[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Handle-info] Problem authenticating for admin functions of Handle 8.1 REST API via Authoriztion: Handle

Could someone post a complete example for authentication via Authorization: Handle using HS_SECKEY


Following Handle 8.1 docs, I tried using JS libraries of admin application to build the 

Authorization header, but it is not working. Here's how I did this.


1. Send a DELETE request for an existing handle with out authentication info.

curl -k -v -X DELETE https://128.104.47.219:8000/api/handles/1712/test 


< HTTP/1.1 401 Unauthorized

< WWW-Authenticate: Basic realm="handle"

< WWW-Authenticate: Handle sessionId="1ee6f696alwg8bh2rrddhsw28", nonce="k51RBUk2rrCpDZkT/++o2w=="

< Content-Type: application/json;charset=UTF-8

< Content-Length: 41

* Connection #0 to host 128.104.47.219 left intact

{"responseCode":402,"handle":"1712/test"}


2. Use the info from the challenge response above to construct the Authorization header.


pwd = "xxx"

nonce = "k51RBUk2rrCpDZkT/++o2w=="

cnonce = "/rF3GxOoWYeoQuuPXcRAJw=="

signatureRaw = pwd+nonce+cnonce+pwd 

("xxxk51RBUk2rrCpDZkT/++o2w==/rF3GxOoWYeoQuuPXcRAJw==xxx")

signature = cnri.util.Encoder.Base64.string(libpolycrypt.sha1(cnri.util.Encoder.Utf8.bytes(signatureRaw))) = 

("ECiTL+CMVnadRTFjfZbiNAPIMtY=")


3. Issue a DELETE request for the handle with Authorizaiton header.


curl -k -v -X DELETE -H 'Authorization: Handle version="0", sessionId="1ee6f696alwg8bh2rrddhsw28", cnonce="/rF3GxOoWYeoQuuPXcRAJw==", id="310:1711/ekrylova", type="HS_SECKEY", alg="SHA1", signature="ECiTL+CMVnadRTFjfZbiNAPIMtY="' https://128.104.47.219:8000/api/handles/1712/test 


*   Trying 128.104.47.219...

* Connected to 128.104.47.219 (128.104.47.219) port 8000 (#0)

* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

* Server certificate: anonymous

> DELETE /api/handles/1712/test HTTP/1.1

> Host: 128.104.47.219:8000

> User-Agent: curl/7.43.0

> Accept: */*

> Authorization: Handle version="0", sessionId="1ee6f696alwg8bh2rrddhsw28", cnonce="/rF3GxOoWYeoQuuPXcRAJw==", id="310:1711/ekrylova", type="HS_SECKEY", alg="SHA1", signature="i5R9C5AXnANlkYU9zi1ahLHQh7s="

< HTTP/1.1 401 Unauthorized

< WWW-Authenticate: Handle sessionId="1ee6f696alwg8bh2rrddhsw28", nonce="k51RBUk2rrCpDZkT/++o2w==", error="Identity not verified"

< Content-Length: 0

* Connection #0 to host 128.104.47.219 left intact



Ev

_______________________________________________
Handle-Info mailing list
Handle-Info@cnri.reston.va.us
http://www.handle.net/mailman/listinfo/handle-info