HTTPS/Authenticated: Difference between revisions
→{{header|Lasso}}: adding Lasso HTTPS Authenticated example |
|||
Line 165: | Line 165: | ||
fmt.Println(string(b)) |
fmt.Println(string(b)) |
||
}</lang> |
}</lang> |
||
=={{header|Lasso}}== |
|||
<lang Lasso>local(username = 'hello',password = 'world') |
|||
local(x = curl('https://sourceforge.net')) |
|||
#x->set(CURLOPT_USERPWD, #username + ':' + #password) |
|||
local(y = #x->result) |
|||
#y->asString</lang> |
|||
=={{header|Mathematica}}== |
=={{header|Mathematica}}== |
Revision as of 12:54, 2 November 2013
You are encouraged to solve this task according to the task description, using any language you may know.
The goal of this task is to demonstrate HTTPS requests with authentication. Implementations of this task should not use client certificates for this: that is the subject of another task.
AutoHotkey
<lang AutoHotkey>iWeb_Init() pwb := iWeb_newGui(0, 0, 1000, 800) iWeb_nav(pwb, "http://www.facebook.com/login.php?ref=pf") iWeb_Term() iWeb_complete(pwb) inputbox, email, email inputbox, pass, password iWeb_setDomObj(pwb,"Email",email) iWeb_setDomObj(pwb,"pass",pass) iWeb_clickDomObj(pwb, "login") return
- Include iweb.ahk
- Include COM.ahk
- Include COMinvokeDeep.ahk</lang>
C
<lang c>#include <stdio.h>
- include <stdlib.h>
- include "curl/curl.h"
int main(void) {
CURL *curl; char buffer[CURL_ERROR_SIZE];
if ((curl = curl_easy_init()) != NULL) { curl_easy_setopt(curl, CURLOPT_URL, "https://user:password@secure.example.com/"); curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1); curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, buffer); if (curl_easy_perform(curl) != CURLE_OK) { fprintf(stderr, "%s\n", buffer); return EXIT_FAILURE; } curl_easy_cleanup(curl); } return EXIT_SUCCESS;
}</lang>
Delphi
<lang Delphi>program ShowHTTPSAuthenticated;
{$APPTYPE CONSOLE}
uses IdHttp, IdSSLOpenSSL;
var
s: string; lHTTP: TIdHTTP; lIOHandler: TIdSSLIOHandlerSocketOpenSSL;
begin
ReportMemoryLeaksOnShutdown := True; lHTTP := TIdHTTP.Create(nil); lIOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(nil); try lHTTP.Request.Username := 'USERNAME'; lHTTP.Request.Password := 'PASSWD'; lHTTP.IOHandler := lIOHandler; lHTTP.HandleRedirects := True; s := lHTTP.Get('https://SomeSecureSite.net/'); Writeln(s); finally lHTTP.Free; lIOHandler.Free; end;
end.</lang>
Go
The task solution is really the client program, but to test it I wrote a server and created a custom certificate. I won't describe the certificate, but this is the server: <lang go>package main
import (
"encoding/base64" "io" "log" "net/http" "strings"
)
const userPass = "rosetta:code" const unauth = http.StatusUnauthorized
func hw(w http.ResponseWriter, req *http.Request) {
auth := req.Header.Get("Authorization") if !strings.HasPrefix(auth, "Basic ") { log.Print("Invalid authorization:", auth) http.Error(w, http.StatusText(unauth), unauth) return } up, err := base64.StdEncoding.DecodeString(auth[6:]) if err != nil { log.Print("authorization decode error:", err) http.Error(w, http.StatusText(unauth), unauth) return } if string(up) != userPass { log.Print("invalid username:password:", string(up)) http.Error(w, http.StatusText(unauth), unauth) return } io.WriteString(w, "Goodbye, World!")
}
func main() {
http.HandleFunc("/", hw) log.Fatal(http.ListenAndServeTLS(":8080", "cert.pem", "key.pem", nil))
}</lang> It is a "Hello world" server, but over TLS and with basic authentication required on the Get. Errors are logged to aid client debugging.
The client: <lang go>package main
import (
"crypto/tls" "crypto/x509" "fmt" "io/ioutil" "log" "net/http"
)
const (
userid = "rosetta" password = "code"
)
func main() {
// Use custom certificate for testing. Not exactly required by task. b, err := ioutil.ReadFile("cert.pem") if err != nil { log.Fatal(err) } pool := x509.NewCertPool() if ok := pool.AppendCertsFromPEM(b); !ok { log.Fatal("Failed to append cert") } tc := &tls.Config{RootCAs: pool} tr := &http.Transport{TLSClientConfig: tc} client := &http.Client{Transport: tr} req, err := http.NewRequest("GET", "https://127.0.0.1:8080", nil) if err != nil { log.Fatal(err) }
// This one line implements the authentication required for the task. req.SetBasicAuth(userid, password)
// Make request and show output. resp, err := client.Do(req) if err != nil { log.Fatal(err) } b, err = ioutil.ReadAll(resp.Body) resp.Body.Close() if err != nil { log.Fatal(err) } fmt.Println(string(b))
}</lang>
Lasso
<lang Lasso>local(username = 'hello',password = 'world') local(x = curl('https://sourceforge.net'))
- x->set(CURLOPT_USERPWD, #username + ':' + #password)
local(y = #x->result)
- y->asString</lang>
Mathematica
<lang Mathematica>a = RunThrough["curl -u JohnDoe:Password https://www.example.com", 1] For[ i=0, i < Length[a] , i++, SomeFunction[a]]</lang>
Perl
<lang perl>use LWP::UserAgent qw(); my $ua = LWP::UserAgent->new; my $netloc = 'http://www.buddhism-dict.net/cgi-bin/xpr-dealt.pl:80'; $ua->credentials(
$netloc, 'CJK-E and Buddhist Dictionaries', # basic realm 'guest', # user , # empty pw
); my $response = $ua->get($netloc);
use WWW::Mechanize qw(); my $mech = WWW::Mechanize->new; $mech->get('https://login.yahoo.com/'); $mech->submit_form(with_fields => {
login => 'XXXXXX', passwd => 'YYYYYY', '.persistent' => 'y', # tick checkbox
});</lang>
PicoLisp
<lang PicoLisp>(let (User "Bill" Pass "T0p5ecRet" Url "https://www.example.com")
(in (list 'curl "-u" (pack User ': Pass) Url) (while (line) (doSomeProcessingWithLine @) ) ) )</lang>
Python
Note: You should install mechanize to run code below. Visit: http://wwwsearch.sourceforge.net/mechanize/
<lang python>#!/usr/bin/python
- -*- coding: utf-8 -*-
from mechanize import Browser
USER_AGENT = "Mozilla/5.0 (X11; U; Linux i686; tr-TR; rv:1.8.1.9) Gecko/20071102 Pardus/2007 Firefox/2.0.0.9"
br = Browser() br.addheaders = [("User-agent", USER_AGENT)]
- remove comment if you get debug output
- br.set_debug_redirects(True)
- br.set_debug_responses(True)
- br.set_debug_http(True)
br.open("https://www.facebook.com")
br.select_form("loginform") br['email'] = "xxxxxxx@xxxxx.com" br['pass'] = "xxxxxxxxx" br['persistent'] = ["1"]
response = br.submit() print response.read()</lang>
Racket
<lang racket>
- lang racket
(require net/url net/url-connect openssl)
(module+ main
(parameterize ([current-https-protocol (ssl-make-client-context)]) (ssl-set-verify! (current-https-protocol) #t)
;; When this is #f, we correctly get an exception: ;; error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (when #t (ssl-load-verify-source! (current-https-protocol) '(directory ;; This location works on Debian 6; ;; adjust as needed for your platform. "/etc/ssl/certs" )))
(for ([l (in-port read-line (get-pure-port (string->url "https://www.google.com/")))]) (displayln l))))
</lang>
Tcl
for the binary encode
subcommand, otherwise uses
Uses the Tls package. <lang Tcl>package require http package require tls http::register https 443 ::tls::socket
- Generate the authentication
set user theUser set pass thePassword dict set auth Authenticate "Basic [binary encode base64 ${user}:${pass}]"
- Make a secure authenticated connection
set token [http::geturl https://secure.example.com/ -headers $auth]
- Now as for conventional use of the “http” package
set data [http::data $token] http::cleanup $token</lang>
- Programming Tasks
- Networking and Web Interaction
- AutoHotkey
- Iweb
- COM
- C
- Libcurl
- Delphi
- Go
- Lasso
- Mathematica
- Perl
- LWP
- PicoLisp
- Python
- Racket
- Tcl
- Tcllib
- Batch File/Omit
- Brainf***/Omit
- Inform 7/Omit
- Locomotive Basic/Omit
- Lotus 123 Macro Scripting/Omit
- M4/Omit
- Maxima/Omit
- ML/I/Omit
- Openscad/Omit
- PARI/GP/Omit
- PostScript/Omit
- Retro/Omit
- REXX/Omit
- TI-83 BASIC/Omit
- TI-89 BASIC/Omit
- Unlambda/Omit
- Yorick/Omit
- ZX Spectrum Basic/Omit