Tcl
Tcl
REST Basic Auth with Secure Strings
Demonstrates how to do REST Basic authentication using secure strings.This example requires Chilkat v9.5.0.71 or greater.
Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Imagine we've previously saved our encrypted login and password within a JSON config file
# that contains this:
# {
# "http_login": "mCrOmA7mBA7Au9RuJGb9hw==",
# "http_password": "jJtiI9TgErTTpqBz9JtHBw=="
# }
set json [new_CkJsonObject]
CkJsonObject_LoadFile $json "qa_data/passwords/http.json"
set crypt [new_CkCrypt2]
# These are the encryption settings we previously used to encrypt the credentials within the JSON config file.
CkCrypt2_put_CryptAlgorithm $crypt "aes"
CkCrypt2_put_CipherMode $crypt "cbc"
CkCrypt2_put_KeyLength $crypt 128
CkCrypt2_SetEncodedKey $crypt "000102030405060708090A0B0C0D0E0F" "hex"
CkCrypt2_SetEncodedIV $crypt "000102030405060708090A0B0C0D0E0F" "hex"
CkCrypt2_put_EncodingMode $crypt "base64"
set ssLogin [new_CkSecureString]
set ssPassword [new_CkSecureString]
# Decrypt to the secure string. (the strings will still held in memory encrypted, but are now encrypted using
# a randomly generated session key.)
CkCrypt2_DecryptSecureENC $crypt [CkJsonObject_stringOf $json "http_login"] $ssLogin
CkCrypt2_DecryptSecureENC $crypt [CkJsonObject_stringOf $json "http_password"] $ssPassword
set rest [new_CkRest]
# Connect to a REST server.
set bTls 1
set port 443
set bAutoReconnect 1
set success [CkRest_Connect $rest "chilkatsoft.com" $port $bTls $bAutoReconnect]
# Cause the "Authorization: Basic ..." header to be added to HTTP requests
CkRest_SetAuthBasicSecure $rest $ssLogin $ssPassword
set responseJson [CkRest_fullRequestNoBody $rest "GET" "/helloWorld.html"]
if {[CkRest_get_LastMethodSuccess $rest] != 1} then {
puts [CkRest_lastErrorText $rest]
delete_CkJsonObject $json
delete_CkCrypt2 $crypt
delete_CkSecureString $ssLogin
delete_CkSecureString $ssPassword
delete_CkRest $rest
exit
}
# Show the LastRequestHeader that was sent.
puts [CkRest_lastRequestHeader $rest]
# The LastRequestHeader looks like this:
# Host: chilkatsoft.com
# Authorization: Basic bXlIdHRwTG9naW46bXlIdHRwUGFzc3dvcmQ=
delete_CkJsonObject $json
delete_CkCrypt2 $crypt
delete_CkSecureString $ssLogin
delete_CkSecureString $ssPassword
delete_CkRest $rest