Pear :: Auth從命令行訪問

Question

我對Pear :: Auth PHP庫有個疑問。我可以以某種方式「在命令行中登錄」。我的意思是我可以訪問通過Pett :: Auth從HttpRequest保護的資源嗎？我在其他腳本程序中創建自己？你可以給我一個示例（Python，PHP，Java或任何東西可讀）

Answer 1

好，我知道它的工作（希望這可以幫助別人 - 這是Python的解決方案，可轉換爲任何語言，並允許你通過創建的HttpRequest你在你的程序的控制登錄PEAR ::驗證

import urllib 
import httplib2 
from urllib import urlencode 
http = httplib2.Http() 

url = 'LOGIN_URL' 
# this applies to current version of Pear (had to add the authsecret) 
body = {'username': 'USRENAME', 'password': 'PASSWORD', 'authsecret': ''} 
headers = {'Content-type': 'application/x-www-form-urlencoded'} 
response, content = http.request(url, 'POST', headers=headers, body=urllib.urlencode(body)) 
# CAREFUL!!! HERE IS THE TRICKY PART ! 
# response['set-cookie'] looks like this -> 'SomeSession=longID; path=/, SomeSession=longID; path=/, authchallenge=blabla; path=/' 
# you need to parse it and use only authchallanage and SomeSessionpart(just one of them I think the last one) - have no idea why, but it works. So next line needs some parsing and fixing 
headers = {'Cookie': response['set-cookie']} #parseme -- this is not correnct and will not work, but you have to fix it to match your implementation 
print headers 

# e.g. headers = {'Cookie': 'MySession=bdfdstiq90oilkpk7n4s2q2g50; authchallenge=fddtggffg5784d359c12dfad4059', 'X_REQUESTED_WITH': 'xmlhttprequest'}#the second header is optional, I needed to access some ajax call 
data = dict(argument="to_pass", eg="customerID") 
resp, content = http.request("secure_URL", "POST", urlencode(data), headers=headers) 
print resp 
print content 

Answer 2

實際上取決於...什麼，並從那裏你正在試圖做到這一點...我想到有些事情：

• 將憑據作爲命令行參數傳遞。
• 將憑證作爲GET請求參數的一部分傳遞（可能假設爲SSL）。
• 使用cURL和餅乾罐。
• 實現一個服務層，以便這些調用以另一種方式處理身份驗證，以便於您的需要（API與身份驗證可與現有的梨認證一起使用）。

Answer 3

如果有人有興趣的Java解決方案那就是：

public String getServerJson(){ 
    DefaultHttpClient httpclient = new DefaultHttpClient(); 
    HttpPost httpost = new HttpPost("https://"+hostToReach+"/secure/index.php"); 
    httpost.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8"); 

    List <NameValuePair> nvps = new ArrayList <NameValuePair>(); 
    nvps.add(new BasicNameValuePair("username", htmlUsername)); 
    nvps.add(new BasicNameValuePair("password", htmlPassword)); 

    httpost.setEntity(new UrlEncodedFormEntity(nvps, Consts.UTF_8)); 
    try { 
     HttpResponse response = httpclient.execute(httpost); 
     HttpEntity entity = response.getEntity(); 
     EntityUtils.consume(entity); 

    } 
    catch (Exception e){ 
     e.printStackTrace(); 
    } 

    HttpPost ajaxPost = new HttpPost("https://"+hostToReach+"/?event_id="+pmp.getPmpEventId().getEventId().toString()+"&categories_only=true&pos=true"); 
    ajaxPost.setHeader("X_REQUESTED_WITH", "xmlhttprequest"); 
    try { 
     HttpResponse catResponse = httpclient.execute(ajaxPost); 
     BufferedReader rd = new BufferedReader (new InputStreamReader(catResponse.getEntity().getContent())); 
     String line = ""; 
     String json = ""; 
     while ((line = rd.readLine()) != null) { 
       json += line; 
     } 
     EntityUtils.consume(catResponse.getEntity()); 
     return json; 


    } 
    catch (Exception e) { 
     e.printStackTrace(); 
     return ""; 
    } 
} 

注：Cookies是自動處理（HttpClient的將其保持其存在的整個時間，所以你不需要擔心THA t）