rollsroyc3/gist:6869880

## gistfile1.js
//HTTP Digest Authentication
//---------------------------
//Step 1: Send request to server with no credentials
//Step 2: Get 410 response with Www-Authenticate header containing Digest variables and do magic
//Step 3: Send back request with new magical header
//Step 4: Receive original request data
==================================================


function parseAuthenticationResponse(h) {
  	//Ti.API.info(headers['Www-Authenticate']);
	var auth = {
		headers : {}
	};
	var scre = /^\w+/;
	var scheme = scre.exec(h);
	auth.scheme = scheme[0];

	var nvre = /(\w+)=['"]([^'"]+)['"]/g;
	var pairs = h.match(nvre);

	var vre = /(\w+)=['"]([^'"]+)['"]/;
	var i = 0;
	for (; i < pairs.length; i++) {
		var v = vre.exec(pairs[i]);
		if (v) {
			auth.headers[v[1]] = v[2];
		}
	}
	return auth;
}

module.exports.httpClient = function(requestType, url, inParams, postData, header, callback) {
	var xhr = Titanium.Network.createHTTPClient();
	xhr.onload = function() {
		xhr = null;
    		//Step 4: Receive original request data
		callback({
			result : JSON.parse(this.responseText),
			message : 'Success'
		});
	};

	xhr.onerror = function(e) {
		alert('Sorry, there appears to be a problem with your device\'s connection to the internet.\n\nPlease turn off Airplane mode or use Wi-Fi to access data.');
		xhr = null;
		callback({
			result : 0,
			message : 'Connection Error'
		});
	};

	xhr.setTimeout(20000);
	var encodedURI = encodeURI(url);
	xhr.open(requestType, encodedURI);

	xhr.setRequestHeader('Content-Type', 'application/json; charset=utf-8');
	header && xhr.setRequestHeader("Authorization", header);

	if (requestType == "POST" && postData != "") {
		xhr.send(postData);
	} else {
		xhr.send();
	}
};

module.exports.httpClientDigest = function(requestType, url, inParams, postData, callback) {
	var xhr = Titanium.Network.createHTTPClient();
	xhr.onload = function() {
		xhr = null;
		callback({
			result : JSON.parse(this.responseText),
			message : 'Success'
		});
	};

	xhr.onerror = function(e) {
		if (this.status == 401) {
      			//Step 2: Get 401 response and do work
			var headers = this.getResponseHeaders();
			var tokensObj = parseAuthenticationResponse(headers['Www-Authenticate']);

			//NOTE : some servers will require a unique cnonce everytime
			tokensObj.headers["cnonce"] = 'bd5fd9b093dccaa1';
			tokensObj.headers["nc"] = '00000001';
			tokensObj.headers["algorithm"] = 'MD5';
			tokensObj.headers["method"] = 'GET';
			tokensObj.headers["domain"] = '/';
			//tokensObj["domain"] = '/GEM/api/survey/allAvailable'

			var HA1 = Ti.Utils.md5HexDigest(Ti.App.Properties.getString('user', '') + ':' + tokensObj.headers["realm"] + ':' + Ti.App.Properties.getString('pass', ''));
			var HA2 = Ti.Utils.md5HexDigest(tokensObj.headers["method"] + ':' + tokensObj.headers["domain"]);
			var authResponse = Ti.Utils.md5HexDigest(HA1 + ':' + tokensObj.headers["nonce"] + ':' + tokensObj.headers["nc"] + ':' + tokensObj.headers["cnonce"] + ':' + tokensObj.headers["qop"] + ':' + HA2);
			var responseContentHeader = 'Digest username="' + Ti.App.Properties.getString('user', '') + '"' + ', realm="' + tokensObj.headers["realm"] + '"' + ', nonce="' + tokensObj.headers["nonce"] + '"' + ', uri="' + tokensObj.headers["domain"] + '"' + ', algorithm="' + tokensObj.headers["algorithm"] + '"' + ', response="' + authResponse + '"' + ', qop="' + tokensObj.headers["qop"] + '"' + ', nc=' + tokensObj.headers["nc"] + ', cnonce="' + tokensObj.headers["cnonce"] + '"';

      			//Step 3: Send response back with new header
			exports.httpClient(requestType, url, inParams, postData, responseContentHeader, callback);
		} else {
			alert('Error!');
		}
	};

	var encodedURI = encodeURI(url);
	xhr.open(requestType, encodedURI);
	xhr.setRequestHeader('Content-Type', 'application/json; charset=utf-8');

	if (requestType == "POST" && postData != "") {
		xhr.send(postData);
	} else {
		xhr.send();
	}
};


//Step 1: Call method and send request
exports.httpClientDigest('GET', url, '', '', function(e){
  alert(e);
});
	//HTTP Digest Authentication
	//---------------------------
	//Step 1: Send request to server with no credentials
	//Step 2: Get 410 response with Www-Authenticate header containing Digest variables and do magic
	//Step 3: Send back request with new magical header
	//Step 4: Receive original request data
	==================================================



	function parseAuthenticationResponse(h) {
	//Ti.API.info(headers['Www-Authenticate']);
	var auth = {
	headers : {}
	};
	var scre = /^\w+/;
	var scheme = scre.exec(h);
	auth.scheme = scheme[0];

	var nvre = /(\w+)=['"]([^'"]+)['"]/g;
	var pairs = h.match(nvre);

	var vre = /(\w+)=['"]([^'"]+)['"]/;
	var i = 0;
	for (; i < pairs.length; i++) {
	var v = vre.exec(pairs[i]);
	if (v) {
	auth.headers[v[1]] = v[2];
	}
	}
	return auth;
	}

	module.exports.httpClient = function(requestType, url, inParams, postData, header, callback) {
	var xhr = Titanium.Network.createHTTPClient();
	xhr.onload = function() {
	xhr = null;
	//Step 4: Receive original request data
	callback({
	result : JSON.parse(this.responseText),
	message : 'Success'
	});
	};

	xhr.onerror = function(e) {
	alert('Sorry, there appears to be a problem with your device\'s connection to the internet.\n\nPlease turn off Airplane mode or use Wi-Fi to access data.');
	xhr = null;
	callback({
	result : 0,
	message : 'Connection Error'
	});
	};

	xhr.setTimeout(20000);
	var encodedURI = encodeURI(url);
	xhr.open(requestType, encodedURI);

	xhr.setRequestHeader('Content-Type', 'application/json; charset=utf-8');
	header && xhr.setRequestHeader("Authorization", header);

	if (requestType == "POST" && postData != "") {
	xhr.send(postData);
	} else {
	xhr.send();
	}
	};

	module.exports.httpClientDigest = function(requestType, url, inParams, postData, callback) {
	var xhr = Titanium.Network.createHTTPClient();
	xhr.onload = function() {
	xhr = null;
	callback({
	result : JSON.parse(this.responseText),
	message : 'Success'
	});
	};

	xhr.onerror = function(e) {
	if (this.status == 401) {
	//Step 2: Get 401 response and do work
	var headers = this.getResponseHeaders();
	var tokensObj = parseAuthenticationResponse(headers['Www-Authenticate']);

	//NOTE : some servers will require a unique cnonce everytime
	tokensObj.headers["cnonce"] = 'bd5fd9b093dccaa1';
	tokensObj.headers["nc"] = '00000001';
	tokensObj.headers["algorithm"] = 'MD5';
	tokensObj.headers["method"] = 'GET';
	tokensObj.headers["domain"] = '/';
	//tokensObj["domain"] = '/GEM/api/survey/allAvailable'

	var HA1 = Ti.Utils.md5HexDigest(Ti.App.Properties.getString('user', '') + ':' + tokensObj.headers["realm"] + ':' + Ti.App.Properties.getString('pass', ''));
	var HA2 = Ti.Utils.md5HexDigest(tokensObj.headers["method"] + ':' + tokensObj.headers["domain"]);
	var authResponse = Ti.Utils.md5HexDigest(HA1 + ':' + tokensObj.headers["nonce"] + ':' + tokensObj.headers["nc"] + ':' + tokensObj.headers["cnonce"] + ':' + tokensObj.headers["qop"] + ':' + HA2);
	var responseContentHeader = 'Digest username="' + Ti.App.Properties.getString('user', '') + '"' + ', realm="' + tokensObj.headers["realm"] + '"' + ', nonce="' + tokensObj.headers["nonce"] + '"' + ', uri="' + tokensObj.headers["domain"] + '"' + ', algorithm="' + tokensObj.headers["algorithm"] + '"' + ', response="' + authResponse + '"' + ', qop="' + tokensObj.headers["qop"] + '"' + ', nc=' + tokensObj.headers["nc"] + ', cnonce="' + tokensObj.headers["cnonce"] + '"';

	//Step 3: Send response back with new header
	exports.httpClient(requestType, url, inParams, postData, responseContentHeader, callback);
	} else {
	alert('Error!');
	}
	};

	var encodedURI = encodeURI(url);
	xhr.open(requestType, encodedURI);
	xhr.setRequestHeader('Content-Type', 'application/json; charset=utf-8');

	if (requestType == "POST" && postData != "") {
	xhr.send(postData);
	} else {
	xhr.send();
	}
	};



	//Step 1: Call method and send request
	exports.httpClientDigest('GET', url, '', '', function(e){
	alert(e);
	});