Outdated egg!

This is an egg for CHICKEN 3, the unsupported old release. You're almost certainly looking for the CHICKEN 4 version of this egg, if it exists.

If it does not exist, there may be equivalent functionality provided by another egg; have a look at the egg index. Otherwise, please consider porting this egg to the current version of CHICKEN.

http-auth

Introduction

The http-auth library contains client-side routines for HTTP basic and digest access (RFC 2617) authentication.

Requires

syntax-case
matchable
datatype
base64
md5
http
uri-generic
lalr

Library procedures

`http:basic-header:: USERNAME * PASSWORD -> AUTH-HEADER`

Given a username and password, creates and returns a basic access authorization header in the form of a dotted pair.

`http:digest-header:: USERNAME * REALM * NONCE * URI * RESPONSE * OPAQUE * MESSAGE-QOP -> AUTH-HEADER`

Creates and returns a digest authorization header. Argument OPAQUE can be #f or a string. Argument MESSAGE-QOP can be #f or one of the variant records AuthInt (nonce-count cnonce H-entity-body), Auth (nonce-count cnonce), or AuthEmpty.

The values for arguments REALM, NONCE, OPAQUE are contained in the server response. The value for argument URI must be obtained via the uri-path procedure in the uri egg. The value for argument RESPONSE is computed by procedure http:digest-response.

`http:digest-response:: USERNAME * REALM * PASSWORD * METHOD * DIGEST-URI * NONCE * MESSAGE-QOP [* HA1] -> RESPONSE`

Creates and returns digest response.

`http:authenticate:: RESPONSE-HANDLER * GET-USER+PW * REQUEST * RETRY? [* AUTH-STATE] -> ...`

An implementation of an HTTP authentication state machine.

Argument RESPONSE-HANDLER is a procedure of the form LAMBDA STATUS * RESPONSE-ATTRS * IN * OUT * QOP-STATE -> ....
Argument GET-USER+PW is a procedure of the form LAMBDA AUTH-TYPE * REALM -> USERNAME * PASSWORD, where AUTH-TYPE is one of 'BASIC or 'DIGEST.
Argument REQUEST is an HTTP request object.
Argument RETRY? can be a positive integer to specify number of authentication retries, or a boolean (#t or #f).
AUTH-STATE is a list [QOP-STATE RESPONSE-FST RESPONSE-ATTRS RESPONSE-IN RESPONSE-OUT].

When first called with an empty AUTH-STATE, this procedure sends he request as-is. If the server returns 401 Unauthorized and argument RETRY? is not #F, the procedure parses the WWW-Authenticate header returned by the server, creates an authorization header for basic or digest authentication, and resends the request. If the server returns a code other than 401, the response handler is invoked with the server response as arguments.

Example

(use http-utils)
(use http-client)
(use http-auth)

(define (default-handler status headers in out . rest)
  (close-input-port in)
  (close-output-port out)
  (print "Status: " status)
  (print "Headers: " headers))

(http:authenticate default-handler
 (lambda (auth-type realm) (list "user" "password")) 
 (http:make-request 'GET "http://server/") #t)

Authors

Ivan Raikov

Version

1.6: Now using uri-generic instead of uri library
1.5: Bug fix in digest authentication
1.3: Bug fix in basic authentication
1.2: Added lalr as a dependence
1.1: Documentation updates
1.0: Initial version

License

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

A full copy of the GPL license can be found at <http://www.gnu.org/licenses/>.