1 (edited by Hanns Holger Rutz 2023-01-27 15:36:14)

Topic: client retrieving non-public weaves / authentication

Hi there,

we are currently working again on RC exposition parsing, and one issue is that using an HTTP client such wget or curl on an exposition that is not yet public just returns the 'Authentication required' redirected page. Is there a way to pass credentials so that we can read a weave that requires authorised log-in? How? Is there something like an OAuth mechanism?

best,

Hanns Holger

Re: client retrieving non-public weaves / authentication

A workaround I found is to enable the hidden public link in 'share', then run `curl -c cookies.txt` on this link, followed by `curl -b cookies.txt` on the redirection target (`show-exposition`) and then on the actual weave.

Still wondering if there is a formal way to do this.

Re: client retrieving non-public weaves / authentication

Hi,

As far as I know, there is no direct way to access an exposition and login simultaneously.

The way that I solved this, is to login first using wget or curl. You store the session cookie locally and reuse it for subsequent requests. Of course you will need to fetch this cookie again after some time, since RC sessions are not infinite.

The link for logging in to the RC is:
https://www.researchcatalogue.net/session/login

You provide username and password as url-encoded values. (?username=myusername&password=mypassword)

here's a snippet of ocaml code:

let login_cmd () =
  let credentials_form_data =
    [ "username="; Secret.username; "&password="; Secret.password ]
    |> String.concat ""
  in
  let args =
    [|
      "wget";
      "-v";
      "--keep-session-cookies";
      "--save-cookies";
      "cookies.txt";
      "-O";
      "-";
      "--post-data=" ^ credentials_form_data;
      login_url;
    |]
  in

  let inp = Unix.open_process_args_in "wget" args in
  (* let _ = print_endline cmd in *)
  read_lines inp |> String.concat "\n"

However, I'd say your share link method has some advantages as well, in that you don't have to hardcode your credentials into code.