Login does not accept digest auth from proxy

RETS URL: http://gamls-rets.paragonrels.com/ret... User name: HOUSECANRET

I have python code that looks like this:

#!/usr/bin/env python
import logging
import os
    import httplib
except ImportError:
    import http.client as httplib
    httplib.HTTPConnection.debuglevel = 2

import requests
from requests.auth import HTTPDigestAuth

requests_log = logging.getLogger("requests.packages.urllib3")
requests_log.propagate = True

URL = 'http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2'
username = os.getenv('TEST_USERNAME')
password = os.getenv('TEST_PASSWORD')

if username and password:
    resp = requests.get(URL, auth=HTTPDigestAuth(username, password))
    print('Status code: {}'.format(resp.status_code))
    print('Cookies: {}'.format(resp.cookies))
    print('Headers: {}'.format(resp.headers))
    print('Content: {}'.format(resp.content))
    print('Need env-vars TEST_USERNAME and TEST_PASSWORD')

I invoke from the command line like this:

TEST_USERNAME=<...> TEST_PASSWORD=<...> python paragon-test.py

When I run from my MBP, I get 200. From Amazon EC2 with a proxy, I get 401:

INFO:urllib3.connectionpool:Starting new HTTP connection (1): proxy.dev.df.housecanary.net
send: 'GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1\r\nHost: gamls-rets.paragonrels.com\r\nConnection: keep-alive\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nUser-Agent: python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-1160.11.1.el7.x86_64\r\n\r\n'
reply: 'HTTP/1.1 401 Unauthorized\r\n'
header: Cache-Control: private
header: Content-Type: text/html
header: Expires: Mon, 01 Jan 0001 00:00:00 GMT
header: X-AspNetMvc-Version: 5.2
header: RETS-Server: RETS-Paragon/1.0
header: RETS-Version: RETS/1.7.2
header: WWW-Authenticate: Basic realm="GAMLS"
header: X-Server: A140-02
header: Date: Tue, 12 Jan 2021 01:39:36 GMT
header: Content-Length: 1293
header: X-Cache: MISS from i-0d4cd95729453d181.dev.df.housecanary.net
header: X-Cache-Lookup: MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128
header: Via: 1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)
header: Connection: keep-alive
DEBUG:urllib3.connectionpool:"GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1" 401 1293
Status code: 401
Cookies: <<class 'requests.cookies.RequestsCookieJar'>[]>
Headers: {'content-length': '1293', 'via': '1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)', 'x-cache': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net', 'x-aspnetmvc-version': '5.2', 'x-cache-lookup': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128', 'rets-server': 'RETS-Paragon/1.0', 'expires': 'Mon, 01 Jan 0001 00:00:00 GMT', 'connection': 'keep-alive', 'rets-version': 'RETS/1.7.2', 'x-server': 'A140-02', 'cache-control': 'private', 'date': 'Tue, 12 Jan 2021 01:39:36 GMT', 'content-type': 'text/html', 'www-authenticate': 'Basic realm="GAMLS"'}

It looks to me as if the request for digest auth is actually doing basic auth but I can't see why that would be so.

This is related to the previous issue: http://vendorsupport.paragonrels.com/...

2021-01-12: This issue can be replicated locally by adding a forwarding header to the GET:

resp = requests.get(
    auth=HTTPDigestAuth(username, password),
    headers={'x-forwarded-for': ''},
hughdbrown's avatar
asked 2021-01-11 19:44:09 -0500, updated 2021-01-12 10:39:04 -0500
edit flag offensive 0 remove flag close merge delete


You can try HTTPS with basic authentication and see if that works.

bwolven's avatar bwolven (2021-01-12 17:40:09 -0500) edit

Basic Auth works. We want to go Digest Auth because of sharing sessions, rate limits, etc. Also, as in the cited previous issue, Digest Auth used to work for us.

hughdbrown's avatar hughdbrown (2021-01-14 12:28:25 -0500) edit
add a comment see more comments