Remove unnecessary top-level MD5 digester functions that cause an exception on FIPS-enabled systems when the www-authenticate module is loaded via require. The MD5 digester functions are already created on demand when using DIGEST authentication.

Use Buffer.from rather than deprecated new Buffer constructor form.
Move the Parser_Authenticate_Info prototype statement to after the definition of the function.
Add copyright to all the files.

Author: stevebio

lib/www-authenticate-patched/md5.js

@@ -1,6 +1,15 @@
-var crypto= require('crypto')
-  , md5sum = crypto.createHash('md5')
-  ;
+/*
+ * www-authenticate
+ * https://github.com/randymized/www-authenticate
+ *
+ * Copyright (c) 2013 Randy McLaughlin
+ * Licensed under the MIT license.
+ */
+
+/*
+* Copyright © 2015-2025 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.
+*/
+var crypto= require('crypto');
 
 function md5(s) {
   return crypto.createHash('md5').update(s).digest('hex');

lib/www-authenticate-patched/parsers.js

@@ -1,3 +1,14 @@
+/*
+ * www-authenticate
+ * https://github.com/randymized/www-authenticate
+ *
+ * Copyright (c) 2013 Randy McLaughlin
+ * Licensed under the MIT license.
+ */
+
+/*
+* Copyright © 2015-2025 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.
+*/
 var ParseAuth= /(\w+)\s+(.*)/  // -> scheme, params
   , Separators= /([",=])/
   ;
@@ -88,8 +99,6 @@ function Parse_WWW_Authenticate(to_parse)
   }
 }
 
-Parse_Authentication_Info.prototype.parse_params= parse_params;
-
 function Parse_Authentication_Info(to_parse)
 {
   this.scheme= 'Digest';
@@ -102,6 +111,7 @@ function Parse_Authentication_Info(to_parse)
   }
 }
 
+Parse_Authentication_Info.prototype.parse_params= parse_params;
 Parse_WWW_Authenticate.prototype.parse_params= parse_params;
 
 module.exports = {

lib/www-authenticate-patched/user-credentials.js

@@ -1,3 +1,14 @@
+/*
+ * www-authenticate
+ * https://github.com/randymized/www-authenticate
+ *
+ * Copyright (c) 2013 Randy McLaughlin
+ * Licensed under the MIT license.
+ */
+
+/*
+* Copyright © 2015-2025 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.
+*/
 var md5= require('./md5');
 
 /*
@@ -16,9 +27,9 @@ function user_credentials(username,password,options) {
     ''
     :
       (!password && password !== '' ?
-        new Buffer(username, "ascii").toString("base64")
+        Buffer.from(username, "ascii").toString("base64")
       :
-        new Buffer(username+':'+password, "ascii").toString("base64")
+        Buffer.from(username+':'+password, "ascii").toString("base64")
       )
   function Credentials()
   {

lib/www-authenticate-patched/www-authenticate.js

@@ -1,4 +1,3 @@
-
 /*
  * www-authenticate
  * https://github.com/randymized/www-authenticate
@@ -7,10 +6,12 @@
  * Licensed under the MIT license.
  */
 
+/*
+* Copyright © 2015-2025 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.
+*/
 'use strict';
 
 var crypto= require('crypto')
-  , md5sum = crypto.createHash('md5')
   , parsers= require('./parsers')
   , md5= require('./md5')
   , user_credentials= require('./user-credentials')