Get cUrl to preemptively send Authorization header for DIGEST authentication in PHP

3k views Asked by At

We have a PHP page (actually a WordPress plugin) which makes calls to a REST API with DIGEST authentication. The curl handle is created on a per request basis, given authorisation credentials and successfully authenticates.

PROBLEM:

Under the hood, Curl is sending two requests. The first fails with a 401 and a challenge, the second contains an Authorization header and succeeds (200)

Upon subsequent API calls cUrl continues to send two requests. This seems inefficient, causing 2 x network latency to be added to the duration of the operation.

How do we cause cURL to "pre-emptively authenticate" (example) future requests?

Does Curl Multi have this feature?

1

There are 1 answers

0
deltheil On

You must re-use the same curl handle: see this similar question for more details.

As far as the multi interface is concerned you also need to explicitly reuse each handle to leverage the Digest Access Authentication request counter, i.e. with the C API in mind:

  1. remove your handle from the multi handle with curl_multi_remove_handle
  2. reset it with curl_easy_reset
  3. set the options for the next call
  4. re-add it into the multi handle with curl_multi_add_handle