⚠️ Warning: This is a draft ⚠️
This means it might contain formatting issues, incorrect code, conceptual problems, or other severe issues.
If you want to help to improve and eventually enable this page, please fork RosettaGit's repository and open a merge request on GitHub.
{{task|Networking and Web Interaction}}
The goal of this task is to demonstrate [[HTTPS request]]s with authentication. Implementations of this task should not use client certificates for this: that is the subject of [[Client-Authenticated HTTPS Request|another task]].
AutoHotkey
{{libheader|iweb}} {{libheader|COM}}
iWeb_Init()
pwb := iWeb_newGui(0, 0, 1000, 800)
iWeb_nav(pwb, "http://www.facebook.com/login.php?ref=pf")
iWeb_Term()
iWeb_complete(pwb)
inputbox, email, email
inputbox, pass, password
iWeb_setDomObj(pwb,"Email",email)
iWeb_setDomObj(pwb,"pass",pass)
iWeb_clickDomObj(pwb, "login")
return
#Include iweb.ahk
#Include COM.ahk
#Include COMinvokeDeep.ahk
C
{{libheader|libcurl}}
#include <stdio.h>
#include <stdlib.h>
#include "curl/curl.h"
int
main(void)
{
CURL *curl;
char buffer[CURL_ERROR_SIZE];
if ((curl = curl_easy_init()) != NULL) {
curl_easy_setopt(curl, CURLOPT_URL, "https://user:password@secure.example.com/");
curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1);
curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, buffer);
if (curl_easy_perform(curl) != CURLE_OK) {
fprintf(stderr, "%s\n", buffer);
return EXIT_FAILURE;
}
curl_easy_cleanup(curl);
}
return EXIT_SUCCESS;
}
C#
{{works with|C sharp|3.0}}
using System;
using System.Net;
class Program
{
static void Main(string[] args)
{
var client = new WebClient();
// credentials of current user:
client.Credentials = CredentialCache.DefaultCredentials;
// or specify credentials manually:
client.Credentials = new NetworkCredential("User", "Password");
var data = client.DownloadString("https://example.com");
Console.WriteLine(data);
}
}
Clojure
{{libheader|clj-http}}
(clj-http.client/get "https://somedomain.com"
{:basic-auth ["user" "pass"]})
Delphi
program ShowHTTPSAuthenticated;
{$APPTYPE CONSOLE}
uses IdHttp, IdSSLOpenSSL;
var
s: string;
lHTTP: TIdHTTP;
lIOHandler: TIdSSLIOHandlerSocketOpenSSL;
begin
ReportMemoryLeaksOnShutdown := True;
lHTTP := TIdHTTP.Create(nil);
lIOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
try
lHTTP.Request.Username := 'USERNAME';
lHTTP.Request.Password := 'PASSWD';
lHTTP.IOHandler := lIOHandler;
lHTTP.HandleRedirects := True;
s := lHTTP.Get('https://SomeSecureSite.net/');
Writeln(s);
finally
lHTTP.Free;
lIOHandler.Free;
end;
end.
Go
The task solution is really the client program, but to test it I wrote a server and created a custom certificate. I won't describe the certificate, but this is the server:
package main
import (
"encoding/base64"
"io"
"log"
"net/http"
"strings"
)
const userPass = "rosetta:code"
const unauth = http.StatusUnauthorized
func hw(w http.ResponseWriter, req *http.Request) {
auth := req.Header.Get("Authorization")
if !strings.HasPrefix(auth, "Basic ") {
log.Print("Invalid authorization:", auth)
http.Error(w, http.StatusText(unauth), unauth)
return
}
up, err := base64.StdEncoding.DecodeString(auth[6:])
if err != nil {
log.Print("authorization decode error:", err)
http.Error(w, http.StatusText(unauth), unauth)
return
}
if string(up) != userPass {
log.Print("invalid username:password:", string(up))
http.Error(w, http.StatusText(unauth), unauth)
return
}
io.WriteString(w, "Goodbye, World!")
}
func main() {
http.HandleFunc("/", hw)
log.Fatal(http.ListenAndServeTLS(":8080", "cert.pem", "key.pem", nil))
}
It is a "Hello world" server, but over TLS and with basic authentication required on the Get. Errors are logged to aid client debugging.
The client:
package main
import (
"crypto/tls"
"crypto/x509"
"fmt"
"io/ioutil"
"log"
"net/http"
)
const (
userid = "rosetta"
password = "code"
)
func main() {
// Use custom certificate for testing. Not exactly required by task.
b, err := ioutil.ReadFile("cert.pem")
if err != nil {
log.Fatal(err)
}
pool := x509.NewCertPool()
if ok := pool.AppendCertsFromPEM(b); !ok {
log.Fatal("Failed to append cert")
}
tc := &tls.Config{RootCAs: pool}
tr := &http.Transport{TLSClientConfig: tc}
client := &http.Client{Transport: tr}
req, err := http.NewRequest("GET", "https://127.0.0.1:8080", nil)
if err != nil {
log.Fatal(err)
}
// This one line implements the authentication required for the task.
req.SetBasicAuth(userid, password)
// Make request and show output.
resp, err := client.Do(req)
if err != nil {
log.Fatal(err)
}
b, err = ioutil.ReadAll(resp.Body)
resp.Body.Close()
if err != nil {
log.Fatal(err)
}
fmt.Println(string(b))
}
Haskell
Example uses the [https://hackage.haskell.org/package/req req] and [https://hackage.haskell.org/package/aeson aeson] packages:
{-# LANGUAGE OverloadedStrings #-}
module Main (main) where
import Data.Aeson (Value)
import Data.Default.Class (def)
import Network.HTTP.Req
( (/:)
, GET(..)
, NoReqBody(..)
, basicAuth
, https
, jsonResponse
, req
, responseBody
, runReq
)
main :: IO ()
main = do
response <- runReq def $ req
GET
(https "httpbin.org" /: "basic-auth" /: "someuser" /: "somepassword")
NoReqBody
jsonResponse
(basicAuth "someuser" "somepassword")
print (responseBody response :: Value)
Julia
An example using HTTP (see the source for HTTP.jl for the code below ) to access and play a song:
using HTTP, HTTP.IOExtras, JSON, MusicProcessing
HTTP.open("POST", "http://music.com/play") do io
write(io, JSON.json([
"auth" => "12345XXXX",
"song_id" => 7,
]))
r = startread(io)
@show r.status
while !eof(io)
bytes = readavailable(io)
play(bytes)
end
end
Kotlin
// version 1.2.0
import java.net.Authenticator
import java.net.PasswordAuthentication
import javax.net.ssl.HttpsURLConnection
import java.net.URL
import java.io.InputStreamReader
import java.io.BufferedReader
object PasswordAuthenticator : Authenticator() {
override fun getPasswordAuthentication() =
PasswordAuthentication ("username", "password".toCharArray())
}
fun main(args: Array<String>) {
val url = URL("https://somehost.com")
val con = url.openConnection() as HttpsURLConnection
Authenticator.setDefault(PasswordAuthenticator)
con.allowUserInteraction = true
con.connect()
val isr = InputStreamReader(con.inputStream)
val br = BufferedReader(isr)
while (true) {
val line = br.readLine()
if (line == null) break
println(line)
}
}
Lasso
local(username = 'hello',password = 'world')
local(x = curl('https://sourceforge.net'))
#x->set(CURLOPT_USERPWD, #username + ':' + #password)
local(y = #x->result)
#y->asString
LiveCode
HTTP Basic Auth as part of url
command getAuthWebResource
libURLFollowHttpRedirects true
libURLSetSSLVerification true
put URL "https://user:passwd@example.basicauth.com/" into response
put response
end getAuthWebResource
You can also set the headers for the basic auth requests
command getAuthWebResource
libURLFollowHttpRedirects true
libURLSetSSLVerification true
set the httpHeaders to "Authorization: Basic " && base64Encode("user:passwd")
put URL "https://example.basicauth.com" into response
put response
end getAuthWebResource
Lua
{{works with|Lua|5.1 - 5.3}} {{libheader|lua-requests}}
local requests = require('requests')
local auth = requests.HTTPBasicAuth('admin', 'admin')
local resp, e = requests.get({
url = 'https://httpbin.org/basic-auth/admin/admin',
auth = auth
})
io.write(string.format('Status: %d', resp.status_code))
{{out}}
Status: 200
=={{header|Mathematica}} / {{header|Wolfram Language}}==
a = RunThrough["curl -u JohnDoe:Password https://www.example.com", 1]
For[ i=0, i < Length[a] , i++, SomeFunction[a]]
Perl
{{libheader|LWP}}
use LWP::UserAgent qw();
my $ua = LWP::UserAgent->new;
my $netloc = 'http://www.buddhism-dict.net/cgi-bin/xpr-dealt.pl:80';
$ua->credentials(
$netloc,
'CJK-E and Buddhist Dictionaries', # basic realm
'guest', # user
'', # empty pw
);
my $response = $ua->get($netloc);
use WWW::Mechanize qw();
my $mech = WWW::Mechanize->new;
$mech->get('https://login.yahoo.com/');
$mech->submit_form(with_fields => {
login => 'XXXXXX',
passwd => 'YYYYYY',
'.persistent' => 'y', # tick checkbox
});
Perl 6
{{works with|Rakudo|2017.09}} Used here to connect to my local wireless router to a page that is password protected. Obviously not going to be generally publicly accessible but should be easily adaptable to other sites / devices.
use HTTP::UserAgent;
my $username = 'username'; # my username
my $password = 'password'; # my password
my $address = 'http://192.168.1.1/Status_Router.asp'; # my local wireless router
my $ua = HTTP::UserAgent.new;
$ua.auth( $username, $password );
my $response = $ua.get: $address;
say $response.is-success ?? $response.content !! $response.status-line;
Phix
{{libheader|libcurl}} Exactly the same as the [[HTTP#Phix]] task. You can of course use curl_easy_setopt(curl,CURLOPT_USERPWD,"user:password") rather than embed that in the url.
include builtins\libcurl.e
curl_global_init()
atom curl = curl_easy_init()
curl_easy_setopt(curl, CURLOPT_URL, "https://user:password@example.com/")
object res = curl_easy_perform_ex(curl)
curl_easy_cleanup(curl)
curl_global_cleanup()
puts(1,res)
PicoLisp
(let (User "Bill" Pass "T0p5ecRet" Url "https://www.example.com")
(in (list 'curl "-u" (pack User ': Pass) Url)
(while (line)
(doSomeProcessingWithLine @) ) ) )
Python
{{works with|Python|2.4 and 2.6}}
'''Note:''' You should install '''''mechanize''''' to run code below. Visit: http://wwwsearch.sourceforge.net/mechanize/
#!/usr/bin/python
# -*- coding: utf-8 -*-
from mechanize import Browser
USER_AGENT = "Mozilla/5.0 (X11; U; Linux i686; tr-TR; rv:1.8.1.9) Gecko/20071102 Pardus/2007 Firefox/2.0.0.9"
br = Browser()
br.addheaders = [("User-agent", USER_AGENT)]
# remove comment if you get debug output
# br.set_debug_redirects(True)
# br.set_debug_responses(True)
# br.set_debug_http(True)
br.open("https://www.facebook.com")
br.select_form("loginform")
br['email'] = "xxxxxxx@xxxxx.com"
br['pass'] = "xxxxxxxxx"
br['persistent'] = ["1"]
response = br.submit()
print response.read()
{{libheader|Requests}} {{works with|Python|2.7, 3.4–3.7}}
import requests
username = "user"
password = "pass"
url = "https://www.example.com"
response = requests.get(url, auth=(username, password)
print(response.text)
Racket
#lang racket
(require net/url net/url-connect openssl)
(module+ main
(parameterize ([current-https-protocol (ssl-make-client-context)])
(ssl-set-verify! (current-https-protocol) #t)
;; When this is #f, we correctly get an exception:
;; error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
(when #t
(ssl-load-verify-source! (current-https-protocol)
'(directory
;; This location works on Debian 6;
;; adjust as needed for your platform.
"/etc/ssl/certs"
)))
(for ([l (in-port read-line (get-pure-port (string->url "https://www.google.com/")))])
(displayln l))))
Ruby
require 'uri'
require 'net/http'
uri = URI.parse('https://www.example.com')
response = Net::HTTP.start(uri.host, uri.port, use_ssl: true) do |http|
request = Net::HTTP::Get.new uri
request.basic_auth('username', 'password')
http.request request
end
Run BASIC
html "
<CENTER><TABLE CELLPADDING=0 CELLSPACING=0 border=1 bgcolor=wheat>
<TR><TD colspan=2 bgcolor=tan align=center>LOGIN</TD></TR>
<TR><TD align=right>UserName</TD><TD>"
TEXTBOX #userName, ""
html "</TR></TD><TR><TD align=right>Password:</TD><TD>"
PasswordBox #passWord, ""
html "</TD></TR><TD align=center colspan=2>"
button #si, "Signin", [doSignin]
html " "
button #ex, "Exit", [exit]
html "</TD></TR></TABLE>"
WAIT
[doSignin]
loginUserName$ = trim$(#userName contents$())
loginPassWord$ = trim$(#passWord contents$())
if (loginUserName$ = "admin" and loginPassWord$ = "admin" then
print "Login ok"
else
print "invalid User or Pass"
cls
goto [loop]
end if
print Platform$ ' OS where Run BASIC is being hosted
print UserInfo$ ' Information about the user's web browser
print UserAddress$ ' IP address of the user
[exit]
end
[[File:ClientAuthorizationRunBasic.png]]
Scala
import java.net.{Authenticator, PasswordAuthentication, URL}
import javax.net.ssl.HttpsURLConnection
import scala.io.BufferedSource
object Authenticated extends App {
val con: HttpsURLConnection =
new URL("https://somehost.com").openConnection().asInstanceOf[HttpsURLConnection]
object PasswordAuthenticator extends Authenticator {
override def getPasswordAuthentication =
new PasswordAuthentication("username", "password".toCharArray)
}
Authenticator.setDefault(PasswordAuthenticator)
con.setAllowUserInteraction(true)
con.connect()
new BufferedSource(con.getInputStream).getLines.foreach(println(_))
}
Sidef
require('WWW::Mechanize')
var mech = %s'WWW::Mechanize'.new(
cookie_jar => Hash.new,
agent => 'Mozilla/5.0',
)
mech.get('https://login.yahoo.com/')
mech.submit_form(
form_id => 'mbr-login-form', # form id
fields => Hash.new(
'login' => 'XXXXXX',
'passwd' => 'YYYYYY',
))
Tcl
{{works with|Tcl|8.6}} for the binary encode subcommand, otherwise uses
{{tcllib|base64}}
Uses the [http://tls.sourceforge.net Tls] package.
package require http
package require tls
http::register https 443 ::tls::socket
# Generate the authentication
set user theUser
set pass thePassword
dict set auth Authenticate "Basic [binary encode base64 ${user}:${pass}]"
# Make a secure authenticated connection
set token [http::geturl https://secure.example.com/ -headers $auth]
# Now as for conventional use of the “http” package
set data [http::data $token]
http::cleanup $token
Visual Basic
{{Libheader|Microsoft.WinHttp}} {{works with|Visual Basic|5}} {{works with|Visual Basic|6}} {{works with|VBA|Access 97}} {{works with|VBA|6.5}} {{works with|VBA|7.1}}
Sub Main()
Dim HttpReq As WinHttp.WinHttpRequest
' in the "references" dialog of the IDE, check
' "Microsoft WinHTTP Services, version 5.1" (winhttp.dll)
Const HTTPREQUEST_PROXYSETTING_PROXY As Long = 2
#Const USE_PROXY = 1
Set HttpReq = New WinHttp.WinHttpRequest
HttpReq.Open "GET", "https://www.abc.com/xyz/index.html"
HttpReq.SetCredentials "<username>", "<password>", 0&
#If USE_PROXY Then
HttpReq.SetProxy HTTPREQUEST_PROXYSETTING_PROXY, "10.167.1.1:80"
#End If
HttpReq.SetTimeouts 1000, 1000, 1000, 1000
HttpReq.Send
Debug.Print HttpReq.ResponseText
End Sub
zkl
Using cURL to do the heavy lifting, get a XML list of computers connected to my router.
zkl: var ZC=Import("zklCurl")
zkl: var data=ZC().get("http://usr:pw@192.168.1.1/computer_list.xml")
L(Data(1,049),121,0)
zkl: data[0][121,*].text
{{out}}
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<computers>
<ip_address0>192.168.1.100</ip_address0><host_name0>core-shot
...
{{omit from|Batch File|Does not have network access.}} {{omit from|Brainfuck}} {{omit from|Commodore BASIC|Does not have network access}} {{omit from|Inform 7|Does not have network access.}} {{omit from|Locomotive Basic|Does not have network access.}} {{omit from|Lotus 123 Macro Scripting}} {{omit from|M4}} {{omit from|Maxima}} {{omit from|ML/I}} {{omit from|Openscad}} {{omit from|PARI/GP}} {{omit from|PostScript}} {{omit from|Retro|Does not have network access.}} {{omit from|SQL PL|Does not have network access}} {{omit from|TI-83 BASIC|Does not have network access.}} {{omit from|TI-89 BASIC|Does not have network access.}} {{omit from|Unlambda|Does not have network access.}} {{omit from|Yorick|Does not have network access.}} {{omit from|ZX Spectrum Basic|Does not have network access.}}