Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

is digest authentication supposed to work? #1486

Open
cmm opened this issue Jun 30, 2024 · 1 comment · May be fixed by #1487
Open

is digest authentication supposed to work? #1486

cmm opened this issue Jun 30, 2024 · 1 comment · May be fixed by #1487
Labels
enhancement

Comments

@cmm
Copy link

cmm commented Jun 30, 2024

I'm trying to get several Livejournal feeds to work properly (don't ask). So let's say there's a URL of the form https://<user>:<password>@<feed-name>.livejournal.com/data/rss/?auth=digest. It works (as in: fetches all recent entries, including protected ones, without an issue) when fed to wget.

Selfoss logs this for the same feed URL:

[2024-06-30 09:11:10] selfoss.ERROR: error loading feed content for <redacted> {"exception":"[object] (Exception(code: 0): Client error: `GET https://<user>:***@<feed-name>.livejournal.com/data/rss/?auth=digest` resulted in a `401 Unauthorized` response:
Digest authentication <b>FAILED</b>!
 at /var/lib/selfoss/src/helpers/FeedReader.php:58)
[stacktrace]
#0 /var/lib/selfoss/src/spouts/rss/feed.php(65): helpers\\FeedReader->load()
#1 /var/lib/selfoss/src/helpers/ContentLoader.php(132): spouts\^Mss\\feed->load()
#2 /var/lib/selfoss/src/helpers/ContentLoader.php(71): helpers\\ContentLoader->fetch()
#3 /var/lib/selfoss/src/controllers/Sources/Update.php(37): helpers\\ContentLoader->update()
#4 /var/lib/selfoss/index.php(40): controllers\\Sources\\Update->updateAll()
#5 [internal function]: {closure}()
#6 /var/lib/selfoss/vendor/bramus/router/src/Bramus/Router/Router.php(458): call_user_func_array()
#7 /var/lib/selfoss/vendor/bramus/router/src/Bramus/Router/Router.php(440): Bramus\\Router\\Router->invoke()
#8 /var/lib/selfoss/vendor/bramus/router/src/Bramus/Router/Router.php(287): Bramus\\Router\\Router->handle()
#9 /var/lib/selfoss/index.php(170): Bramus\\Router\\Router->run()
#10 {main}
"}
@jtojnar jtojnar linked a pull request Jul 3, 2024 that will close this issue
Open
@jtojnar
Copy link
Member

jtojnar commented Jul 3, 2024

Thanks for reporting. This is indeed currently not supported.

We use Guzzle with curl backend and it just defaults to using Basic authentication when credentials are given in the URL, just like curl.

We could set CURLAUTH_ANY flag unconditionally but that might break some sites that support Basic auth using the same URL as unauthenticated (public) feed.

Feel free to apply the following patch if that is not a problem for you: #1487

In the long term, we will probably want to allow overriding Guzzle request options, which would allow stuff like setting per-feed proxy, adding extra headers or disabling certificate validation. It would require an user interface (depends on #1461, and it would either have to be an exhaustive GUI or some kind of JSON+constants raw text input). I am also not sure how it should interact with spouts that do multiple requests (e.g. SimplePie using auto-discovery or Graby).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

helpers\WebClient: Add support for Digest authentication method fossar/selfoss
2 participants
@jtojnar @cmm