3

考虑使用基本身份验证在 Go 中发出 HTTP 请求的示例:

package main

import (
    "encoding/base64"
    "fmt"
    "io/ioutil"
    "net/http"
    "net/http/httptest"
    "strings"
)

var userName = "myUserName"
var password = "myPassword"

func main() {
    ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
        if !checkAuth(w, r) {
            http.Error(w, "You're not authorized!", http.StatusUnauthorized)
            return
        }
        w.Write([]byte("You're authorized!"))
    }))
    defer ts.Close()

    req, err := http.NewRequest("GET", ts.URL, nil)
    check(err)

    req.SetBasicAuth(userName, password+"foo")

    resp, err := http.DefaultClient.Do(req)
    check(err)
    defer resp.Body.Close()

    body, err := ioutil.ReadAll(resp.Body)
    check(err)

    fmt.Println(string(body))
}

// checkAuth checks authentication (cf. https://stackoverflow.com/questions/21936332/idiomatic-way-of-requiring-http-basic-auth-in-go/21937924#21937924)
func checkAuth(w http.ResponseWriter, r *http.Request) bool {
    s := strings.SplitN(r.Header.Get("Authorization"), " ", 2)
    if len(s) != 2 {
        return false
    }

    b, err := base64.StdEncoding.DecodeString(s[1])
    if err != nil {
        return false
    }

    pair := strings.SplitN(string(b), ":", 2)
    if len(pair) != 2 {
        return false
    }

    return pair[0] == userName && pair[1] == password
}

func check(err error) {
    if err != nil {
        panic(err)
    }
}

请注意,这SetBasicAuth是 an 的一个方法*http.Request,所以如果我想发出很多请求,我必须在每个请求上调用这个方法。

requests.Session在 Python 中,您可以在此示例中定义类似(来自https://requests.readthedocs.io/en/master/user/advanced/#session-objects):

s = requests.Session()
s.auth = ('user', 'pass')
s.headers.update({'x-test': 'true'})

# both 'x-test' and 'x-test2' are sent
s.get('https://httpbin.org/headers', headers={'x-test2': 'true'})

是否有一种惯用的方式来定义requests.SessionGo 中的等价物(最好使用标准库)?我能想到的就是用自己的Do()方法定义一个自定义客户端结构:

type MyClient struct {
    UserName, Password string
}

func (client *MyClient) Do(req *http.Request) (*http.Response, error) {
    req.SetBasicAuth(client.UserName, client.Password)
    return http.DefaultClient.Do(req)
}

并在上面的脚本中调用它

client := MyClient{UserName: userName, Password: password}

resp, err := client.Do(req)

这是避免多次调用的惯用方法SetBasicAuth()吗?

4

0 回答 0