35

Does anyone know how to do basic authentication with RestClient?

I need to create a private repository on GitHub through their RESTful API.

the Tin Man
  • 158,662
  • 42
  • 215
  • 303
never_had_a_name
  • 90,630
  • 105
  • 267
  • 383

5 Answers5

45

The easiest way is to embed the details in the URL:

RestClient.get "http://username:password@example.com"
the Tin Man
  • 158,662
  • 42
  • 215
  • 303
opsb
  • 29,325
  • 19
  • 89
  • 99
  • I was searching how to perform authentication without having to initialize a RestClient::Request. +1 for the usage of RestClient.get method. BUT doesn't username and password require escape? Looks as if it's not as easy as it seemd. – AgostinoX Apr 25 '14 at 10:03
  • 2
    What if my username has an '@' character? – Sai Sep 20 '16 at 17:58
  • ...but if you've special characters like # in your password you've get excetion: InvalidURIError: bad URI(is not URI?) – territorial Oct 12 '16 at 13:26
  • 1
    basic auth should go in the headers unless you absolutely have no other choice – house9 Feb 21 '20 at 17:27
36

Here is an example of working code where I support optional basicauth but don't require the user and password be embedded in the URL:

def get_collection(path)
  response = RestClient::Request.new(
    :method => :get,
    :url => "#{@my_url}/#{path}",
    :user => @my_user,
    :password => @my_pass,
    :headers => { :accept => :json, :content_type => :json }
  ).execute
  results = JSON.parse(response.to_str)
end

Do note if @my_user and @mypass are not instantiated, it works fine without basicauth.

Kuf
  • 17,318
  • 6
  • 67
  • 91
bgupta
  • 462
  • 5
  • 9
18

From the source it looks like you can just specify user and password as part of your request object.

Have you tried something like:

r = Request.new({:user => "username", :password => "password"})

Also if you look down in the Shell section of the ReadMe it has an example of specifying it as part of restshell. 

$ restclient https://example.com user pass
>> delete '/private/resource'
the Tin Man
  • 158,662
  • 42
  • 215
  • 303
Mike Buckbee
  • 6,793
  • 2
  • 33
  • 36
  • Consider including the module in usage to improve this. e.g. `RestClient::Request` and adding more context to make the example you gave fully functional – Michael Wasser Aug 05 '16 at 19:37
8

This works and follows RFC 7617 for Http Basic Authentication:


RestClient::Request.execute(
  method: :post,
  url: "https://example.com",
  headers: { "Authorization" => "Basic " + Base64::encode64(auth_details) },
  payload: { "foo" => "bar"}
)


def auth_details
  ENV.fetch("HTTP_AUTH_USERNAME") + ":" + ENV.fetch("HTTP_AUTH_PASSWORD")
end
Community
  • 1
  • 1
Kelsey Hannan
  • 2,857
  • 2
  • 30
  • 46
2

Thanks to Kelsey Hannan:

RestClient.get("https://example.com", 
  {
    Authorization: "Basic #{Base64::encode64('guest:guest')}"
  }
)

RestClient.post("https://example.com", 
  {  }.to_json,
  {
    Authorization: "Basic #{Base64::encode64('guest:guest')}"
  }
)
Piioo
  • 759
  • 10
  • 24