I have not seen a really good example on the web. How can I add authentication to a request like this:
(defun login-show-posts ()
(interactive)
(let ((url-request-method "GET")
(url-request-extra-headers '(("Content-Type" . "application/xml"))))
(url-retrieve "http://localhost:3000/essay/1.xml"
(lambda (status)
(switch-to-buffer (current-buffer))
))))
if for example, the user and pass is admin:admin?
I got the impression that url.el was designed mostly for interactive operations, i.e. you do a call without authorisation, the server responds with a 403 "authorization needed" (correct code?) status and url.el will query the user for user name and password.
You can have a look at my code on http://github.com/hdurer/fluiddb.el where I try to do things programmatically.
Basically, I create the HTTP authorzation header myself (base64 encoding the correctly formatted string and adding the correct header to url-request-extra-headers).
Then in a second step I need to add advice to url-http-handle-authentication so that it won't ask the user should the passed credentials not be acceptable.
This feels a lot like raping url.el but it works for me and is the only way I could make it work.
Your code would thus look something like this:
(defvar xyz-user-name "admin")
(defvar xyz-password "admin")
(defvar xyz-block-authorisation nil
"Flag whether to block url.el's usual interactive authorisation procedure")
(defadvice url-http-handle-authentication (around xyz-fix)
(unless xyz-block-authorisation
ad-do-it))
(ad-activate 'url-http-handle-authentication)
(defun login-show-posts ()
(interactive)
(let ((xyz-block-authorisation t)
(url-request-method "GET")
(url-request-extra-headers
`(("Content-Type" . "application/xml")
("Authorization" . ,(concat "Basic "
(base64-encode-string
(concat xyz-user-name ":" xyz-password)))))))
(url-retrieve "http://localhost:3000/essay/1.xml"
(lambda (status)
(switch-to-buffer (current-buffer))
))))
With twit.el, there was a little farting around to make it work. Authentication info is stored inside of an alist. This a list is bound to the symbol in the variable url-basic-auth-storage.
ELISP> (require 'url)
ELISP> (pp url-basic-auth-storage)
url-http-real-basic-auth-storage
ELISP> (pp (symbol-value url-basic-auth-storage))
(("twitter.com:443" ("Twitter API" . "@uTh5tr!n6=="))
("twitter.com:80" ("Twitter API" . "AnotherAuthString==")))
ELISP>
You could probably do something like this:
(let ((my-temporary-auth '(("host.com:80" ("Auth Realm" . "@uTH5r!n6==")))))
(url-basic-auth-storage 'my-temporary-auth))
(do-gunk))
This will leave the users authentication info alone (if they have any). Upon retrospect that might have been the smarter way to go with twit.el.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 三岁会撩人 的文章《How does emacs url package handle authentication?》','https://www.manongdao.com/article-404278.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}