Python,HTTPS GET,基本身份验证

Question

我试图使用python进行基本身份验证的HTTPS GET.我是python的新手,导游似乎使用不同的图书馆来做事.(http.client,httplib和urllib).谁能告诉我它是如何完成的？你怎么能告诉标准库使用？

Answer 1

在Python 3中,以下内容将起作用.我正在使用标准库中的较低级别的http.client.有关基本授权的详细信息,请查看rfc2617的第2部分.此代码不会检查证书是否有效,但会设置https连接.有关如何执行此操作,请参阅http.client文档.

from http.client import HTTPSConnection
from base64 import b64encode
#This sets up the https connection
c = HTTPSConnection("www.google.com")
#we need to base 64 encode it 
#and then decode it to acsii as python 3 stores it as a byte string
userAndPass = b64encode(b"username:password").decode("ascii")
headers = { 'Authorization' : 'Basic %s' %  userAndPass }
#then connect
c.request('GET', '/', headers=headers)
#get the response back
res = c.getresponse()
# at this point you could check the status etc
# this gets the page text
data = res.read()  

Answer 2

利用Python的强大功能,依靠周围最好的库之一:请求

import requests

r = requests.get('https://my.website.com/rest/path', auth=('myusername', 'mybasicpass'))
print(r.text)

变量r(请求响应)具有更多可以使用的参数.最好的事情是进入交互式解释器并使用它,和/或阅读请求文档.

ubuntu@hostname:/home/ubuntu$ python3
Python 3.4.3 (default, Oct 14 2015, 20:28:29)
[GCC 4.8.4] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import requests
>>> r = requests.get('https://my.website.com/rest/path', auth=('myusername', 'mybasicpass'))
>>> dir(r)
['__attrs__', '__bool__', '__class__', '__delattr__', '__dict__', '__dir__', '__doc__', '__eq__', '__format__', '__ge__', '__getattribute__', '__getstate__', '__gt__', '__hash__', '__init__', '__iter__', '__le__', '__lt__', '__module__', '__ne__', '__new__', '__nonzero__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__setstate__', '__sizeof__', '__str__', '__subclasshook__', '__weakref__', '_content', '_content_consumed', 'apparent_encoding', 'close', 'connection', 'content', 'cookies', 'elapsed', 'encoding', 'headers', 'history', 'iter_content', 'iter_lines', 'json', 'links', 'ok', 'raise_for_status', 'raw', 'reason', 'request', 'status_code', 'text', 'url']
>>> r.content
b'{"battery_status":0,"margin_status":0,"timestamp_status":null,"req_status":0}'
>>> r.text
'{"battery_status":0,"margin_status":0,"timestamp_status":null,"req_status":0}'
>>> r.status_code
200
>>> r.headers
CaseInsensitiveDict({'x-powered-by': 'Express', 'content-length': '77', 'date': 'Fri, 20 May 2016 02:06:18 GMT', 'server': 'nginx/1.6.3', 'connection': 'keep-alive', 'content-type': 'application/json; charset=utf-8'})

Answer 3

更新:OP使用Python 3.因此使用httplib2添加示例

import httplib2

h = httplib2.Http(".cache")

h.add_credentials('name', 'password') # Basic authentication

resp, content = h.request("https://host/path/to/resource", "POST", body="foobar")

以下适用于python 2.6:

我pycurl在生产中大量使用每天处理超过1000万个请求的流程.

您需要先导入以下内容.

import pycurl
import cStringIO
import base64

部分基本身份验证标头包含编码为Base64的用户名和密码.

headers = { 'Authorization' : 'Basic %s' % base64.b64encode("username:password") }

在HTTP标头中,您将看到此行Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=.编码的字符串会根据您的用户名和密码而更改.

我们现在需要一个地方来编写我们的HTTP响应和一个curl连接句柄.

response = cStringIO.StringIO()
conn = pycurl.Curl()

我们可以设置各种卷曲选项.有关选项的完整列表,请参阅此.链接文档适用于libcurl API,但其他语言绑定的选项不会更改.

conn.setopt(pycurl.VERBOSE, 1)
conn.setopt(pycurlHTTPHEADER, ["%s: %s" % t for t in headers.items()])

conn.setopt(pycurl.URL, "https://host/path/to/resource")
conn.setopt(pycurl.POST, 1)

如果您不需要验证证书.警告:这是不安全的.与跑步curl -k或curl --insecure.相似.

conn.setopt(pycurl.SSL_VERIFYPEER, False)
conn.setopt(pycurl.SSL_VERIFYHOST, False)

调用cStringIO.write存储的HTTP响应.

conn.setopt(pycurl.WRITEFUNCTION, response.write)

当您发出POST请求时.

post_body = "foobar"
conn.setopt(pycurl.POSTFIELDS, post_body)

立即提出实际要求.

conn.perform()

根据HTTP响应代码执行某些操作.

http_code = conn.getinfo(pycurl.HTTP_CODE)
if http_code is 200:
   print response.getvalue()

Answer 4

下面是使用证书验证在Python3中执行基本身份验证的正确方法urllib.request.

请注意,这certifi不是强制性的.您可以使用自己的操作系统捆绑包(可能仅限*nix)或自行分发Mozilla的CA捆绑包.或者,如果与您通信的主机只是少数几个,请从主机的CA 自行连接CA文件,这可以降低由另一个损坏的CA导致的MitM攻击的风险.

#!/usr/bin/env python3


import urllib.request
import ssl

import certifi


context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
context.verify_mode = ssl.CERT_REQUIRED
context.load_verify_locations(certifi.where())
httpsHandler = urllib.request.HTTPSHandler(context = context)

manager = urllib.request.HTTPPasswordMgrWithDefaultRealm()
manager.add_password(None, 'https://domain.com/', 'username', 'password')
authHandler = urllib.request.HTTPBasicAuthHandler(manager)

opener = urllib.request.build_opener(httpsHandler, authHandler)

# Used globally for all urllib.request requests.
# If it doesn't fit your design, use opener directly.
urllib.request.install_opener(opener)

response = urllib.request.urlopen('https://domain.com/some/path')
print(response.read())

Answer 5

基于 @AndrewCox 的答案并进行了一些小的改进：

from http.client import HTTPSConnection
from base64 import b64encode


client = HTTPSConnection("www.google.com")
user = "user_name"
password = "password"
headers = {
    "Authorization": "Basic {}".format(
        b64encode(bytes(f"{user}:{password}", "utf-8")).decode("ascii")
    )
}
client.request('GET', '/', headers=headers)
res = client.getresponse()
data = res.read()

请注意，如果您使用bytesfunction 而不是b"".

Answer 6

requests.get(url, auth=requests.auth.HTTPBasicAuth(username=token, password=''))

如果有令牌，密码应该是''。

这个对我有用。

Answer 7

仅使用标准模块，无需手动标头编码

...这似乎是预期且最便携的方式

python urllib 的概念是将请求的众多属性分组到各种管理器/导演/上下文中...然后处理它们的部分：

import urllib.request, ssl

# to avoid verifying ssl certificates
httpsHa = urllib.request.HTTPSHandler(context= ssl._create_unverified_context())

# setting up realm+urls+user-password auth
# (top_level_url may be sequence, also the complete url, realm None is default)
top_level_url = 'https://ip:port_or_domain'
# of the std managers, this can send user+passwd in one go,
# not after HTTP req->401 sequence
password_mgr = urllib.request.HTTPPasswordMgrWithPriorAuth()
password_mgr.add_password(None, top_level_url, "user", "password", is_authenticated=True)

handler = urllib.request.HTTPBasicAuthHandler(password_mgr)
# create OpenerDirector
opener = urllib.request.build_opener(handler, httpsHa)

url = top_level_url + '/some_url?some_query...'
response = opener.open(url)

print(response.read())