urllib2是否支持抢占式身份验证身份验证?

时间:2011-01-07 17:52:19

标签: python http urllib2

我正在尝试访问REST API。

我可以在Curl / REST Client(UI工具)中使用它,并启用了抢先身份验证。

但是,使用urllib2,默认情况下它似乎不支持这个,我找不到打开它的方法。

谢谢:)

3 个答案:

答案 0 :(得分:7)

这是一个基于urllib2.HTTPBasicAuthHandler代码的简单抢占式HTTP基本身份验证处理程序。它可以以完全相同的方式使用,除了Authorization标头将添加到每个带有匹配URL的请求。请注意,此处理程序应与HTTPPasswordMgrWithDefaultRealm一起使用。那是因为在WWW-Authenticate挑战中没有领域回归,因为你是先发制人的。 

class PreemptiveBasicAuthHandler(urllib2.BaseHandler):

        def __init__(self, password_mgr=None):
                if password_mgr is None:
                        password_mgr = urllib2.HTTPPasswordMgrWithDefaultRealm()
                self.passwd = password_mgr
                self.add_password = self.passwd.add_password

        def http_request(self,req):
                uri = req.get_full_url()
                user, pw = self.passwd.find_user_password(None,uri)
                #logging.debug('ADDING REQUEST HEADER for uri (%s): %s:%s',uri,user,pw)
                if pw is None: return req

                raw = "%s:%s" % (user, pw)
                auth = 'Basic %s' % base64.b64encode(raw).strip()
                req.add_unredirected_header('Authorization', auth)
                return req

答案 1 :(得分:4)

类似于@ thom-nichols的回答;但是子类化HTTPBasicAuthHandler也处理HTTPS请求。

import urllib2
import base64

class PreemptiveBasicAuthHandler(urllib2.HTTPBasicAuthHandler):
    '''Preemptive basic auth.

    Instead of waiting for a 403 to then retry with the credentials,
    send the credentials if the url is handled by the password manager.
    Note: please use realm=None when calling add_password.'''
    def http_request(self, req):
        url = req.get_full_url()
        realm = None
        # this is very similar to the code from retry_http_basic_auth()
        # but returns a request object.
        user, pw = self.passwd.find_user_password(realm, url)
        if pw:
            raw = "%s:%s" % (user, pw)
            auth = 'Basic %s' % base64.b64encode(raw).strip()
            req.add_unredirected_header(self.auth_header, auth)
        return req

    https_request = http_request

这是一个处理jenkins服务器的示例,该服务器不会向您发送401 http错误(使用auth重试)。我使用urllib2.install_opener让事情变得简单。

jenkins_url = "https://jenkins.example.com"
username = "johndoe"
api_token = "some-cryptic-value"

auth_handler = PreemptiveBasicAuthHandler()
auth_handler.add_password(
    realm=None, # default realm.
    uri=jenkins_url,
    user=username,
    passwd=api_token)
opener = urllib2.build_opener(auth_handler)
urllib2.install_opener(opener)

答案 2 :(得分:0)

根据所需的身份验证类型,您可以在发送正文之前将授权标题添加到请求中,手动发送授权标题。

相关问题
最新问题