Modified ESP8266WebServer (#6020)

-Expose HTTP Digest authentication with H1 hash as the argument
-Preserved HTTP authentication with username/password arguments
-Added a public  static function for generating the H1 hash
-Created an example of how to use this called HttpHashCredAuth.ino

libraries/ESP8266WebServer/src/ESP8266WebServer.cpp

@@ -140,6 +140,20 @@ bool ESP8266WebServer::authenticate(const char * username, const char * password
       delete[] toencode;
       delete[] encoded;
     } else if(authReq.startsWith(F("Digest"))) {
+      String _realm    = _extractParam(authReq, F("realm=\""));
+      String _H1 = credentialHash((String)username,_realm,(String)password);
+      return authenticateDigest((String)username,_H1);
+    }
+    authReq = "";
+  }
+  return false;
+}
+
+bool ESP8266WebServer::authenticateDigest(const String& username, const String& H1)
+{
+  if(hasHeader(FPSTR(AUTHORIZATION_HEADER))) {
+    String authReq = header(FPSTR(AUTHORIZATION_HEADER));
+    if(authReq.startsWith(F("Digest"))) {
       authReq = authReq.substring(7);
       #ifdef DEBUG_ESP_HTTP_SERVER
       DEBUG_OUTPUT.println(authReq);
@@ -170,14 +184,10 @@ bool ESP8266WebServer::authenticate(const char * username, const char * password
         _nc = _extractParam(authReq, F("nc="), ',');
         _cnonce = _extractParam(authReq, F("cnonce=\""));
       }
-      MD5Builder md5;
-      md5.begin();
-      md5.add(String(username) + ':' + _realm + ':' + String(password));  // md5 of the user:realm:user
-      md5.calculate();
-      String _H1 = md5.toString();
       #ifdef DEBUG_ESP_HTTP_SERVER
-      DEBUG_OUTPUT.println("Hash of user:realm:pass=" + _H1);
+      DEBUG_OUTPUT.println("Hash of user:realm:pass=" + H1);
       #endif
+      MD5Builder md5;
       md5.begin();
       if(_currentMethod == HTTP_GET){
         md5.add(String(F("GET:")) + _uri);
@@ -197,9 +207,9 @@ bool ESP8266WebServer::authenticate(const char * username, const char * password
       #endif
       md5.begin();
       if(authReq.indexOf(FPSTR(qop_auth)) != -1 || authReq.indexOf(FPSTR(qop_auth_quoted)) != -1) {
-        md5.add(_H1 + ':' + _nonce + ':' + _nc + ':' + _cnonce + F(":auth:") + _H2);
+        md5.add(H1 + ':' + _nonce + ':' + _nc + ':' + _cnonce + F(":auth:") + _H2);
       } else {
-        md5.add(_H1 + ':' + _nonce + ':' + _H2);
+        md5.add(H1 + ':' + _nonce + ':' + _H2);
       }
       md5.calculate();
       String _responsecheck = md5.toString();
@@ -478,6 +488,14 @@ void ESP8266WebServer::sendContent_P(PGM_P content, size_t size) {
   }
 }
 
+String ESP8266WebServer::credentialHash(const String& username, const String& realm, const String& password)
+{
+  MD5Builder md5;
+  md5.begin();
+  md5.add(username + ":" + realm + ":" + password);  // md5 of the user:realm:password
+  md5.calculate();
+  return md5.toString();
+}
 
 void ESP8266WebServer::_streamFileCore(const size_t fileSize, const String & fileName, const String & contentType)
 {

libraries/ESP8266WebServer/src/ESP8266WebServer.h

@@ -82,6 +82,7 @@ public:
   void stop();
 
   bool authenticate(const char * username, const char * password);
+  bool authenticateDigest(const String& username, const String& H1);
   void requestAuthentication(HTTPAuthMethod mode = BASIC_AUTH, const char* realm = NULL, const String& authFailMsg = String("") );
 
   typedef std::function<void(void)> THandlerFunction;
@@ -127,6 +128,8 @@ public:
   void sendContent_P(PGM_P content);
   void sendContent_P(PGM_P content, size_t size);
 
+  static String credentialHash(const String& username, const String& realm, const String& password);
+
   static String urlDecode(const String& text);
 
   template<typename T>