ktor摘要认证

Question

我想使用这种方法来验证我的应用程序中的客户机/服务器通信，但是我不知道为什么会出错。代码在超级简单和来自原来的ktor的例子。

服务器：

val myRealm = "Access to the '/' path"
val userTable: Map<String, ByteArray> = mapOf(
    "jetbrains" to getMd5Digest("jetbrains:$myRealm:foobar"),
    "admin" to getMd5Digest("admin:$myRealm:password")


fun Application.configureSecurity() {

    install(Authentication) {

        digest("myDigestAuth") {
            digestProvider { userName, realm ->
                userTable[userName]
            }
        }
    }

    routing {
        authenticate("myDigestAuth") {
            get("/protected/route/digest") {
                val principal = call.principal<UserIdPrincipal>()!!
                call.respondText("Hello ${principal.name}")
            }
        }
    }
}

客户端：

val client = HttpClient(CIO) {
    install(Logging) {
        logger = Logger.DEFAULT
        level = LogLevel.HEADERS
    }
    install(Auth) {
        digest {
            credentials {
                DigestAuthCredentials(username = "jetbrains", password = "foobar")
            }
            realm = myRealm
        }
    }
}
val response: HttpResponse =   client.get("http://0.0.0.0:8080/protected/route/digest")

在这里，来文的日志：

[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - REQUEST: http://0.0.0.0:8080/protected/route/digest
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - METHOD: HttpMethod(value=GET)
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - COMMON HEADERS
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - -> Accept: */*
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - -> Accept-Charset: UTF-8
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - CONTENT HEADERS
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - -> Content-Length: 0
[ktor-jetty-8080-1] INFO  ktor.application - 401 Unauthorized: GET - /protected/route/digest
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - RESPONSE: 401 Unauthorized
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - METHOD: HttpMethod(value=GET)
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - FROM: http://0.0.0.0:8080/protected/route/digest
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - COMMON HEADERS
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - -> Content-Length: 0
[DefaultDispatcher-worker-1] INFO  io.ktor.client.HttpClient - -> WWW-Authenticate: Digest realm="Ktor Server", nonce="ce825e23d3275f40", algorithm="MD5"

这就是客户端客户端立即失败的原因：

Exception in thread "main" io.ktor.client.features.ClientRequestException: Client request(http://0.0.0.0:8080/protected/route/digest) invalid: 401 Unauthorized. Text: ""
        at io.ktor.client.features.DefaultResponseValidationKt$addDefaultResponseValidation$1$1.invokeSuspend(DefaultResponseValidation.kt:47)
        at io.ktor.client.features.DefaultResponseValidationKt$addDefaultResponseValidation$1$1.invoke(DefaultResponseValidation.kt)
        at io.ktor.client.features.DefaultResponseValidationKt$addDefaultResponseValidation$1$1.invoke(DefaultResponseValidation.kt)
        at io.ktor.client.features.HttpCallValidator.validateResponse(HttpCallValidator.kt:54)
        at io.ktor.client.features.HttpCallValidator.access$validateResponse(HttpCallValidator.kt:33)
        at io.ktor.client.features.HttpCallValidator$Companion$install$3.invokeSuspend(HttpCallValidator.kt:133)
        at io.ktor.client.features.HttpCallValidator$Companion$install$3.invoke(HttpCallValidator.kt)
        at io.ktor.client.features.HttpCallValidator$Companion$install$3.invoke(HttpCallValidator.kt)
        at io.ktor.client.features.HttpSend$Feature$install$1.invokeSuspend(HttpSend.kt:96)
        at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
        at io.ktor.util.pipeline.SuspendFunctionGun.resumeRootWith(SuspendFunctionGun.kt:191)
        at io.ktor.util.pipeline.SuspendFunctionGun.loop(SuspendFunctionGun.kt:147)
        at io.ktor.util.pipeline.SuspendFunctionGun.access$loop(SuspendFunctionGun.kt:15)
        at io.ktor.util.pipeline.SuspendFunctionGun$continuation$1.resumeWith(SuspendFunctionGun.kt:93)
        at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:46)
        at io.ktor.util.pipeline.SuspendFunctionGun.resumeRootWith(SuspendFunctionGun.kt:191)
        at io.ktor.util.pipeline.SuspendFunctionGun.loop(SuspendFunctionGun.kt:147)
        at io.ktor.util.pipeline.SuspendFunctionGun.access$loop(SuspendFunctionGun.kt:15)
        at io.ktor.util.pipeline.SuspendFunctionGun$continuation$1.resumeWith(SuspendFunctionGun.kt:93)
        at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:46)
        at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
        at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:571)
        at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750)
        at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:678)
        at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:665)

不知道它是否正确和/或与错误有关.但是，我期望在来自服务器的头文件中按照代码“访问'/‘路径”而不是"Ktor服务器“中的设置获得”领域“。

Answer 1

在设置服务器时，您缺少了以下内容：

install(Authentication) {

    digest("myDigestAuth") {
        realm = myRealm // This part is missing from your code
        digestProvider { userName, realm ->
            userTable[userName]
        }
    }
}

参考资料：https://ktor.io/docs/digest.html#configure-provider

如果没有此操作，服务器将使用默认的领域("Ktor服务器“)，并且客户端没有该领域的凭据。