Jump to content

Welcome to Smart Home Forum by FIBARO

Dear Guest,

 

as you can notice parts of Smart Home Forum by FIBARO is not available for you. You have to register in order to view all content and post in our community. Don't worry! Registration is a simple free process that requires minimal information for you to sign up. Become a part of of Smart Home Forum by FIBARO by creating an account.

 

As a member you can:

  •     Start new topics and reply to others
  •     Follow topics and users to get email updates
  •     Get your own profile page and make new friends
  •     Send personal messages
  •     ... and learn a lot about our system!

 

Regards,

Smart Home Forum by FIBARO Team


  • 0

HC2 Digest authentication for HIKVISION


darylmcclure

Question

Hi,

 

I'm wondering if anyone else has managed to Digest Authenticate using HC2.

 

I found this useful link

 

Please login or register to see this link.

 

but haven't managed to get the HC2 to successfully connect.

 

It correctly reads the 'WWW-Authenticate' challenge details

 

[DEBUG] 21:35:48: Digest HeaderWWW-Authenticate = Digest qop="auth", realm="DS-0AAC0497", nonce="NTZmMWY1MmEzNDY2N2FhODdhMWIwZTQ3NTRhY2ZhMWU=", stale="false", opaque="", domain="::"

 

and constructs a response and tries again with the corresponding header

 

[DEBUG] 21:35:49: HTTP Header: Authorization: Digest username="xxxx", realm="DS-0AAC0497", nonce="NTZmMWY1MmEzNDY2N2FhODdhMWIwZTQ3NTRhY2ZhMWU=", uri="/ISAPI/VideoIntercom/callStatus?format=json", qop=auth, nc=00000001, cnonce="63148d94", response="xxxxxxxx", opaque=""
 

bundle this together in what seems to be the correct header format

 

      local digestHeaders = {
       -- ["Content-Type"] = "application/json",
       -- ["accept"] = "*/*",
        ["Authorization"] = 'Digest username="'..username..'", '
                            .. 'realm="' .. params.realm .. '", '
                            .. 'nonce="' .. params.nonce .. '", '
                            .. 'uri="' .. path .. '", '
                            .. 'qop=auth, nc=00000001, ' 
                            .. 'cnonce="' .. cnonce .. '", '
                            .. 'response="' .. res .. '", '
                            .. 'opaque="' .. params.opaque .. '"' --, '
                            --.. 'algorithm=MD5'
      }
      HttpRequest(method, url, data, digestHeaders, callback) 
 

but the second HttpRequest fails to authenticate, it returns 401

 

Just to confirm

 

1) the HIKVISION unit is working fine I can happily connect to the HIKVISION door station from a terminal:

 

curl -v  --digest -u user:password  "http://x.x.x.x/ISAPI/VideoIntercom/callStatus?format=json"

 

or from Python using 'requests', so I know the HIKVISION unit is working.

 

2) I'm confident the Digest response generated by the LUA code in the implementation in the link above is correct, I confirmed this by overriding the Python requests method HTTPDigestAuth to allow me to specify the initial challenge and define the cnonce to match what I see in the initial challenge received by the HC2 LUA code.

 

Baffled from here and am wondering if there's a formatting, encoding, or other issue with the header I need to return.

 

I also had a look at the HC3 code provided by TInman here

 

Please login or register to see this link.

 

Please login or register to see this attachment.

 

the logic look similar to the HC2 equivalent in the url posted above and the header construction looks the same too.

 

Any help or pointers on this would be most appreciated.

 

Thanks

 

 

Link to comment
Share on other sites

1 answer to this question

Recommended Posts

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...