Resty icon indicating copy to clipboard operation
Resty copied to clipboard

Published 20 hours ago verified publisher icon beders

authenticate does not work

Open wheineman opened this issue 13 years ago • 8 comments

authenticate method is not working. There doesn't seem to be a testcase for authenticate.

wheineman avatar Jan 17 '12 19:01 wheineman

Do you have an example where it doesn't work? r.authenticate expects an URL prefix that is matched exactly. Resty will send the authentication headers for any URL that starts with that prefix. What URLs are you using?

beders avatar Jan 17 '12 19:01 beders

Hi @beders,

I'm using Resty 0.3.1, and I can't seem to get HTTP Basic Authentication to work. I receive an error when I use the json() method. Here is the stack trace:

java.lang.NullPointerException at us.monoid.web.auth.RestyAuthenticator.getPasswordAuthentication(RestyAuthenticator.java:30) at java.net.Authenticator.requestPasswordAuthentication(Authenticator.java:162) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getAuthorizationCredentials(HttpURLConnectionImpl.java:1182) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.processAuthHeader(HttpURLConnectionImpl.java:1155) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.processResponseHeaders(HttpURLConnectionImpl.java:1095) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.retrieveResponse(HttpURLConnectionImpl.java:1048) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:512) at us.monoid.web.AbstractResource.fill(AbstractResource.java:34) at us.monoid.web.Resty.fillResourceFromURL(Resty.java:417) at us.monoid.web.Resty.doGET(Resty.java:373) at us.monoid.web.Resty.json(Resty.java:189) at us.monoid.web.Resty.json(Resty.java:177) ...

I'm new to Java, so I could be completely wrong, but I noticed that there's a reference to the method getRequestingURL(), but it's not defined anywhere else in the code: https://github.com/beders/Resty/blob/master/src/main/java/us/monoid/web/auth/RestyAuthenticator.java#L28

To work around this bug, I'm using the alwaysSend() method instead, performing the Base64 encoding myself, like so:

Resty resty = new Resty();
String encodedString = Base64.encodeToString((username + ":" + password).getBytes("UTF-8"), android.util.Base64.DEFAULT);
resty.alwaysSend("Authorization", "Basic " + encodedString);

Object name = resty.json(baseURI + "/users/new").get("user.firstName");
System.out.println(name);

Thanks for this library!

toddmazierski avatar Feb 27 '12 21:02 toddmazierski

Thank you for trying Resty.

The problem is that sometimes the request URL for an authentication is null, which is unexpected. I need to work around this issue somehow.

Thank you so much for sharing your work-around!

Cheers, Jochen

On Feb 27, 2012, at 1:54 PM, Todd Mazierski wrote:

Hi @beders,

I'm using Resty 0.3.1, and I can't seem to get HTTP Basic Authentication to work. I receive an error when I use the json() method. Here is the stack trace:

java.lang.NullPointerException at us.monoid.web.auth.RestyAuthenticator.getPasswordAuthentication(RestyAuthenticator.java:30) at java.net.Authenticator.requestPasswordAuthentication(Authenticator.java:162) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getAuthorizationCredentials(HttpURLConnectionImpl.java:1182) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.processAuthHeader(HttpURLConnectionImpl.java:1155) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.processResponseHeaders(HttpURLConnectionImpl.java:1095) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.retrieveResponse(HttpURLConnectionImpl.java:1048) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:512) at us.monoid.web.AbstractResource.fill(AbstractResource.java:34) at us.monoid.web.Resty.fillResourceFromURL(Resty.java:417) at us.monoid.web.Resty.doGET(Resty.java:373) at us.monoid.web.Resty.json(Resty.java:189) at us.monoid.web.Resty.json(Resty.java:177) ...

I'm new to Java, so I could be completely wrong, but I noticed that there's a reference to the method getRequestingURL(), but it's not defined anywhere else in the code: https://github.com/beders/Resty/blob/master/src/main/java/us/monoid/web/auth/RestyAuthenticator.java#L28

To work around this bug, I'm using the alwaysSend() method instead, performing the Base64 encoding myself, like so:

Resty resty = new Resty();
String encodedString = Base64.encodeToString((username + ":" + password).getBytes("UTF-8"), android.util.Base64.DEFAULT);
resty.alwaysSend("Authorization", "Basic " + encodedString);

Object name = resty.json(baseURI + "/users/new").get("user.firstName");
System.out.println(name);

Thanks for this library!

Reply to this email directly or view it on GitHub: https://github.com/beders/Resty/issues/7#issuecomment-4204004

beders avatar Feb 28 '12 06:02 beders

Todd, what version of Java are you using?

org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getAuthorizationCredentials( is not a Sun Java class. I suspect we are dealing with a compatibility problem here and the requestingURL of the Authenticator class I'm using is not set up correctly by the harmony implementation.

On Feb 27, 2012, at 1:54 PM, Todd Mazierski wrote:

Hi @beders,

I'm using Resty 0.3.1, and I can't seem to get HTTP Basic Authentication to work. I receive an error when I use the json() method. Here is the stack trace:

java.lang.NullPointerException at us.monoid.web.auth.RestyAuthenticator.getPasswordAuthentication(RestyAuthenticator.java:30) at java.net.Authenticator.requestPasswordAuthentication(Authenticator.java:162) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getAuthorizationCredentials(HttpURLConnectionImpl.java:1182) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.processAuthHeader(HttpURLConnectionImpl.java:1155) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.processResponseHeaders(HttpURLConnectionImpl.java:1095) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.retrieveResponse(HttpURLConnectionImpl.java:1048) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:512) at us.monoid.web.AbstractResource.fill(AbstractResource.java:34) at us.monoid.web.Resty.fillResourceFromURL(Resty.java:417) at us.monoid.web.Resty.doGET(Resty.java:373) at us.monoid.web.Resty.json(Resty.java:189) at us.monoid.web.Resty.json(Resty.java:177) ...

I'm new to Java, so I could be completely wrong, but I noticed that there's a reference to the method getRequestingURL(), but it's not defined anywhere else in the code: https://github.com/beders/Resty/blob/master/src/main/java/us/monoid/web/auth/RestyAuthenticator.java#L28

To work around this bug, I'm using the alwaysSend() method instead, performing the Base64 encoding myself, like so:

Resty resty = new Resty();
String encodedString = Base64.encodeToString((username + ":" + password).getBytes("UTF-8"), android.util.Base64.DEFAULT);
resty.alwaysSend("Authorization", "Basic " + encodedString);

Object name = resty.json(baseURI + "/users/new").get("user.firstName");
System.out.println(name);

Thanks for this library!

Reply to this email directly or view it on GitHub: https://github.com/beders/Resty/issues/7#issuecomment-4204004

beders avatar Feb 28 '12 06:02 beders

The current head version has a new call Resty.authenticateForRealm which allows you to set login/password for the HTTP realm send by the server. (The realm can be found in header WWW-Authenticate)

On Feb 27, 2012, at 1:54 PM, Todd Mazierski wrote:

Hi @beders,

I'm using Resty 0.3.1, and I can't seem to get HTTP Basic Authentication to work. I receive an error when I use the json() method. Here is the stack trace:

java.lang.NullPointerException at us.monoid.web.auth.RestyAuthenticator.getPasswordAuthentication(RestyAuthenticator.java:30) at java.net.Authenticator.requestPasswordAuthentication(Authenticator.java:162) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getAuthorizationCredentials(HttpURLConnectionImpl.java:1182) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.processAuthHeader(HttpURLConnectionImpl.java:1155) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.processResponseHeaders(HttpURLConnectionImpl.java:1095) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.retrieveResponse(HttpURLConnectionImpl.java:1048) at org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:512) at us.monoid.web.AbstractResource.fill(AbstractResource.java:34) at us.monoid.web.Resty.fillResourceFromURL(Resty.java:417) at us.monoid.web.Resty.doGET(Resty.java:373) at us.monoid.web.Resty.json(Resty.java:189) at us.monoid.web.Resty.json(Resty.java:177) ...

I'm new to Java, so I could be completely wrong, but I noticed that there's a reference to the method getRequestingURL(), but it's not defined anywhere else in the code: https://github.com/beders/Resty/blob/master/src/main/java/us/monoid/web/auth/RestyAuthenticator.java#L28

To work around this bug, I'm using the alwaysSend() method instead, performing the Base64 encoding myself, like so:

Resty resty = new Resty();
String encodedString = Base64.encodeToString((username + ":" + password).getBytes("UTF-8"), android.util.Base64.DEFAULT);
resty.alwaysSend("Authorization", "Basic " + encodedString);

Object name = resty.json(baseURI + "/users/new").get("user.firstName");
System.out.println(name);

Thanks for this library!

Reply to this email directly or view it on GitHub: https://github.com/beders/Resty/issues/7#issuecomment-4204004

beders avatar Feb 28 '12 07:02 beders

I'm also having problems with the authentication. But with my case for some reason I'm always getting the 401 unauthorized error. I believe there is something wrong with setting the parameters for username and password. I am absolutely sure the credentials I set are correct and I verified this by using Poster plugin in the Chrome browser.

below is the code that i am using...

resty.authenticate("http://localhost/drupal/rest-api/user/login", "ecxxxx", "xxxx".toCharArray());
resty.json("http://localhost/drupal/rest-api/user/login.json");

And below is the error output.

java.io.IOException: Server returned HTTP response code: 401 for URL: http://localhost/drupal/rest-api/user/login.json
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1436)
    at us.monoid.web.AbstractResource.fill(AbstractResource.java:34)
    at us.monoid.web.Resty.fillResourceFromURL(Resty.java:417)
    at us.monoid.web.Resty.doPOSTOrPUT(Resty.java:379)
    at us.monoid.web.Resty.json(Resty.java:208)
    at us.monoid.web.Resty.json(Resty.java:213)
    at MassimoDuttiItem.saveResty(MassimoDuttiItem.java:56)
    at EmParisParser.main(EmParisParser.java:43)

I also tried setting the form values like so ...

resty.json("http://localhost/drupal/rest-api/user/login", Resty.form(Resty.data("username", "ecdiddy")));

and receive the same error. I checked my server logs and my login module doesn't recognize the username that was set. It thinks it is accessing as an anonymous user. That is why I believe there is something wrong with the setting form parameters with this resty function.

I'm not sure if authenticateForRealm is the solution for this issue which mentions about not delivering the URL. Is anyone else facing this issue?

ecdiddy avatar Jul 28 '12 06:07 ecdiddy

I have the same problem as ecdiddy re: authenticate() not working. Maybe the author could provide an example and some more explanation in the documentation? I'm doing HTTPS, as will most real-world users wanting to authenticate.

Non-Android version of Todd's solution: byte[] encoded = Base64.encodeBase64((uid + ":" + pw).getBytes()); String value = "Basic " + new String(encoded); resty.alwaysSend("Authorization",value );

minnownoir avatar Apr 22 '14 03:04 minnownoir

Seeing this issue as well, appears that not authentication is being attempted.

djschny avatar Feb 24 '16 18:02 djschny