Incorrect SHA-512 Digest Authentication algorithm #60
Description
RFC 7616 defines three algorithms for use with HTTP Digest Authentication: MD5, SHA-256, and SHA-512-256. httpbin supports MD5, SHA-256, and SHA-512. The SHA-512 implementation is straight SHA-512, and not SHA-512/256 as defined by FIPS 180-4. SHA-512-256 has limited client support; neither Firefox nor Chrome support it, but current versions of curl do.
I had a recent need to implement SHA-512-256 Digest Authentication in a client, so I added it to a fork of httpbin in order to test the client: https://github.com/quanterium/httpbin
This implementation was tested with curl 8.14.1. Since SHA-512/256 is not one of the hashlib guaranteed algorithms, my implementation checks that sha512_256 or sha512-256 (I've seen both strings in different Python versions) is included in hashlib.algorithms_available. However I did not see a way to make the conditional part of the documentation that appears in the web GUI, however the docker image built from the repository's Dockerfile does include support and this was the image I used to run my test server.
I noticed in the contributing guidelines that an Issue should be filed before a Pull Request, and that only backwards-compatible bug fixes would be accepted. I'll leave it to the maintainers call if they wish to consider this a bug fix to be accepted; if this change is desired I'm happy to submit a Pull Request.