0

how can I code the following curl commands to java,

curl -k --request POST "<hostname>/login" -d IDToken1="user" -d IDToken2="password" --cookie-jar cookie.txt

curl -w "%{http_code}" -G -s --insecure --request GET --cookie cookie.txt '<requested-url>'

I am able to perform post but not sure how to keep the response in cookie and then, how can I use cookies in HTTP get request.

while doing post what I am trying is

public void httpPostRequest() throws Exception{
        URL url = new URL("url/login");
        HttpURLConnection urlConnection = (HttpURLConnection)url.openConnection();
        String userCredentials = "user"+":"+"password";
        String basicAuth = "Basic " + new String(new Base64().encode(userCredentials.getBytes()));
        urlConnection.setRequestProperty ("Authorization", basicAuth);
        try {
            urlConnection.setRequestMethod("POST");
        } catch (ProtocolException e) {
            e.printStackTrace();
        }
        cookies = urlConnection.getHeaderFields().get("Set-Cookie");
        System.out.println("these are cookies"+cookies);
}

Am I doing it wrong because cookies list is empty

mahi
  • 84
  • 1
  • 5
  • This is described here: https://stackoverflow.com/questions/3249137/how-to-set-cookies-at-http-get-method-using-java and elsewhere. I think the logic is a bit fiddly, and there are various libraries available that can simplify it a little. – Kevin Boone Oct 04 '17 at 08:11
  • what did you try? –  Oct 04 '17 at 08:51
  • thanks, @Kevin Boone I am not supposed to hard code the cookie, I have to fetch it from the post, I understood from [link](https://stackoverflow.com/questions/3249137/how-to-set-cookies-at-http-get-method-using-java), that I can set the cookie with setRequestProperty, but I was looking for an example where a post response header is stored with cookies. – mahi Oct 04 '17 at 09:08
  • Once you've opened the `URLConnection`, you should be able to use `connection.getHeaderFields().get("Set-Cookie")` to extract the cookie response header. You'll have to parse that information get the token you need. – Kevin Boone Oct 04 '17 at 09:38
  • Though I am not sure how cookie engine in curl works, I assume in the aforementioned curl commands no token is being extracted, I didn't get your point. @KevinBoone – mahi Oct 04 '17 at 10:14
  • Curl is storing your cookie information in a file. You could do the same, or just keep it in memory. I presumed that your cookie contained an authentication token, based on the "/login" in the URI. I could be wrong, of course. It doesn't really matter what the cookie contains, so long as you you send the right cookie to the right host. In your Curl example, the curl command will re-send _all_ the cookies received from the first response. If there is only one cookie, or the server does not care about receiving irrelevant cookies, your code can do the same, and you won't need to parse anything. – Kevin Boone Oct 04 '17 at 10:19
  • maybe you should use the Apache HttpClient for this: https://hc.apache.org/ as you can find many examples for prblems like this – Jurgen De Landsheer Oct 04 '17 at 12:04

0 Answers0