place response paramter at end of credentials (icholy#9)

logicall · Dec 22, 2022 · 56c3faa · 56c3faa
1 parent bcadbe9
commit 56c3faa
Show file tree

Hide file tree

Showing 3 changed files with 76 additions and 36 deletions.
diff --git a/credentials.go b/credentials.go
@@ -91,11 +91,6 @@ func (c *Credentials) String() string {
 			Value: c.URI,
 			Quote: true,
 		},
-		param.Param{
-			Key:   "response",
-			Value: c.Response,
-			Quote: true,
-		},
 	)
 	if c.Algorithm != "" {
 		pp = append(pp, param.Param{
@@ -135,5 +130,12 @@ func (c *Credentials) String() string {
 			Value: "true",
 		})
 	}
+	// The RFC does not specify an order, but some implementations expect the response to be at the end.
+	// See: https://github.com/icholy/digest/issues/8
+	pp = append(pp, param.Param{
+		Key:   "response",
+		Value: c.Response,
+		Quote: true,
+	})
 	return Prefix + param.Format(pp...)
 }
diff --git a/credentials_test.go b/credentials_test.go
@@ -1,7 +1,6 @@
 package digest
 
 import (
-	"strconv"
 	"testing"
 
 	"gotest.tools/v3/assert"
@@ -13,7 +12,7 @@ func TestCredentials(t *testing.T) {
 		credentials *Credentials
 	}{
 		{
-			input: `Digest username="root", realm="AXIS_ACCC8EB3494E", nonce="PNHWZB6nBQA=316099a140230c2db387fc75ee1c8ae838a750d8", uri="/axis-cgi/com/ptz.cgi?camera=1&continuouspantiltmove=-49,0", response="9bbb9764c769f388f8e5ff4d26bd0449", algorithm=MD5, cnonce="17b7311e0c27a979", qop=auth, nc=00000003`,
+			input: `Digest username="root", realm="AXIS_ACCC8EB3494E", nonce="PNHWZB6nBQA=316099a140230c2db387fc75ee1c8ae838a750d8", uri="/axis-cgi/com/ptz.cgi?camera=1&continuouspantiltmove=-49,0", algorithm=MD5, cnonce="17b7311e0c27a979", qop=auth, nc=00000003, response="9bbb9764c769f388f8e5ff4d26bd0449"`,
 			credentials: &Credentials{
 				Username:  "root",
 				Realm:     "AXIS_ACCC8EB3494E",
@@ -27,7 +26,7 @@ func TestCredentials(t *testing.T) {
 			},
 		},
 		{
-			input: `Digest username="icholy", realm="DLI LPC92601002528", nonce="NZAeQHhoCNifFjFa", uri="/restapi/relay/outlets/=0,1,2/state/", response="9e0d2169b41cbb504a58995e08b10eb1", algorithm=MD5, cnonce="MzI1MWE0MDI1MzEyOWQ2M2U1YjM1OGZiNWMwZWNiYjA=", opaque="wRtIEgb/X9z7XXAT", qop=auth, nc=00000001`,
+			input: `Digest username="icholy", realm="DLI LPC92601002528", nonce="NZAeQHhoCNifFjFa", uri="/restapi/relay/outlets/=0,1,2/state/", algorithm=MD5, cnonce="MzI1MWE0MDI1MzEyOWQ2M2U1YjM1OGZiNWMwZWNiYjA=", opaque="wRtIEgb/X9z7XXAT", qop=auth, nc=00000001, response="9e0d2169b41cbb504a58995e08b10eb1"`,
 			credentials: &Credentials{
 				Username:  "icholy",
 				Realm:     "DLI LPC92601002528",
@@ -42,8 +41,8 @@ func TestCredentials(t *testing.T) {
 			},
 		},
 	}
-	for i, tt := range tests {
-		t.Run(strconv.Itoa(i), func(t *testing.T) {
+	for _, tt := range tests {
+		t.Run("", func(t *testing.T) {
 			c, err := ParseCredentials(tt.input)
 			assert.NilError(t, err)
 			assert.DeepEqual(t, c, tt.credentials)

diff --git a/digest_test.go b/digest_test.go
@@ -8,34 +8,73 @@ import (
 
 // https://tools.ietf.org/html/rfc7616#section-3.9
 func TestDigestMD5(t *testing.T) {
-	opt := Options{
-		Method:   "GET",
-		URI:      "/dir/index.html",
-		Username: "Mufasa",
-		Password: "Circle of Life",
-		Cnonce:   "f2/wE4q74E6zIJEtWaHKaf5wv/H5QzzpXusqGemxURZJ",
+	tests := []struct {
+		opt  Options
+		chal *Challenge
+		cred *Credentials
+	}{
+		{
+			Options{
+				Method:   "GET",
+				URI:      "/dir/index.html",
+				Username: "Mufasa",
+				Password: "Circle of Life",
+				Cnonce:   "f2/wE4q74E6zIJEtWaHKaf5wv/H5QzzpXusqGemxURZJ",
+			},
+			&Challenge{
+				Realm:     "[email protected]",
+				Algorithm: "MD5",
+				Nonce:     "7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v",
+				Opaque:    "FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS",
+				QOP:       []string{"auth", "auth-int"},
+			},
+			&Credentials{
+				Username:  "Mufasa",
+				Realm:     "[email protected]",
+				Nonce:     "7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v",
+				URI:       "/dir/index.html",
+				Response:  "8ca523f5e9506fed4657c9700eebdbec",
+				Algorithm: "MD5",
+				Cnonce:    "f2/wE4q74E6zIJEtWaHKaf5wv/H5QzzpXusqGemxURZJ",
+				Opaque:    "FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS",
+				QOP:       "auth",
+				Nc:        1,
+			},
+		},
+		{
+			Options{
+				Method:   "GET",
+				URI:      "/dir/index.html",
+				Username: "Mufasa",
+				Password: "Circle of Life",
+				Cnonce:   "f2/wE4q74E6zIJEtWaHKaf5wv/H5QzzpXusqGemxURZJ",
+			},
+			&Challenge{
+				Realm:  "[email protected]",
+				Nonce:  "7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v",
+				Opaque: "FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS",
+				QOP:    []string{"auth", "auth-int"},
+			},
+			&Credentials{
+				Username: "Mufasa",
+				Realm:    "[email protected]",
+				Nonce:    "7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v",
+				URI:      "/dir/index.html",
+				Response: "8ca523f5e9506fed4657c9700eebdbec",
+				Cnonce:   "f2/wE4q74E6zIJEtWaHKaf5wv/H5QzzpXusqGemxURZJ",
+				Opaque:   "FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS",
+				QOP:      "auth",
+				Nc:       1,
+			},
+		},
 	}
-	chal := &Challenge{
-		Realm:     "[email protected]",
-		Nonce:     "7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v",
-		Algorithm: "MD5",
-		Opaque:    "FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS",
-		QOP:       []string{"auth", "auth-int"},
+	for _, tt := range tests {
+		t.Run("", func(t *testing.T) {
+			cred, err := Digest(tt.chal, tt.opt)
+			assert.NilError(t, err)
+			assert.DeepEqual(t, cred, tt.cred)
+		})
 	}
-	cred, err := Digest(chal, opt)
-	assert.NilError(t, err)
-	assert.DeepEqual(t, cred, &Credentials{
-		Username:  "Mufasa",
-		Realm:     "[email protected]",
-		Nonce:     "7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v",
-		URI:       "/dir/index.html",
-		Response:  "8ca523f5e9506fed4657c9700eebdbec",
-		Algorithm: "MD5",
-		Cnonce:    "f2/wE4q74E6zIJEtWaHKaf5wv/H5QzzpXusqGemxURZJ",
-		Opaque:    "FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS",
-		QOP:       "auth",
-		Nc:        1,
-	})
 }
 
 func TestDigestSHA256(t *testing.T) {