iPhone上的基本HTTP身份验证

时间:2009-06-14 18:23:01

标签: iphone objective-c httpwebrequest http-authentication

我正在尝试运行一个小型的Twitter客户端,在测试需要身份验证的API调用时遇到了问题。

我的密码中包含特殊字符,因此当我尝试使用以下代码时,它不起作用。

NSString *post = [NSString stringWithFormat:@"status=%@", [status stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding]];
NSData *postData = [post dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:YES];

NSString *postLength = [NSString stringWithFormat:@"%d", [postData length]];

NSMutableURLRequest *request = [[[NSMutableURLRequest alloc] init] autorelease];
NSURL *url = [NSURL URLWithString:[NSString stringWithFormat:@"http://%@:%@@%@/statuses/update.json", username, password, TwitterHostname]];
[request setURL:url];
[request setHTTPMethod:@"POST"];
[request setValue:postLength forHTTPHeaderField:@"Content-Length"];
[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
[request setHTTPBody:postData];

NSURLResponse *response;
NSError *error;
[NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error];

我开始研究base64并将身份验证放入标头中。我在他的base64实现上发现了Dave Dribin's帖子,它似乎有意义。但是,当我尝试使用它时,编译器开始抱怨它无法找到openssl库。所以我读到我需要在libcrypto库中链接,但它似乎不存在于iphone。

我也读到有人说苹果不会允许使用加密库的应用程序,这对我来说没有意义。

所以现在我有点困惑和困惑。在我的应用程序中获取基本身份验证的最简单方法是什么?

干杯

2 个答案:

答案 0 :(得分:15)

两件事。首先,您必须使用异步方法而不是同步/类方法。

NSURLRequest *theRequest=[NSURLRequest requestWithURL:[NSURL URLWithString:req]
                                                               cachePolicy:NSURLRequestUseProtocolCachePolicy
                                                           timeoutInterval:30.0];

// create the connection with the request
// and start loading the data
NSURLConnection *theConnection=[[NSURLConnection alloc] initWithRequest:theRequest delegate:self];

通过在委托中实现此方法来管理身份验证:

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge;

你可能也需要实现这些方法:

- (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response;
- (void)connection:(NSURLConnection *)connection didReceiveData:(NSData *)data;
- (void)connection:(NSURLConnection *)connection didFailWithError:(NSError *)error;
- (void)connectionDidFinishLoading:(NSURLConnection *)connection;

使用异步方法往往可以提供更好的用户体验,所以即使没有进行身份验证的能力,即使有额外的复杂性也值得做。

答案 1 :(得分:0)

你可以直接写下载用户名&主URL中的密码,即https://username:password@yoururl.com/

首先,您需要调用NSURLConnection Delegate文件: -

  • (BOOL)连接:(NSURLConnection *)连接canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace

    {

    返回YES; }

然后打电话 - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge 

{
if ([challenge previousFailureCount] == 0)
        {
            NSURLCredential *newCredential;

            newCredential = [NSURLCredential credentialWithUser:@"username"
                                                       password:@"password"
                                                    persistence:NSURLCredentialPersistenceForSession];
            NSLog(@"NEwCred:- %@ %@", newCredential, newCredential);
            [[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge];
        }
        else
        {
            [[challenge sender] cancelAuthenticationChallenge:challenge];
            NSLog (@"failed authentication");
        }
}
相关问题
最新问题