How to non-interactively provide auth info to URL, and how to force URL to use HTTP AUTH

How to non-interactively provide auth info to URL, and how to force URL to use HTTP AUTH

[Edward O'Connor]

Hi,

I've made a lot of use out of url.el over the years, and it's for the
most part been a nice experience. But I haven't been able to wrap my
brain around how to use HTTP AUTH in a nice-to-the-user way.

Here's the scenario: I work on several elisp clients for various APIs
which are exposed via HTTP and make use of HTTP AUTH. When a developer
uses my library, they supply the relevant auth info to my library
explicitly. I would then like to invoke url-retreive and have the
resulting request use basic (or digest) auth with the auth info I
already have, *without prompting the user* for a username or password. I
keep failing to figure out how to do this.

I'd really rather not resort to shelling out to curl, but this is *very
easy* to do with curl (a simple "curl -u user:pass url-to-api-call" will
do), and it's not at all clear how to do it with url.el.

Any suggestions on how to proceed would be most welcome!


Thanks,
Ted

Re: How to non-interactively provide auth info to URL, and how to force URL to use HTTP AUTH

[Juri Linkov]

> Any suggestions on how to proceed would be most welcome!

A comment in the CVS revision 7.7 of gnus/auth-source.el used to say:

;;; For url-auth authentication (HTTP/HTTPS), you need to use:
;;;
;;; machine yourmachine.com:80 port http login testuser password testpass
;;;
;;; This will match any realm and authentication method (basic or
;;; digest).  If you want finer controls, explore the url-auth source
;;; code and variables.

I don't know why it was removed and whether it currently supports
HTTP authentication (looking at the source code of lisp/url/url-auth.el
that uses gnus/auth-source.el, it seems this should work).

-- 
Juri Linkov
http://www.jurta.org/emacs/

Re: How to non-interactively provide auth info to URL, and how to force URL to use HTTP AUTH

[Ari Roponen]

Hi,

"Edward O'Connor" <hober0@gmail.com> writes:

> Here's the scenario: I work on several elisp clients for various APIs
> which are exposed via HTTP and make use of HTTP AUTH. When a developer
> uses my library, they supply the relevant auth info to my library
> explicitly. I would then like to invoke url-retreive and have the
> resulting request use basic (or digest) auth with the auth info I
> already have, *without prompting the user* for a username or password. I
> keep failing to figure out how to do this.

I have used something like this to get status information from my
ADSL-modem. I don't know if it is the right thing, but it has worked for
me.

  (defvar telewell-default-auth
      `(("192.168.0.254:80"
         ("WebAdmin" . ,(base64-encode-string "admin:password"))))
    "Default authorization data for Telewell ADSL modem.")
  
  (defun telewell-get-data ()
    (let* ((url-show-status nil)
   	   (url-basic-auth-storage 'telewell-default-auth)
  	   (buf (url-retrieve-synchronously
                  "http://192.168.0.254/adsl.asp")))
      (when buf
        ...)))
  
-- 
Ari Roponen

Re: How to non-interactively provide auth info to URL, and how to force URL to use HTTP AUTH

[Andreas Schwab]

Juri Linkov <juri@jurta.org> writes:

> I don't know why it was removed

It was duplicated in auth.texi.

Andreas.

-- 
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."