selecting proxy authentication type

[stefankuhr]

Hello everyone,

we are using the cpp rest sdk (currently version 2.4) in an http client using ssl within a bigger project where we allow users to specify ip and port of a proxy server and in addition the authentication method they want to use/allow (basic or ntlm). It seems like the authentication method within the rest sdk is done automatically (ChooseAuthScheme in http_client_winhttp.cpp) depending on the capabilities of the proxy server. So in our scenario it is possible for our users to (erroneously) specify IP and port address of a server that only allows basic auth while specifying ntlm as their only and preferred auth method. However, the cpp rest sdk code will happily detect that the proxy server that the user chose only supports basic auth and so it will use basic auth and reveal users' credentials. Is there a way to use the http client functionality in such a way that we can specify not only ip address, port and proxy credentials but also to specify the authentication method we prefer, so that a client call will fail if the server doesn't support the auth method we specified?

Any help appreciated,

Stefan Kuhr

[ras0219-msft]

This is a good scenario that we currently don't have any APIs for.

I think the easiest way to quickly add this in would be to pipe another parameter through the http_client_config object, then use the property inside handle_authentication_failure to filter the allowed auth schemes.

My concern with adding that as an official API is portability to our boost::asio implementation. I would imagine that asio has the capability for this, but I don't know for sure. It would need further investigation.