmap-based hashing.
• Integration tests

[pratt4]

@hyperxpro i have fews questions it would be helpfull if you answer them

1)in Proxy auth is auth-int relevant? because as far as i know proxies happen before getting body 2) currently i dont think the code increments nonce infact it uses DEFAULT_NC=00000001 that means every request that uses Digest today sends nc="00000001". Most servers tolerate that because they don’t enforce nonce-count, but a strict implementation (especially when it also requires auth-int) will expect the counter to rise. shall we increment it or it is kept default for some reason?

Thanks!

[hyperxpro]

Thanks. I will try to review it ASAP.

[pratt4]

Hi @hyperxpro can you please review this whenever you get time.. so that i can quickly wrap this up as soon as possible

Thanks!

[hyperxpro]

@pratt4 Sorry, I was behind schedule. Let me take this up now.

[hyperxpro]

@pratt4 I will merge this into another branch where I will test it with the actual server implementation and see how it behaves before finally pushing to the main branch. It also requires some code formatting.

Overall, great work! Thanks a lot :)

[pratt4]

@hyperxpro thanks for the review!

I’m happy to fix the formatting issues myself if you can point them out along with the suggested changes

and about testing in another branch.... i was just curious, would that mean merging this PR into a staging/test branch, or pulling the code manually? I only ask to make sure it doesn’t end up as a “zombie PR”(if code is pulled manually) that will be harder for me to track later in future.

Also, the improvements which I mentioned earlier in the previous comments for that i will create a separate PR, so this one stays focused and not overloaded.

[hyperxpro]

It won't be a zombie one; it will ship with the next release, but I need to test it. We don't have "SNAPSHOT" maven for this, so merging to a test branch is the only option before confirming full compliance with other implementations.

[hyperxpro]

Merged this into another branch for now until I address remaining issues before merging into main.

[pratt4]

Thanks @hyperxpro

Sorry I was little occupied in personal work all these days and couldn't fix/contribute to this branch... I will try to stay consistent as much as possible from now onwards

please feel tag any issue related to this feature and i will try to resolve it asap

[hyperxpro]

@pratt4 - No problem at all, thanks a lot for the great work.

I will tag you in the final PR for the main branch.