Sample code for 30+ languages & platforms
JavaScript

REST Basic Auth with Secure Strings

Demonstrates how to do REST Basic authentication using secure strings.

This example requires Chilkat v9.5.0.71 or greater.

Note
This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.
JavaScript
var success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Imagine we've previously saved our encrypted login and password within a JSON config file
// that contains this:

// {
//   "http_login": "mCrOmA7mBA7Au9RuJGb9hw==",
//   "http_password": "jJtiI9TgErTTpqBz9JtHBw=="
// }

var json = new CkJsonObject();
json.LoadFile("qa_data/passwords/http.json");

var crypt = new CkCrypt2();

// These are the encryption settings we previously used to encrypt the credentials within the JSON config file.
crypt.CryptAlgorithm = "aes";
crypt.CipherMode = "cbc";
crypt.KeyLength = 128;
crypt.SetEncodedKey("000102030405060708090A0B0C0D0E0F","hex");
crypt.SetEncodedIV("000102030405060708090A0B0C0D0E0F","hex");
crypt.EncodingMode = "base64";

var ssLogin = new CkSecureString();
var ssPassword = new CkSecureString();

// Decrypt to the secure string.  (the strings will still held in memory encrypted, but are now encrypted using
// a randomly generated session key.)
crypt.DecryptSecureENC(json.StringOf("http_login"),ssLogin);
crypt.DecryptSecureENC(json.StringOf("http_password"),ssPassword);

var rest = new CkRest();

// Connect to a REST server.
var bTls = true;
var port = 443;
var bAutoReconnect = true;
success = rest.Connect("chilkatsoft.com",port,bTls,bAutoReconnect);

// Cause the "Authorization: Basic ..." header to be added to HTTP requests
rest.SetAuthBasicSecure(ssLogin,ssPassword);

var responseJson = rest.FullRequestNoBody("GET","/helloWorld.html");
if (rest.LastMethodSuccess !== true) {
    console.log(rest.LastErrorText);
    return;
}

// Show the LastRequestHeader that was sent.
console.log(rest.LastRequestHeader);

// The LastRequestHeader looks like this:

// Host: chilkatsoft.com
// Authorization: Basic bXlIdHRwTG9naW46bXlIdHRwUGFzc3dvcmQ=