1155 lines
39 KiB
HTML
1155 lines
39 KiB
HTML
|
<!DOCTYPE html>
|
||
|
<html lang="en">
|
||
|
<head>
|
||
|
<meta charset="utf-8"/>
|
||
|
<title>
|
||
|
[rest] And [oauth]: Making HTTP Requests
|
||
|
</title>
|
||
|
<style>
|
||
|
/* Page tweaks */
|
||
|
.preview-page {
|
||
|
margin-top: 64px;
|
||
|
margin-bottom: 21px;
|
||
|
}
|
||
|
/* User-content tweaks */
|
||
|
.timeline-comment-wrapper > .timeline-comment:after,
|
||
|
.timeline-comment-wrapper > .timeline-comment:before {
|
||
|
content: none;
|
||
|
}
|
||
|
/* User-content overrides */
|
||
|
.discussion-timeline.wide {
|
||
|
width: 920px;
|
||
|
}
|
||
|
</style>
|
||
|
<link href="style.css" rel="stylesheet"/>
|
||
|
</head>
|
||
|
<body>
|
||
|
<div class="page">
|
||
|
<div class="preview-page" data-autorefresh-url="" id="preview-page">
|
||
|
<main id="js-repo-pjax-container">
|
||
|
<div class="clearfix new-discussion-timeline container-xl px-3 px-md-4 px-lg-5">
|
||
|
<div class="repository-content">
|
||
|
<div class="clearfix">
|
||
|
<div class="Layout Layout--flowRow-until-md Layout--sidebarPosition-end Layout--sidebarPosition-flowRow-end">
|
||
|
<div class="Layout-main">
|
||
|
<div class="Box md Box--responsive" id="readme">
|
||
|
<div class="Box-header d-flex border-bottom-0 flex-items-center flex-justify-between color-bg-default rounded-top-2">
|
||
|
<div class="d-flex flex-items-center">
|
||
|
<h2 class="Box-title">
|
||
|
[rest] And [oauth]: Making HTTP Requests
|
||
|
</h2>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="Box-body px-5 pb-5">
|
||
|
<article class="markdown-body entry-content container-lg" id="grip-content">
|
||
|
<p>
|
||
|
The library contains two distinct objects for RESTful web requests,
|
||
|
<code>
|
||
|
[rest]
|
||
|
</code>
|
||
|
and
|
||
|
<code>
|
||
|
[oauth]
|
||
|
</code>
|
||
|
. Both objects have a lot of functionality in common, but are used in differenct scenarios:
|
||
|
</p>
|
||
|
<p>
|
||
|
<code>
|
||
|
[rest]
|
||
|
</code>
|
||
|
is used for simple RESTful requests, and can issue
|
||
|
<code>
|
||
|
GET
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
POST
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
PUT
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
DELETE
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
HEAD
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
PATCH
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
OPTIONS
|
||
|
</code>
|
||
|
and
|
||
|
<code>
|
||
|
TRACE
|
||
|
</code>
|
||
|
.
|
||
|
</p>
|
||
|
<p>
|
||
|
<code>
|
||
|
[oauth]
|
||
|
</code>
|
||
|
is used for
|
||
|
<a href="http://tools.ietf.org/html/rfc5849" rel="nofollow">
|
||
|
OAuth 1.0
|
||
|
</a>
|
||
|
requests, and can issue
|
||
|
<code>
|
||
|
GET
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
POST
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
PUT
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
DELETE
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
HEAD
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
PATCH
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
OPTIONS
|
||
|
</code>
|
||
|
and
|
||
|
<code>
|
||
|
TRACE
|
||
|
</code>
|
||
|
.
|
||
|
</p>
|
||
|
<h2>
|
||
|
<a aria-hidden="true" class="anchor" href="#common-functionality" id="user-content-common-functionality">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Common Functionality
|
||
|
</h2>
|
||
|
<p>
|
||
|
Both objects have three outlet, with the middle outlet outputting the content of the HTTP request, the left outlet outputs a
|
||
|
<code>
|
||
|
bang
|
||
|
</code>
|
||
|
after a successful operation, and the right outlet is used for error handling.
|
||
|
</p>
|
||
|
<p>
|
||
|
Both
|
||
|
<code>
|
||
|
[rest]
|
||
|
</code>
|
||
|
and
|
||
|
<code>
|
||
|
[oauth]
|
||
|
</code>
|
||
|
can be initialized with a base URL and additional parameters either as creation arguments or using the
|
||
|
<code>
|
||
|
[init(
|
||
|
</code>
|
||
|
message.
|
||
|
</p>
|
||
|
<p>
|
||
|
Both objects can issue GET, POST, PUT, DELETE, HEAD, PATCH, OPTIONS, and TRACE requests.
|
||
|
</p>
|
||
|
<p>
|
||
|
After a successful HTTP request (HTTP stati with a numerical value of at least 200 and less than 300), both objects will output the message body on the middle outlet, followed by a
|
||
|
<code>
|
||
|
bang
|
||
|
</code>
|
||
|
on the left outlet. HTTP redirects by stati 301 and 302 are followed by the objects.
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#setting-http-timeout-and-cancelling-requests" id="user-content-setting-http-timeout-and-cancelling-requests">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Setting HTTP Timeout And Cancelling Requests
|
||
|
</h3>
|
||
|
<p>
|
||
|
Using the
|
||
|
<code>
|
||
|
[timeout(
|
||
|
</code>
|
||
|
message, you can set and clear the timeout to wait for a response from the object. Issuing the message with a numerical value will set the timeout to the value in milliseconds, the message without any parameter will clear the value, and the object will wait for a response infinitely.
|
||
|
</p>
|
||
|
<p>
|
||
|
You can cancel an ongoing request using the
|
||
|
<code>
|
||
|
[cancel(
|
||
|
</code>
|
||
|
message. If the request has already reached the web server, then an action on the server may already be in progress, only waiting for a response is then cleared.
|
||
|
</p>
|
||
|
<p>
|
||
|
As the objects are operating in a seperate thread, cancelling a request may need some time to cleanup the object, so you may need to wait for a small timespan to be available again. If you want to cancel a request and issue a new one right after it, the object may still be locked. Use a small delay to start the new request, 10 milliseconds is a good start for twiddling with the value.
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#setting-http-headers" id="user-content-setting-http-headers">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Setting HTTP Headers
|
||
|
</h3>
|
||
|
<p>
|
||
|
With the
|
||
|
<code>
|
||
|
[header(
|
||
|
</code>
|
||
|
message, you can set an additional HTTP header. This message needs at least one additional symbol parameter. More than one additional parameters will be concatenated with a space.
|
||
|
</p>
|
||
|
<p>
|
||
|
Sending the message again will add new HTTP headers and not clear existing ones.
|
||
|
</p>
|
||
|
<p>
|
||
|
To clear the HTTP headers, use
|
||
|
<code>
|
||
|
[header_clear(
|
||
|
</code>
|
||
|
without any parameter.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Examples:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<p>
|
||
|
Some webservices return different values for different
|
||
|
<code>
|
||
|
Accept:
|
||
|
</code>
|
||
|
HTTP headers. In that case, you can use
|
||
|
<code>
|
||
|
[header Accept: application/json(
|
||
|
</code>
|
||
|
to add the line
|
||
|
<code>
|
||
|
Accept: application/json
|
||
|
</code>
|
||
|
to the HTTP request.
|
||
|
</p>
|
||
|
<p>
|
||
|
Github requires a
|
||
|
<code>
|
||
|
User-Agent:
|
||
|
</code>
|
||
|
HTTP header to return value. You can use
|
||
|
<code>
|
||
|
[header User-Agent: My User Agent(
|
||
|
</code>
|
||
|
to set the value.
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#disabling-checking-tls-certificates" id="user-content-disabling-checking-tls-certificates">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Disabling Checking TLS Certificates
|
||
|
</h3>
|
||
|
<p>
|
||
|
If the server uses a self-signed TLS certificate or the certificate authority (CA) is not recognised by your setup, an SSL secured request will fail with an error message of
|
||
|
<code>
|
||
|
SSL peer certificate or SSH remote key was not OK
|
||
|
</code>
|
||
|
and a
|
||
|
<code>
|
||
|
51 SSL peer certificate or SSH remote key was not OK
|
||
|
</code>
|
||
|
on the right outlet. To disable checking for valid certificates, use a message of
|
||
|
<code>
|
||
|
[sslcheck 0(
|
||
|
</code>
|
||
|
. You can reenable the check with
|
||
|
<code>
|
||
|
[sslcheck 1(
|
||
|
</code>
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Caveat:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<p>
|
||
|
Before doing that,
|
||
|
<a href="http://pic.dhe.ibm.com/infocenter/wmqv7/v7r1/topic/com.ibm.mq.doc/sy10670_.htm" rel="nofollow">
|
||
|
you should be aware of the risks
|
||
|
</a>
|
||
|
.
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#using-proxies" id="user-content-using-proxies">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Using Proxies
|
||
|
</h3>
|
||
|
<p>
|
||
|
You can configure the usage of a proxy with
|
||
|
<code>
|
||
|
[proxy(
|
||
|
</code>
|
||
|
. This message takes 0, 1 or 3 parameters. Use one parameter to set the URL of the proxy including protocol and port number. If your proxy needs username and password, then add those as second and third additional parameter. To clear the proxy settings, use an empty
|
||
|
<code>
|
||
|
[proxy(
|
||
|
</code>
|
||
|
message.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Examples:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<p>
|
||
|
<code>
|
||
|
[proxy http://127.0.0.1:1234(
|
||
|
</code>
|
||
|
will set the proxy without username and password.
|
||
|
</p>
|
||
|
<p>
|
||
|
<code>
|
||
|
[proxy socks5://127.0.0.1:2050 me mysecret(
|
||
|
</code>
|
||
|
will set the proxy using username
|
||
|
<code>
|
||
|
me
|
||
|
</code>
|
||
|
and password
|
||
|
<code>
|
||
|
mysecret
|
||
|
</code>
|
||
|
.
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#downloading-to-file" id="user-content-downloading-to-file">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Downloading to File
|
||
|
</h3>
|
||
|
<p>
|
||
|
The
|
||
|
<code>
|
||
|
[file(
|
||
|
</code>
|
||
|
message with an additional parameter will set the path to a file, where the downloaded content will be stored. This will not check immediately, if the file is writable, as this property in the file system may change any time.
|
||
|
</p>
|
||
|
<p>
|
||
|
If a file path is set, then a successful download will not be output on the middle outlet, but will be written to that location. If that location is not writable to Pd, then the content will generate output on the middle outlet regardless, and post a message to the console.
|
||
|
</p>
|
||
|
<p>
|
||
|
The left and right outlet of
|
||
|
<code>
|
||
|
[rest]
|
||
|
</code>
|
||
|
and
|
||
|
<code>
|
||
|
[oauth]
|
||
|
</code>
|
||
|
will output the same values as with a other HTTP request.
|
||
|
</p>
|
||
|
<p>
|
||
|
To clear the download location, use a
|
||
|
<code>
|
||
|
[file(
|
||
|
</code>
|
||
|
message without a parameter.
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#consuming-streaming-api" id="user-content-consuming-streaming-api">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Consuming Streaming API
|
||
|
</h3>
|
||
|
<p>
|
||
|
If a service returns its data with a streaming API, you can output the data whenever a chunk is received. To set the mode to streaming, send a message
|
||
|
<code>
|
||
|
[mode stream(
|
||
|
</code>
|
||
|
to the object. To return to the standard blocking mode, send
|
||
|
<code>
|
||
|
[mode block(
|
||
|
</code>
|
||
|
to the object. The mode can be set during processing of a request.
|
||
|
</p>
|
||
|
<p>
|
||
|
This is useful for webservices that keep connections open and send data on events, e.g. Twitter streaming API.
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#error-handling" id="user-content-error-handling">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Error handling
|
||
|
</h3>
|
||
|
<p>
|
||
|
If the HTTP result is not successful as defined above, then the right outlet will output a float with the HTTP error code, and on the console the HTTP status will be output as an error message, e.g.
|
||
|
<code>
|
||
|
HTTP error while performing request: 404
|
||
|
</code>
|
||
|
on console,
|
||
|
<code>
|
||
|
404
|
||
|
</code>
|
||
|
on right outlet.
|
||
|
</p>
|
||
|
<p>
|
||
|
If there is an error during the HTTP request (timeout, DNS problems), then the right outlet will output a list with the cURL error code and the message, while additionally outputting the message on the console, e.g.
|
||
|
<code>
|
||
|
Error while performing request: Timeout was reached
|
||
|
</code>
|
||
|
on console,
|
||
|
<code>
|
||
|
28 Timeout was reached
|
||
|
</code>
|
||
|
on right outlet.
|
||
|
</p>
|
||
|
<p>
|
||
|
With this information you can distinguish a HTTP error from a cURL error, and react accordingly.
|
||
|
</p>
|
||
|
<h2>
|
||
|
<a aria-hidden="true" class="anchor" href="#rest-http-requests" id="user-content-rest-http-requests">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
<code>
|
||
|
[rest]
|
||
|
</code>
|
||
|
: HTTP Requests
|
||
|
</h2>
|
||
|
<p>
|
||
|
<code>
|
||
|
[rest]
|
||
|
</code>
|
||
|
accepts the following HTTP verbs: GET, POST, PUT, DELETE, HEAD, PATCH, TRACE, and OPTIONS. The messages corresponding to the requests are
|
||
|
<code>
|
||
|
[GET(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[POST(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[PUT(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[DELETE(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[HEAD(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[PATCH(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[TRACE(
|
||
|
</code>
|
||
|
, and
|
||
|
<code>
|
||
|
[OPTIONS(
|
||
|
</code>
|
||
|
, and these messages need at least one additional parameter, the URL of the requests. If you have set a base URL, the URL is concatenated with the base URL.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Examples:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<ul>
|
||
|
<li>
|
||
|
If the base URL is set to
|
||
|
<code>
|
||
|
http://www.example.com/
|
||
|
</code>
|
||
|
, then
|
||
|
<code>
|
||
|
[GET data/1(
|
||
|
</code>
|
||
|
will send an HTTP GET request to
|
||
|
<code>
|
||
|
http://www.example.com/data/1
|
||
|
</code>
|
||
|
.
|
||
|
</li>
|
||
|
<li>
|
||
|
If no base URL is set, then
|
||
|
<code>
|
||
|
[DELETE http://www.example.com/data/1(
|
||
|
</code>
|
||
|
will send an HTTP DELETE request to
|
||
|
<code>
|
||
|
http://www.example.com/data/1
|
||
|
</code>
|
||
|
.
|
||
|
</li>
|
||
|
<li>
|
||
|
If the base URL is set to
|
||
|
<code>
|
||
|
http://www.example.com/
|
||
|
</code>
|
||
|
, then
|
||
|
<code>
|
||
|
[GET http://www.example.com/data/1(
|
||
|
</code>
|
||
|
will send an HTTP GET request to
|
||
|
<code>
|
||
|
http://www.example.com/http://www.example.com/data/1
|
||
|
</code>
|
||
|
(and probably result in a 404 error).
|
||
|
</li>
|
||
|
</ul>
|
||
|
<p>
|
||
|
<code>
|
||
|
[POST(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[PUT(
|
||
|
</code>
|
||
|
and
|
||
|
<code>
|
||
|
[PATCH(
|
||
|
</code>
|
||
|
requests usually need additional data. This data is set as additional parameters. These parameters are concatenated with a space in between.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Example:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<p>
|
||
|
<code>
|
||
|
[POST http://www.example.com/data id=1&name=my%20name(
|
||
|
</code>
|
||
|
will send an HTTP POST request to
|
||
|
<code>
|
||
|
http://www.example.com/data
|
||
|
</code>
|
||
|
and include
|
||
|
<code>
|
||
|
id=1&name=my%20name
|
||
|
</code>
|
||
|
as POST parameters.
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#initialization" id="user-content-initialization">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Initialization
|
||
|
</h3>
|
||
|
<p>
|
||
|
You can initialize
|
||
|
<code>
|
||
|
[rest]
|
||
|
</code>
|
||
|
with creation arguments as well as with the
|
||
|
<code>
|
||
|
[init(
|
||
|
</code>
|
||
|
message. Both methods require 0, 1 or 4 parameters.
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#no-parameters" id="user-content-no-parameters">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
No Parameters
|
||
|
</h4>
|
||
|
<p>
|
||
|
If you use no parameters on creation or in the
|
||
|
<code>
|
||
|
[init(
|
||
|
</code>
|
||
|
message, then no base URL is set and any previously set cookie data is deleted.
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#1-parameter" id="user-content-1-parameter">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
1 Parameter
|
||
|
</h4>
|
||
|
<p>
|
||
|
If you use exactly 1 parameter, then this is set as the base URL. Previously set cookie data is deleted.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Example:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<p>
|
||
|
<code>
|
||
|
[init https://www.example.com(
|
||
|
</code>
|
||
|
will set the base URL to
|
||
|
<code>
|
||
|
https://www.example.com
|
||
|
</code>
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#4-parameters" id="user-content-4-parameters">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
4 Parameters
|
||
|
</h4>
|
||
|
<p>
|
||
|
If you use exactly 4 parameters, then the parameters set the base URL, login URL, username and password for cookie authentication in this order.
|
||
|
<code>
|
||
|
[rest]
|
||
|
</code>
|
||
|
will then try to login at the specified URL with the username and password and set a cookie for later requests (see below).
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#different-authentication-methods" id="user-content-different-authentication-methods">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Different Authentication Methods
|
||
|
</h3>
|
||
|
<p>
|
||
|
<code>
|
||
|
[rest]
|
||
|
</code>
|
||
|
can use basic HTTP authentication as well as cookie authentication.
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#basic-http-authentication" id="user-content-basic-http-authentication">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Basic HTTP Authentication
|
||
|
</h4>
|
||
|
<p>
|
||
|
If a webservice is configured with basic HTTP authentication, then include the credentials in the URL after the protocol part, separating username and password by a colon, and before the remainder of the correct URL.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Example:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<p>
|
||
|
The service at
|
||
|
<code>
|
||
|
https://www.example.com/
|
||
|
</code>
|
||
|
needs authentication, and your username is myname, your password is mysupersecret. To access the data, use
|
||
|
<code>
|
||
|
[GET https://myname:mysupersecret@www.example.com(
|
||
|
</code>
|
||
|
.
|
||
|
</p>
|
||
|
<p>
|
||
|
This works in the base URL as well as in any HTTP request. As the part
|
||
|
<code>
|
||
|
myname:mysupersecret
|
||
|
</code>
|
||
|
gets converted to an HTTP request header before actually sending the request, a TLS secured connection will encrypt the credentials.
|
||
|
</p>
|
||
|
<p>
|
||
|
Alternatively, you can also set the HTTP header manually.
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#cookie-authentication" id="user-content-cookie-authentication">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Cookie Authentication
|
||
|
</h4>
|
||
|
<p>
|
||
|
If you initialize
|
||
|
<code>
|
||
|
[rest]
|
||
|
</code>
|
||
|
with 4 parameters, then the object will try to log in using the parameters.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Example:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<p>
|
||
|
<code>
|
||
|
[init https://www.example.com /login.php username myspecialpassword(
|
||
|
</code>
|
||
|
will do the following:
|
||
|
</p>
|
||
|
<ol>
|
||
|
<li>
|
||
|
Set the base URL to
|
||
|
<code>
|
||
|
https://www.example.com
|
||
|
</code>
|
||
|
</li>
|
||
|
<li>
|
||
|
Send a POST request to
|
||
|
<code>
|
||
|
https://www.example.com/login.php
|
||
|
</code>
|
||
|
with the data of
|
||
|
<code>
|
||
|
user=username&password=myspecialpassword
|
||
|
</code>
|
||
|
.
|
||
|
</li>
|
||
|
<li>
|
||
|
Wait for the returned data. If the login is successful, then it will parse the HTTP response header for a line starting with
|
||
|
<code>
|
||
|
Set-Cookie:
|
||
|
</code>
|
||
|
. The remainder of this line (without the trailing semicolon) will be saved for later requests, e.g. the line
|
||
|
<code>
|
||
|
Set-Cookie:login=username;
|
||
|
</code>
|
||
|
will save
|
||
|
<code>
|
||
|
login=username
|
||
|
</code>
|
||
|
.
|
||
|
</li>
|
||
|
<li>
|
||
|
All later requests will include the HTTP request header
|
||
|
<code>
|
||
|
Cookie:
|
||
|
</code>
|
||
|
with the saved value, in the result above, this means
|
||
|
<code>
|
||
|
Cookie:login=username
|
||
|
</code>
|
||
|
.
|
||
|
</li>
|
||
|
</ol>
|
||
|
<p>
|
||
|
Only the first returned cookie will be used, and only one value at a time will be saved. The parameters for sending the username and password to the server cannot be renamed. This works e.g. for CouchDB logins.
|
||
|
</p>
|
||
|
<h2>
|
||
|
<a aria-hidden="true" class="anchor" href="#oauth-oauth-10-requests" id="user-content-oauth-oauth-10-requests">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
<code>
|
||
|
[oauth]
|
||
|
</code>
|
||
|
: OAuth 1.0 Requests
|
||
|
</h2>
|
||
|
<p>
|
||
|
<code>
|
||
|
[oauth]
|
||
|
</code>
|
||
|
accepts the following HTTP verbs: GET, POST, PUT, DELETE, HEAD, PATCH, TRACE, and OPTIONS. The messages corresponding to the requests are
|
||
|
<code>
|
||
|
[GET(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[POST(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[PUT(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[DELETE(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[HEAD(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[PATCH(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[TRACE(
|
||
|
</code>
|
||
|
, and
|
||
|
<code>
|
||
|
[OPTIONS(
|
||
|
</code>
|
||
|
, and these messages need at least one additional parameter, the URL of the requests relative to the base URL.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Examples:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<ul>
|
||
|
<li>
|
||
|
If the base URL is set to
|
||
|
<code>
|
||
|
http://www.example.com/
|
||
|
</code>
|
||
|
, then
|
||
|
<code>
|
||
|
[GET data/1(
|
||
|
</code>
|
||
|
will send an HTTP GET request to
|
||
|
<code>
|
||
|
http://www.example.com/data/1
|
||
|
</code>
|
||
|
.
|
||
|
</li>
|
||
|
<li>
|
||
|
If the base URL is set to
|
||
|
<code>
|
||
|
http://www.example.com/
|
||
|
</code>
|
||
|
, then
|
||
|
<code>
|
||
|
[GET http://www.example.com/data/1(
|
||
|
</code>
|
||
|
will send an HTTP GET request to
|
||
|
<code>
|
||
|
http://www.example.com/http://www.example.com/data/1
|
||
|
</code>
|
||
|
(and probably result in a 404 error).
|
||
|
</li>
|
||
|
</ul>
|
||
|
<p>
|
||
|
<code>
|
||
|
[POST(
|
||
|
</code>
|
||
|
,
|
||
|
<code>
|
||
|
[PUT(
|
||
|
</code>
|
||
|
and
|
||
|
<code>
|
||
|
[PATCH(
|
||
|
</code>
|
||
|
requests usually need additional data. This data is set as additional parameters. These parameters are concatenated with a space in between.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Example:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<p>
|
||
|
If the base URL is set to
|
||
|
<code>
|
||
|
http://www.example.com/
|
||
|
</code>
|
||
|
, then
|
||
|
<code>
|
||
|
[POST data id=1&name=my%20name(
|
||
|
</code>
|
||
|
will send an HTTP POST request to
|
||
|
<code>
|
||
|
http://www.example.com/data
|
||
|
</code>
|
||
|
and include
|
||
|
<code>
|
||
|
id=1&name=my%20name
|
||
|
</code>
|
||
|
as POST parameters.
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#initialization-1" id="user-content-initialization-1">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Initialization
|
||
|
</h3>
|
||
|
<p>
|
||
|
You can initialize
|
||
|
<code>
|
||
|
[oauth]
|
||
|
</code>
|
||
|
with creation arguments as well as with the
|
||
|
<code>
|
||
|
[init(
|
||
|
</code>
|
||
|
message. Both methods require 0, 3 or 5 parameters.
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#no-parameters-1" id="user-content-no-parameters-1">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
No Parameters
|
||
|
</h4>
|
||
|
<p>
|
||
|
If you use no parameters on creation or in the
|
||
|
<code>
|
||
|
[init(
|
||
|
</code>
|
||
|
message, then no base URL is set and any previously set credential data is deleted.
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#3-parameter" id="user-content-3-parameter">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
3 Parameter
|
||
|
</h4>
|
||
|
<p>
|
||
|
If you use exactly 3 parameter, then the parameters set the base URL, the consumer key (client key), and the consumer secret (client secret) in this order. Your access token and secret (token credentials) will be deleted.
|
||
|
</p>
|
||
|
<p>
|
||
|
After using this value,
|
||
|
<code>
|
||
|
[oauth]
|
||
|
</code>
|
||
|
will be able to identify itself as a valid client to the server, but will not be able to invoke HTTP requests on behalf of a verified user. Usually, this is used to get token credentials for a user.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Example:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<p>
|
||
|
<code>
|
||
|
[init https://www.example.com my_client_key my_client_secret(
|
||
|
</code>
|
||
|
will set the base URL to
|
||
|
<code>
|
||
|
https://www.example.com
|
||
|
</code>
|
||
|
, the client key to
|
||
|
<code>
|
||
|
my_client_key
|
||
|
</code>
|
||
|
, and the client secret to
|
||
|
<code>
|
||
|
my_client_secret
|
||
|
</code>
|
||
|
.
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#5-parameters" id="user-content-5-parameters">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
5 Parameters
|
||
|
</h4>
|
||
|
<p>
|
||
|
If you use exactly 5 parameter, then the parameters set the base URL, the consumer key (client key), the consumer secret (client secret), the access token, and the access secret in this order.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Example:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<p>
|
||
|
<code>
|
||
|
[init https://www.example.com my_client_key my_client_secret my_token my_access_secret(
|
||
|
</code>
|
||
|
will set the base URL to
|
||
|
<code>
|
||
|
https://www.example.com
|
||
|
</code>
|
||
|
, the client key to
|
||
|
<code>
|
||
|
my_client_key
|
||
|
</code>
|
||
|
, the client secret to
|
||
|
<code>
|
||
|
my_client_secret
|
||
|
</code>
|
||
|
, the access token to
|
||
|
<code>
|
||
|
my_token
|
||
|
</code>
|
||
|
, and the access secret to
|
||
|
<code>
|
||
|
my_access_secret
|
||
|
</code>
|
||
|
.
|
||
|
</p>
|
||
|
<h3>
|
||
|
<a aria-hidden="true" class="anchor" href="#oauth-signature-method" id="user-content-oauth-signature-method">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
OAuth Signature Method
|
||
|
</h3>
|
||
|
<p>
|
||
|
Signatures are needed to verify the content of your HTTP request on the server-side and authenticate the credentials. OAuth 1.0 has three methods for generating signatures: HMAC-SHA1, plaintext and RSA-SHA1. These methods can be set using the
|
||
|
<code>
|
||
|
[method(
|
||
|
</code>
|
||
|
message.
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#hmac-sha1" id="user-content-hmac-sha1">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
HMAC-SHA1
|
||
|
</h4>
|
||
|
<p>
|
||
|
This is the default method and is used by most services.
|
||
|
</p>
|
||
|
<p>
|
||
|
If you want to set this method explicitely, use the
|
||
|
<code>
|
||
|
[method HMAC(
|
||
|
</code>
|
||
|
message.
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#plaintext" id="user-content-plaintext">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
Plaintext
|
||
|
</h4>
|
||
|
<p>
|
||
|
If you set
|
||
|
<code>
|
||
|
[oauth]
|
||
|
</code>
|
||
|
to use this method, your credentials are sent in plaintext, i.e. anyone can read your credentials from the sent data. This method is discouraged and only safe, if you use TLS secured connections and not use
|
||
|
<code>
|
||
|
[GET(
|
||
|
</code>
|
||
|
requests, as the data in that case is included in the URL.
|
||
|
</p>
|
||
|
<p>
|
||
|
The message to set this method is
|
||
|
<code>
|
||
|
[method PLAINTEXT(
|
||
|
</code>
|
||
|
. Because of the inherent insecurity, a warning is displayed on the Pd console.
|
||
|
</p>
|
||
|
<h4>
|
||
|
<a aria-hidden="true" class="anchor" href="#rsa-sha1" id="user-content-rsa-sha1">
|
||
|
<span aria-hidden="true" class="octicon octicon-link">
|
||
|
</span>
|
||
|
</a>
|
||
|
RSA-SHA1
|
||
|
</h4>
|
||
|
<p>
|
||
|
Instead of using client and access credentials, this method uses an RSA private key to sign the requests. You will still need to provide the credentials to
|
||
|
<code>
|
||
|
[oauth]
|
||
|
</code>
|
||
|
, but these values will not be used. Set the values to dummy values. This will only work, if your version of liboauth is at least 1.0.1, in prior versions, this is not implemented, and a warning will be displayed on the Pd console.
|
||
|
</p>
|
||
|
<p>
|
||
|
The message to set this method is
|
||
|
<code>
|
||
|
[method RSA the_RSA_private_key(
|
||
|
</code>
|
||
|
.
|
||
|
</p>
|
||
|
<p>
|
||
|
<strong>
|
||
|
Example:
|
||
|
</strong>
|
||
|
</p>
|
||
|
<pre><code>[method RSA -----BEGIN PRIVATE KEY-----
|
||
|
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALRiMLAh9iimur8V
|
||
|
A7qVvdqxevEuUkW4K+2KdMXmnQbG9Aa7k7eBjK1S+0LYmVjPKlJGNXHDGuy5Fw/d
|
||
|
7rjVJ0BLB+ubPK8iA/Tw3hLQgXMRRGRXXCn8ikfuQfjUS1uZSatdLB81mydBETlJ
|
||
|
hI6GH4twrbDJCR2Bwy/XWXgqgGRzAgMBAAECgYBYWVtleUzavkbrPjy0T5FMou8H
|
||
|
X9u2AC2ry8vD/l7cqedtwMPp9k7TubgNFo+NGvKsl2ynyprOZR1xjQ7WgrgVB+mm
|
||
|
uScOM/5HVceFuGRDhYTCObE+y1kxRloNYXnx3ei1zbeYLPCHdhxRYW7T0qcynNmw
|
||
|
rn05/KO2RLjgQNalsQJBANeA3Q4Nugqy4QBUCEC09SqylT2K9FrrItqL2QKc9v0Z
|
||
|
zO2uwllCbg0dwpVuYPYXYvikNHHg+aCWF+VXsb9rpPsCQQDWR9TT4ORdzoj+Nccn
|
||
|
qkMsDmzt0EfNaAOwHOmVJ2RVBspPcxt5iN4HI7HNeG6U5YsFBb+/GZbgfBT3kpNG
|
||
|
WPTpAkBI+gFhjfJvRw38n3g/+UeAkwMI2TJQS4n8+hid0uus3/zOjDySH3XHCUno
|
||
|
cn1xOJAyZODBo47E+67R4jV1/gzbAkEAklJaspRPXP877NssM5nAZMU0/O/NGCZ+
|
||
|
3jPgDUno6WbJn5cqm8MqWhW1xGkImgRk+fkDBquiq4gPiT898jusgQJAd5Zrr6Q8
|
||
|
AO/0isr/3aa6O6NLQxISLKcPDk2NOccAfS/xOtfOz4sJYM3+Bs4Io9+dZGSDCA54
|
||
|
Lw03eHTNQghS0A==
|
||
|
-----END PRIVATE KEY-----(
|
||
|
</code></pre>
|
||
|
</article>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</main>
|
||
|
</div>
|
||
|
</div>
|
||
|
<script>
|
||
|
function showCanonicalImages() {
|
||
|
var images = document.getElementsByTagName('img');
|
||
|
if (!images) {
|
||
|
return;
|
||
|
}
|
||
|
for (var index = 0; index < images.length; index++) {
|
||
|
var image = images[index];
|
||
|
if (image.getAttribute('data-canonical-src') && image.src !== image.getAttribute('data-canonical-src')) {
|
||
|
image.src = image.getAttribute('data-canonical-src');
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
function scrollToHash() {
|
||
|
if (location.hash && !document.querySelector(':target')) {
|
||
|
var element = document.getElementById('user-content-' + location.hash.slice(1));
|
||
|
if (element) {
|
||
|
element.scrollIntoView();
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
function autorefreshContent(eventSourceUrl) {
|
||
|
var initialTitle = document.title;
|
||
|
var contentElement = document.getElementById('grip-content');
|
||
|
var source = new EventSource(eventSourceUrl);
|
||
|
var isRendering = false;
|
||
|
|
||
|
source.onmessage = function(ev) {
|
||
|
var msg = JSON.parse(ev.data);
|
||
|
if (msg.updating) {
|
||
|
isRendering = true;
|
||
|
document.title = '(Rendering) ' + document.title;
|
||
|
} else {
|
||
|
isRendering = false;
|
||
|
document.title = initialTitle;
|
||
|
contentElement.innerHTML = msg.content;
|
||
|
showCanonicalImages();
|
||
|
}
|
||
|
}
|
||
|
|
||
|
source.onerror = function(e) {
|
||
|
if (e.readyState === EventSource.CLOSED && isRendering) {
|
||
|
isRendering = false;
|
||
|
document.title = initialTitle;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
window.onhashchange = function() {
|
||
|
scrollToHash();
|
||
|
}
|
||
|
|
||
|
window.onload = function() {
|
||
|
scrollToHash();
|
||
|
}
|
||
|
|
||
|
showCanonicalImages();
|
||
|
|
||
|
var autorefreshUrl = document.getElementById('preview-page').getAttribute('data-autorefresh-url');
|
||
|
if (autorefreshUrl) {
|
||
|
autorefreshContent(autorefreshUrl);
|
||
|
}
|
||
|
</script>
|
||
|
</body>
|
||
|
</html>
|