stackoom
  简体   繁体   中英

Client Digest Authentication with POCO

 原文  2015-03-18 09:45:05       c++/ http/ poco-libraries/ digest-authentication

Question

I'm using POCO for some service client. Client should login with digest authentication.

POCO documentation claims that digest authentication is supported .

This is a utility class for working with HTTP authentication (basic or digest ) in HTTPRequest objects.

Here is full source of test (gtest) showing that there is some problem: 

#include "UnitTest.h"
#include <Poco/Net/HTTPRequest.h>
#include <Poco/Net/HTTPResponse.h>
#include <Poco/Net/HTTPSClientSession.h>
#include <Poco/Net/HTTPClientSession.h>
#include <Poco/StreamCopier.h>
#include <Poco/Net/HTTPCredentials.h>

using namespace Poco::Net;

TEST(PocoDigestAuthTest, HttpBibOrgTest) {
    HTTPClientSession session;
    session.setHost("httpbin.org");

    HTTPRequest request(
        "GET", 
        // "http://httpbin.org/basic-auth/user/passwd", // basic
        "http://httpbin.org/digest-auth/auth/user/passwd",  // digest
        HTTPMessage::HTTP_1_1);
    session.sendRequest(request);

    HTTPResponse response;
    std::istream& firstResponseStream = session.receiveResponse(response);
    std::stringstream firstStrStream;
    Poco::StreamCopier::copyStream(firstResponseStream, firstStrStream);

    ASSERT_EQ(HTTPResponse::HTTP_UNAUTHORIZED, response.getStatus());

    HTTPCredentials creds("user", "passwd");
    creds.authenticate(request, response);
    session.sendRequest(request);

    std::istream& bodyStream = session.receiveResponse(response);
    EXPECT_NE(HTTPResponse::HTTP_UNAUTHORIZED, response.getStatus());
    EXPECT_EQ(HTTPResponse::HTTP_OK, response.getStatus());

    std::stringstream strStream;
    Poco::StreamCopier::copyStream(bodyStream, strStream);
    EXPECT_NE("", strStream.str());
}

This test fails where status HTTP_OK is expected, I'm getting 401 (HTTP_UNAUTHORIZED) so earlier check also fails.

If I change uri to site with basic authentication, everything works as expected (test passes).

What I'm doing wrong? Or is it a bug in POCO? Can I fix it somehow?

1 answers

solution1
 3 ACCPTED  2015-03-22 18:51:41

After some testing and mind bending it turned out that the issue has nothing to do with digest authentication. You'll also need to send the cookie (fake=fake_value) set by the httpbin.org server. Here is a modified version of your sample that works. Note the additional call to setCookies(). Also, when creating the HTTPRequest, only the path needs to be supplied, not the entire URI.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how to implement digest authentication for httpserver by poco OpenCV VideoCapture digest authentication How to get Digest authentication right C++ digest authentication with Qt Proxy Authentication in POCO Net C++ library How to download web resource using Digest authentication Browser support of nextnonce directive in HTTP digest authentication Generating an ONVIF authentication digest using Crypto++? POCO - can I use SocketReactor as a client? Get response from Poco http client to string
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM