Support digest authentication

[cweiske]

It would be nice if volley would support HTTP digest authentication (RFC 7616).

[jpd236]

Thanks for the request. AIUI, digest authentication is fairly rarely seen in real-world use cases - it's pretty surprising to see it being used in new APIs rather than just using https with a simpler authentication mechanism. I think we'd need more demand for this before opting to build it into Volley itself.

That said, if there's a limitation in Volley's API design that prevents a developer from being able to implement digest authentication on top of the baseline implementation (without having to make patches to the library itself), then we could more easily consider making changes to support that as appropriate.

I think your best bet here would be to use an underlying HttpStack implementation that supports digest authentication directly. For example, you could put together an HttpStack on top of OkHttp (something like https://gist.github.com/LOG-TAG/3ad1c191b3ca7eab3ea6834386e30eb9 - haven't audited this myself but found it on a quick search), and then use something like https://github.com/rburgst/okhttp-digest to create an OkHttpClient which supports digest authentication. Then you can use Volley's APIs as before, and the requests will use the custom authenticator under the covers.

I'll leave this open as a potential longer-term request, but I wouldn't anticipate it being added any time soon in light of the above.

[cweiske]

My use case is an IoT device (power socket switch). Exchanging and updating ssl certificates on such devices is ... non-trivial.