PYTHON实现HTTP基本认证(BASIC AUTHENTICATION)

时间:2021-06-29 16:20:35

参考:

  • http://www.voidspace.org.uk/python/articles/authentication.shtml#id20
  • http://zh.wikipedia.org/wiki/HTTP%E5%9F%BA%E6%9C%AC%E8%AE%A4%E8%AF%81
#! /usr/bin/env python
# -*-coding:utf-8-*-

import re
import sys
import base64
import urllib2

class BasicAuth:
    def __init__(self, username, password, realm=''):
        base_str = "%s:%s" % (username,password)
        base_str = "Basic " + base64.encodestring(base_str)[:-1]
        self.authline = base_str    
        self.realm = realm
        #print self.authline

    def visit(self, the_url):
        req = urllib2.Request(the_url)
        try:
            content = urllib2.urlopen(req)
        except IOError,e:
            #here we *want* fail
            pass
        else:
            print "This page isn't protected by authentication."
            sys.exit(1)

        if not hasattr(e, 'code') or e.code != 401:
            #we got an error - but not a 401 error
            print "This page isn't protected by authentication."
            print 'But we fail for another reason'
            sys.exit(1)

        authline = e.headers['www-authenticate']
        print authline
     #print e.headers
        authobj = re.compile( r'''(?:\s*www-authenticate\s*:)?\s*(\w*)\s+realm=['"]([^'"]+)['"]''',re.IGNORECASE)
        matchobj = authobj.match(authline)
        if not matchobj:
            print 'The authentication header is badly formed.'
            print authline
            sys.exit(1)
        scheme = matchobj.group(1)
        realm = matchobj.group(2)
        if scheme.lower() != 'basic':
            print 'This example only work with BASIC authentication.'
            sys.exit(1)

        req.add_header("Authorization", self.authline)
        try:
            handle = urllib2.urlopen(req)
        except IOError,e:
            print "It looks like the username or password is wrong."
            sys.exit(1)
        thepage = handle.read()
        return thepage

if __name__ == "__main__":
    ba = BasicAuth('admin', 'admin')
    content = ba.visit("http://192.168.1.1/images/logo.jpg")    #路由器管理页面通常采用基本认证法进行身份认证
    with open('logo.jpg', 'w') as f:
        f.write(content)

 Python升级版:

#! /usr/bin/env python
# -*-coding:utf-8 -*-

import urllib2

theurl = 'http://192.168.1.1'
username = 'admin'
password = 'admin'

passman = urllib2.HTTPPasswordMgrWithDefaultRealm()
passman.add_password(None, theurl, username, password)
authhandler = urllib2.HTTPBasicAuthHandler(passman)
opener = urllib2.build_opener(authhandler)
urllib2.install_opener(opener)

pagehandle = urllib2.urlopen('http://192.168.1.1/images/logo.jpg')
#with open('tplogo.jpg', 'w') as f:
    #f.write(pagehandle.read())

 Python终极版:

import requests

#http://www.itwhy.org/%E8%BD%AF%E4%BB%B6%E5%B7%A5%E7%A8%8B/python/python-%E7%AC%AC%E4%B8%89%E6%96%B9-http-%E5%BA%93-requests-%E5%AD%A6%E4%B9%A0.html
r = requests.get('http://192.168.0.1/',auth=('admin','admin'))

Bash终极版

curl -u admin:admin http://192.168.1.1/images/logo.jpg -v

 

标签:

相关文章