[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.

To: Robert Verkerk <robert.verkerk@surfsara.nl>, Robert R Tupelo-Schneck <schneck@cnri.reston.va.us>
Subject: Re: [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.
From: Alan Smith <Alan.Smith@ribaenterprises.com>
Date: Tue, 1 Mar 2016 16:30:34 +0000
Accept-language: en-GB, en-US
Cc: "handle-info@cnri.reston.va.us" <handle-info@cnri.reston.va.us>
Delivered-to: handle-info-archive@cnriweb-cogent.cnri.reston.va.us
Delivered-to: handle-info@cnriweb.cnri.reston.va.us
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribaenterprises.com; s=mimecast20151124; t=1456849840; bh=uXms122kLSOv0YamdCZNfLD2f0HFc9ivt++3t+QRG1o=; h=From:To:CC:Subject:Date:Message-ID:References:In-Reply-To:MIME-Version:Content-Type; b=VR0s6IRPEZZOT1dWcvzkzLKRRm3MXJyVs+9ABUIgHGJGumaEp6t8RzfKh9L23iI8GBGrHcYnKEzCO7q4tNVJST/6JQ3C3A7wpAztGCuUCDhmcW1dYm0tYvNQzBkRSK+NpcLUDCmhSxxsXA+iCkHUQLP+Kh0Y4SCy7VEWdwZ0wQY=
In-reply-to: <C72D5E73-7E50-4448-9397-5EF125DB87D4@surfsara.nl>
List-archive: <http://www.handle.net/mailman/private/handle-info/>
List-help: <mailto:handle-info-request@cnri.reston.va.us?subject=help>
List-id: "Handle.Net Mailing List" <handle-info.cnri.reston.va.us>
List-post: <mailto:handle-info@cnri.reston.va.us>
List-subscribe: <http://www.handle.net/mailman/listinfo/handle-info>, <mailto:handle-info-request@cnri.reston.va.us?subject=subscribe>
List-unsubscribe: <http://www.handle.net/mailman/options/handle-info>, <mailto:handle-info-request@cnri.reston.va.us?subject=unsubscribe>
References: <546038BE-82A8-48C2-8788-07A811781FDD@surfsara.nl> <CB11CB58-FE3E-4C1F-A9FB-36EBA80692F2@cnri.reston.va.us> <C72D5E73-7E50-4448-9397-5EF125DB87D4@surfsara.nl>
Sender: handle-info-bounces@cnri.reston.va.us
Thread-index: AQHRXcZmKxb1WEmxk0K1HiG+DifJR58azGUAgADOvgCAKVI9EA==
Thread-topic: [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.

Hi Robert,

Sorry for jumping in on this thread - but I have a couple of questions that are related. Firstly, thanks Robert for the Python example - it's help my understanding of the handle server REST API.

I have been trying to adapt the sample to use basic authentication and believe I am sending the correct authentication header. But, when I do a PUT request to update a value of a handle I get a:

403 Forbidden {"responseCode":400,"handle":"10.18557/1"}

Again, I think I've got the authentication information correct, because if I change the username or password used in the header I get a:

401 Unauthorized

The login credentials work via the hdl-admintool tool.

The URL I'm sending requests to is: 'https://38.100.138.133:8000/api/handles/10.18557/1'

My headers are: {'Content-Type': 'application/json', 'Authorization': 'Basic <username:password escaped and encoded as per tech manual>'}

And the payload I'm sending: {"values": [{"index": 1, "ttl": 86400, "type": "URL", "timestamp": "2016-02-22T11:52:30Z", "data": {"value": "http://www.theNBS.com", "format": "string"}}, {"index": 100, "ttl": 86400, "type": "HS_ADMIN", "timestamp": "2016-03-01T08:43:48Z", "data": {"value": {"index": 200, "handle": "0.NA/10.18557", "permissions": "011111110011"}, "format": "admin"}}], "handle": "10.18557/1", "responseCode": 1}

Any ideas what I'm doing wrong?

Thanks,

Alan

-----Original Message-----
From: handle-info-bounces@cnri.reston.va.us [mailto:handle-info-bounces@cnri.reston.va.us] On Behalf Of Robert Verkerk
Sent: 04 February 2016 9:07 AM
To: Robert R Tupelo-Schneck
Cc: handle-info@cnri.reston.va.us
Subject: Re: [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.

Hi Robert,

Thanks very much for the example.

Greetings,

Robert Verkerk
> On 03 Feb 2016, at 21:46, Robert R Tupelo-Schneck <schneck@cnri.reston.va.us> wrote:
>
> First of all, use the hdl-convert-key utility to produce a standard PEM file for the handle private key file. (That way you can take advantage of key-decoding functionality from a standard library.)
>
> I've attached a Python example written by my colleague Ben Hadden. It uses "requests" and "PyCrypto". It resolves a handle record, changes the data in the handle value at index 1, and updates the handle record. Change the values in the main() function at the top to reflect your actual situation.
>
> The updateHandleRecord() function does the work. It sends an unauthenticated PUT request, parses the WWW-Authenticate: header from the response to that, constructs an Authorization: header, and sends the request again authenticated.
>
> Let us know if you have any questions!
>
> Robert
>
> <example.py>
>
>> On Feb 2, 2016, at 9:30 AM, Robert Verkerk <robert.verkerk@surfsara.nl> wrote:
>>
>> Hi,
>>
>> We want to use the handle rest-full api. But don’t want to use the basic authentication with HS_SECKEY.
>>
>> Does anybody have an python example of challenge response "Authentication via Authorization: Handle" using HS_PUBKEY?
>> We would like to generate a private/public keypair with hdl-keygen. The public key is stored in the handle database. The private key is known on the client.
>>
>> We saw the handle technical manual chapter 14.6.4 and further. This shows the basics. But it is not enough to create a working piece of python code.
>>
>> --
>> Greetings,
>>
>> Robert Verkerk
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> Handle-Info mailing list
>> Handle-Info@cnri.reston.va.us
>> http://www.handle.net/mailman/listinfo/handle-info
>

This email may contain certain privileged or confidential information.
If you are not the intended recipient of any part of this email, please telephone the sender immediately on +44 (0)191 244 5500 and delete this message from your system.
RIBA Enterprises scan all emails and attachments for viruses. However, you should carry out your own virus checks before opening email or any attachments.
RIBA Enterprises does not accept liability for any such matters or their consequences.
Please do not disclose the content of this email or forward to any other person.
Any views expressed or implied in this message are those of the individual sender except where specifically stated to be the views of RIBA Enterprises Ltd.
All emails are monitored; those that contravene the Company's policies may be subject to interception, delay or deletion.

This email has been scanned for email related threats and delivered safely by Mimecast.
For more information please visit http://www.mimecast.com

_______________________________________________
Handle-Info mailing list
Handle-Info@cnri.reston.va.us
http://www.handle.net/mailman/listinfo/handle-info

Follow-Ups:
- Re: [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.
  - From: Robert Tupelo-Schneck <schneck@cnri.reston.va.us>

References:
- [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.
  - From: Robert Verkerk <robert.verkerk@surfsara.nl>
- Re: [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.
  - From: Robert R Tupelo-Schneck <schneck@cnri.reston.va.us>
- Re: [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.
  - From: Robert Verkerk <robert.verkerk@surfsara.nl>

Prev by Date: Re: [Handle-info] Handle tool error
Next by Date: Re: [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.
Previous by thread: Re: [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.
Next by thread: Re: [Handle-info] hsj 8 challenge response "Authentication via Authorization: Handle" via HS_PUBKEY python example.
Index(es):
- Date
- Thread