tests: Handling of multiple available Digest Auth strategies + Opting-in

deve-sh · deve-sh · commit 374fe12999b5 · 2025-09-30T20:02:30.000+05:30
diff --git a/test/fixtures/servers/_servers.js b/test/fixtures/servers/_servers.js
@@ -669,7 +669,8 @@ function createDigestServer (options) {
         expectedUsername = options.username || 'username',
         expectedPassword = options.password || 'password';
 
-    passport.use(new DigestStrategy({ qop: 'auth' },
+    // Register Digest strategies for MD5 and SHA-256
+    passport.use('digest-md5', new DigestStrategy({ qop: 'auth', algorithm: 'MD5' },
         function (username, done) {
             if (username !== expectedUsername) {
                 return done(null, false);
@@ -678,8 +679,30 @@ function createDigestServer (options) {
             return done(null, username, expectedPassword);
         }));
 
+    passport.use('digest-sha256', new DigestStrategy({ qop: 'auth', algorithm: 'SHA-256' },
+        function (username, done) {
+            if (username !== expectedUsername) {
+                return done(null, false);
+            }
+
+            return done(null, username, expectedPassword);
+        }));
+
+    app.use((req, res, next) => {
+        if (!req.headers.authorization) {
+            res.status(401);
+            res.set('WWW-Authenticate',
+                'Digest realm="Users", qop="auth", algorithm="MD5", nonce="md5nonce"');
+            res.append('WWW-Authenticate',
+                'Digest realm="Users", qop="auth", algorithm="SHA-256", nonce="sha256nonce"');
+
+            return res.send('Unauthorized');
+        }
+        next();
+    });
+
     app.all('*',
-        passport.authenticate('digest', { session: false }),
+        passport.authenticate(['digest-md5', 'digest-sha256'], { session: false }),
         function (req, res) {
             res.send(req.users);
         });
diff --git a/test/integration/auth-methods/digest.test.js b/test/integration/auth-methods/digest.test.js
@@ -1031,4 +1031,71 @@ describe('digest auth', function () {
             expect(secondCall.args[2]).to.have.property('code', 200);
         });
     });
+
+    describe('with opted-in algorithm other than the default (md5)', function () {
+        before(function (done) {
+            var runOptions = {
+                collection: {
+                    item: {
+                        name: 'DigestAuth',
+                        request: {
+                            url: global.servers.digest,
+                            auth: {
+                                type: 'digest',
+                                digest: {
+                                    algorithm: 'SHA-256',
+                                    username: '{{uname}}',
+                                    password: '{{pass}}'
+                                }
+                            }
+                        }
+                    }
+                },
+                environment: {
+                    values: [{
+                        key: 'uname',
+                        value: USERNAME
+                    }, {
+                        key: 'pass',
+                        value: PASSWORD
+                    }]
+                }
+            };
+
+            // perform the collection run
+            this.run(runOptions, function (err, results) {
+                testrun = results;
+                done(err);
+            });
+        });
+
+        it('should have completed the run', function () {
+            expect(testrun).to.be.ok;
+            expect(testrun).to.nested.include({
+                'done.callCount': 1
+            });
+            testrun.done.getCall(0).args[0] && console.error(testrun.done.getCall(0).args[0].stack);
+            expect(testrun.done.getCall(0).args[0]).to.be.null;
+            expect(testrun).to.nested.include({
+                'start.callCount': 1
+            });
+        });
+
+        it('should have tried twice and succeeded the second time', function () {
+            expect(testrun).to.nested.include({
+                'io.callCount': 2,
+                'request.callCount': 2
+            });
+
+            var firstError = testrun.io.firstCall.args[0],
+                secondError = testrun.io.secondCall.args[0],
+                firstResponse = testrun.io.firstCall.args[3],
+                secondResponse = testrun.io.secondCall.args[3];
+
+            expect(firstError).to.be.null;
+            expect(secondError).to.be.null;
+            expect(firstResponse).to.have.property('code', 401);
+            expect(secondResponse).not.to.have.property('code', 401);
+        });
+    });
 });
