I find  httpbin.org a useful resource to test this kind of thing [1] and [2]
/Andy

[1] http://httpbin.org/#/Auth/get_basic_auth__user___passwd_
[2] http://httpbin.org/basic-auth/user1/mypass

On Wed, 2 Feb 2022 at 16:58, Christian Grün <christian.gruen@gmail.com> wrote:
Good to hear; so at least Digest is detected at this stage ;)


Tim Thompson <timathom@gmail.com> schrieb am Mi., 2. Feb. 2022, 17:54:
With "digest" I get: "[experr:HC0004] Invalid authentication method: digest."

--
Tim A. Thompson
Metadata Librarian
Yale University Library

On Wed, Feb 2, 2022 at 11:52 AM Christian Grün <christian.gruen@gmail.com> wrote:
Yes, it should still be supported. I assume it doesn't make a difference if you use "Digest" or "digest"?



Tim Thompson <timathom@gmail.com> schrieb am Mi., 2. Feb. 2022, 17:48:
Thanks, Christian. Right, that wasn't a working example. The server I'm querying is behind a firewall, so I can't really reproduce the issue unfortunately.

The BaseX documentation states that the HTTP client does support Digest authentication. However, I did some poking around using Wireshark and limited knowledge of network traffic. When I run the request in curl, the expected protocol is played out, and I see the evidence in Wireshark:

(1) The server responds with "401 Unauthorized" and provides the nonce value.
(2) The client (curl) then does its business (supplies the username and password, resends the request, etc.)

But when I submit the request via BaseX, it never gets past step (1). It never seems to send the username and password at all. Is Digest authentication still supported?

Best,
Tim


--
Tim A. Thompson
Metadata Librarian
Yale University Library


On Wed, Feb 2, 2022 at 10:13 AM Christian Grün <christian.gruen@gmail.com> wrote:
Hi Tim,

Difficult to tell; both the curl and the XQuery variants give me 404.
Do you think you could provide us with an example that works out of
the box?

Best,
Christian



On Wed, Feb 2, 2022 at 12:54 AM Tim Thompson <timathom@gmail.com> wrote:
>
> Hello,
>
> I'm trying to post a SPARQL query to an endpoint using Digest authentication with the HTTP client.
>
> The query works fine using curl:
>
> curl --digest --user user:pass -X POST -d@'test.rq' \
>     -H "Content-type: application/sparql-query" \
>     'http://example.org/sparql'
>
> But the equivalent request in BaseX fails with 401 Unauthorized:
>
> let $endpoint := "http://example.org/sparql"
> let $user := "user"
> let $pass := "pass"
> let $type := "application/sparql-query"
>
> let $response := (
>   http:send-request(
>     <http:request
>         method="POST"
>         href="{$endpoint}"
>         username="{$user}"
>         password="{$pass}"
>         auth-method="Digest"
>         send-authorization="true">
>         <http:header
>             name="Content-Type"
>             value="{$type}; charset=utf-8"/>
>         <http:body
>             media-type="{$type}">{
>             ``[
>               select * where {?s ?p ?o} limit 1
>             ]``
>           }</http:body>
>     </http:request>
>   )
> )
> return
>   $response
>
> Any ideas about what might be causing the BaseX HTTP client to be denied here?
>
> Thanks in advance,
> Tim
>
>
> --
> Tim A. Thompson
> Metadata Librarian
> Yale University Library
>