B4J Question WebsocketClient Authorization

[Blueforcer]

I need to send a API key to connect to a Websocket server. As i read i need to set a header

org.eclipse.jetty.websocket.api.UpgradeException: 401 Unauthorized
Caused by: org.eclipse.jetty.client.HttpResponseException: HTTP protocol violation: Authentication challenge without WWW-Authenticate header

with a websocketclient on the esp8266 i need to call webSocket.setAuthorization("apikey", MyApiKey);

how can i do this with the B4J Library?

 

[Erel]

1. You need to find out which authentication method is expected.

2. Update the library with the attached one (1.11). This is an internal library.

Make the request like this:

Dim UpgradeRequest As JavaObject
UpgradeRequest.InitializeNewInstance("org.eclipse.jetty.websocket.client.ClientUpgradeRequest", Null)
UpgradeRequest.RunMethod("setHeader", Array("key", "value"))
ws.Connect2(Url, UpgradeRequest)

The header key and value depend on the authentication method.

 

[Blueforcer]

Thank you Erel,

the websocket lib that i use on an ESP8266 is using a base64Authorization as i see now. maybe it helps

arduinoWebSockets/src/WebSocketsClient.cpp at master · Links2004/arduinoWebSockets

arduinoWebSockets. Contribute to Links2004/arduinoWebSockets development by creating an account on GitHub.

github.com

 

[Erel]

Probably basic authentication.
It is explained here: https://en.wikipedia.org/wiki/Basic_access_authentication#Client_side

 

[woniol]

Hi,

Is it also possible in B4A websocket library?

 

[Erel]

Are you connecting to a server that expect an additional header?

 

[woniol]

I connect to jServer. Here I have AuthenticationFilter:

srvr.AddFilter("/*", "BasicAuthenticationFilter", False)

with the following code:

'Return True to allow the request to proceed.
Public Sub Filter(req As ServletRequest, resp As ServletResponse) As Boolean
    If req.GetSession.GetAttribute2("logged in", False) = True Then Return True
    If req.RequestURI="/ws" Then
        Return True
    Else
        Dim auths As List = req.GetHeaders("Authorization")
        If auths.Size = 0 Then
            resp.SetHeader("WWW-Authenticate", $"Basic realm="Realm""$)
            resp.SendError(401, "authentication required")
            Return False
        Else
            If CheckCredentials(auths.Get(0)) Then
                req.GetSession.SetAttribute("logged in", True)
                Return True
            Else
                resp.SendError(401, "authentication required")
                Return False
            End If
        End If
    End If
End Sub

It works fine for standard http/https but not for websocket.
Headers are used here.

 

[Erel]

Try the attached B4A library (v2.11). It adds a Headers map that you can use to send headers.

 

[woniol]

It works perfect. With a few lines of code we have Basic authentication:

Dim cred As String
cred = username&":"&pass
Dim su As StringUtils
Dim encoded As String
encoded = su.EncodeBase64(cred.GetBytes("UTF8")) 'data is a bytes array

ws.Headers = CreateMap("Authorization":"Basic "&encoded)
ws.Connect(Url)

Thanks