Sample code for 30+ languages & platforms
Tcl

REST Basic Auth with Secure Strings

Demonstrates how to do REST Basic authentication using secure strings.

This example requires Chilkat v9.5.0.71 or greater.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# Imagine we've previously saved our encrypted login and password within a JSON config file
# that contains this:

# {
#   "http_login": "mCrOmA7mBA7Au9RuJGb9hw==",
#   "http_password": "jJtiI9TgErTTpqBz9JtHBw=="
# }

set json [new_CkJsonObject]

CkJsonObject_LoadFile $json "qa_data/passwords/http.json"

set crypt [new_CkCrypt2]

# These are the encryption settings we previously used to encrypt the credentials within the JSON config file.
CkCrypt2_put_CryptAlgorithm $crypt "aes"
CkCrypt2_put_CipherMode $crypt "cbc"
CkCrypt2_put_KeyLength $crypt 128
CkCrypt2_SetEncodedKey $crypt "000102030405060708090A0B0C0D0E0F" "hex"
CkCrypt2_SetEncodedIV $crypt "000102030405060708090A0B0C0D0E0F" "hex"
CkCrypt2_put_EncodingMode $crypt "base64"

set ssLogin [new_CkSecureString]

set ssPassword [new_CkSecureString]

# Decrypt to the secure string.  (the strings will still held in memory encrypted, but are now encrypted using
# a randomly generated session key.)
CkCrypt2_DecryptSecureENC $crypt [CkJsonObject_stringOf $json "http_login"] $ssLogin
CkCrypt2_DecryptSecureENC $crypt [CkJsonObject_stringOf $json "http_password"] $ssPassword

set rest [new_CkRest]

# Connect to a REST server.
set bTls 1
set port 443
set bAutoReconnect 1
set success [CkRest_Connect $rest "chilkatsoft.com" $port $bTls $bAutoReconnect]

# Cause the "Authorization: Basic ..." header to be added to HTTP requests
CkRest_SetAuthBasicSecure $rest $ssLogin $ssPassword

set responseJson [CkRest_fullRequestNoBody $rest "GET" "/helloWorld.html"]
if {[CkRest_get_LastMethodSuccess $rest] != 1} then {
    puts [CkRest_lastErrorText $rest]
    delete_CkJsonObject $json
    delete_CkCrypt2 $crypt
    delete_CkSecureString $ssLogin
    delete_CkSecureString $ssPassword
    delete_CkRest $rest
    exit
}

# Show the LastRequestHeader that was sent.
puts [CkRest_lastRequestHeader $rest]

# The LastRequestHeader looks like this:

# Host: chilkatsoft.com
# Authorization: Basic bXlIdHRwTG9naW46bXlIdHRwUGFzc3dvcmQ=

delete_CkJsonObject $json
delete_CkCrypt2 $crypt
delete_CkSecureString $ssLogin
delete_CkSecureString $ssPassword
delete_CkRest $rest