. Split auth headers / do auth methods again, and make authenticate call each in turn.
. Document / test 'algorithm' config - MD5-sess / MD5.
. Better documentation for 'domain' option.
. Domain option should be able to be passed as config.