Merge branch 'master' into master

Author: bernardbr

.github/workflows/codeql.yml

@@ -0,0 +1,42 @@
+name: "CodeQL - C#"
+
+on:
+  push:
+    branches: [master, main]
+  pull_request:
+    branches: [master, main]
+  schedule:
+    - cron: '0 4 * * 0'  # Runs every Sunday at 4AM
+
+jobs:
+  analyze:
+    name: CodeQL Security Scan
+    runs-on: windows-latest
+
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: '9.x'
+
+      - name: Restore dependencies
+        run: dotnet restore RestSharp.Authenticators.Digest.sln
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: csharp
+
+      - name: Build project
+        run: dotnet build RestSharp.Authenticators.Digest.sln --no-restore --configuration Release
+
+      - name: Run CodeQL analysis
+        uses: github/codeql-action/analyze@v3

RestSharp.Authenticators.Digest.sln

@@ -25,6 +25,13 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "images", "images", "{AB3531
 		images\icon.png = images\icon.png
 	EndProjectSection
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = ".github", ".github", "{E1BF084D-B1BB-4A98-9B19-55A78DD0CBB9}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "workflows", "workflows", "{46506451-F83B-4074-9BF7-D05E3CBB7D05}"
+	ProjectSection(SolutionItems) = preProject
+		.github\workflows\codeql.yml = .github\workflows\codeql.yml
+	EndProjectSection
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -66,6 +73,7 @@ Global
 	GlobalSection(NestedProjects) = preSolution
 		{CBC300D5-B57C-4588-BE2D-26AFF9D102F9} = {1D1F223D-4333-4699-BB10-8E1111DD0D75}
 		{607B2AF3-A2CB-47D3-AA26-B8E79E93A4EE} = {EB4DC82C-C9F5-4745-82A9-D1287A1BBC3F}
+		{46506451-F83B-4074-9BF7-D05E3CBB7D05} = {E1BF084D-B1BB-4A98-9B19-55A78DD0CBB9}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {CFB144EC-8162-4D4F-A173-0E97D11BD3D8}

src/DigestAuthenticator/DigestAuthenticator.csproj

@@ -47,6 +47,6 @@
   </ItemGroup>
   <ItemGroup>
     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="3.1.32" />
-    <PackageReference Include="RestSharp" Version="111.2.0" />
+    <PackageReference Include="RestSharp" Version="112.0.0" />
   </ItemGroup>
 </Project>

src/DigestAuthenticator/DigestAuthenticatorManager.cs

@@ -49,6 +49,10 @@ internal class DigestAuthenticatorManager
     private string? _realm;
 
     private readonly RestClientOptions? _handshakeClientOptions;
+    /// <summary>
+    ///     The opaque that is returned by the first digest request (without the data).
+    /// </summary>
+    private string? _opaque;
 
     static DigestAuthenticatorManager()
     {
@@ -142,6 +146,7 @@ public string GetDigestHeader(string digestUri, Method method)
                $"uri=\"{digestUri}\"," +
                "algorithm=MD5," +
                $"response=\"{digestResponse}\"," +
+               (!string.IsNullOrWhiteSpace(_opaque) ? $"opaque=\"{_opaque}\"," : string.Empty) +
                $"qop={_qop}," +
                $"nc={DigestHeader.NONCE_COUNT:00000000}," +
                $"cnonce=\"{_cnonce}\"";
@@ -196,5 +201,14 @@ private void GetDigestDataFromFailResponse(RestResponse response)
         _realm = digestHeader.Realm;
         _nonce = digestHeader.Nonce;
         _qop = digestHeader.Qop;
+        if (!string.IsNullOrWhiteSpace(_qop) && _qop!.Contains(','))
+        {
+            _qop = _qop!
+                .Split(',')
+                .Select(q => q.Trim())
+                .FirstOrDefault(q => q.Equals("auth", StringComparison.OrdinalIgnoreCase)) // prefer "auth" if the server offered several
+                ?? _qop.Split(',')[0].Trim();
+        }
+        _opaque = digestHeader.Opaque;
     }
 }

src/DigestAuthenticator/DigestHeader.cs

@@ -14,9 +14,11 @@ internal class DigestHeader
 
     public const string REALM = "realm";
 
+    public const string OPAQUE = "opaque";
+
     public const string REGEX_PATTERN =
         "realm=\"(?<realm>.*?)\"|qop=(?:\"(?<qop>.*?)\"|(?<qop>[^\",\\s]+))|nonce=\"(?<nonce>.*?)\"|stale=\"(?<stale>.*?)\"|opaque=\"(?<opaque>.*?)\"|domain=\"(?<domain>.*?)\"";
-
+    
     private static readonly Regex _regex;
 
     static DigestHeader()
@@ -50,6 +52,11 @@ public DigestHeader(string authenticateHeader, ILogger logger)
             {
                 Nonce = m.Groups[NONCE].Value;
             }
+
+            if (m.Groups[OPAQUE].Success)
+            {
+                Opaque = m.Groups[OPAQUE].Value;
+            }
         }
 
         if (AllDataCorrectFilled())
@@ -65,10 +72,11 @@ public DigestHeader(string authenticateHeader, ILogger logger)
     public string? Nonce { get; }
     public string? Qop { get; }
     public string? Realm { get; }
+    public string? Opaque { get; }
 
     public override string ToString()
     {
-        return $"{nameof(Realm)}=\"{Realm}\"&{nameof(Nonce)}=\"{Nonce}\"&{nameof(Qop)}=\"{Qop}\"";
+        return $"{nameof(Realm)}=\"{Realm}\"&{nameof(Nonce)}=\"{Nonce}\"&{nameof(Qop)}=\"{Qop}\"&{nameof(Opaque)}=\"{Opaque}\"";
     }
 
     private bool AllDataCorrectFilled()