Hi, Has anyone attempted to do a challenge-response / digest authentication implementation for GRPC? Our current services use a token and HTTP Digest authentication to prove ownership of the token's associated secret without passing it over the wire.
>From what I see in the examples, most of the available authentication samples is using bearer tokens. We have locally built a server side interceptor (using the Java API) that does digest authentication based on metadata in headers. The client side interceptor also has been created but it does not have transparent retry capability (e.g. if the nonce expires or on initial request). My questions are: * Is this a good way of doing challenge/response over GRPC? * Is it possible in the Java API to have an interceptor that can retry requests transparently? Your input is greatly appreciated. Thanks, William -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+unsubscr...@googlegroups.com. To post to this group, send email to grpc-io@googlegroups.com. Visit this group at https://groups.google.com/group/grpc-io. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/CADExRQaCjmLk7jAvn5fUq9hm%3DhYVRBeBpWSMbqMoJdR6YinNbg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
