BitcoinTalk

Authentication, JSON RPC and Python

161
Satoshi-only
BitcoinTalk
#1
From:
vess
Subject:
Authentication, JSON RPC and Python
Date:
Hi all,

Does anyone have jsonrpc or something similar working with HTTP Authentication? I'm trying to hit up my bitcoin server with python over JSON-RPC, and of course, getting authorization errors from the new server.

I couldn't find much about this online, surprisingly, so thought I'd ask here.
BitcoinTalk
#2
From:
vess
Subject:
Re: Authentication, JSON RPC and Python
Date:
Update: Here is the current state of my hackish code:

postdata = jsonrpc.dumps({"method": 'getbalance', "params":'','id':'jsonrpc'})

req = urllib2.Request('http://127.0.0.1:8332', postdata)
      

base64string = base64.encodestring( '%s:%s' % ('username','rpcpassword'))[:-1]
authheader =  "Basic %s ." % base64string
req.add_header("Authorization",authheader)
      
handle = urllib2.urlopen(req)
      
print handle.read()


If username or password is wrong, then I get an Authorization error from the server as expected.

Otherwise, I get nothing, just a closed connection.

Any leads or tips?
BitcoinTalk
#3
From:
nelisky
Subject:
Re: Authentication, JSON RPC and Python
Date:
Did you see http://bitcointalk.org/index.php?topic=528.msg4923#msg4923 ? That might be the problem... I had read somewhere about python urllib and bitcoing not playing along, but curl had no issues. Can't find that thread though.
BitcoinTalk
#4
From:
vess
Subject:
Re: Authentication, JSON RPC and Python
Date:
Thanks for the pointer, interesting, but not what seems to be affecting me.

Here's my current code (running on Google App Engine)

postdata = jsonrpc.dumps({"method": 'getbalance', "params":'','id':'jsonrpc'})
req = urllib2.Request('http://127.0.0.1:8332', postdata)
userpass = 'user:a'.encode('base64')[:-1]
authheader =  "Basic %s" % userpass
req.add_header("Authorization",authheader)
handle = urllib2.urlopen(req)
json_response = handle.read()
self.response.out.write (json_response)

This yields a HTTPError: HTTP Error 500: Internal Server Error

from the GAE local python script.


using
   postdata = jsonrpc.dumps([{"jsonrpc": "2.0","method": 'getbalance', "params":'','id':'1'}])

Yields the same result.
BitcoinTalk
#5
From:
jgarzik
Subject:
Content-Length header and 500 (was Re: Authentication, JSON RPC and Python)
Date:
Quote from: vess on August 03, 2010, 06:02:00 PM
Thanks for the pointer, interesting, but not what seems to be affecting me.

Here's my current code (running on Google App Engine)

postdata = jsonrpc.dumps({"method": 'getbalance', "params":'','id':'jsonrpc'})
req = urllib2.Request('http://127.0.0.1:8332', postdata)
userpass = 'user:a'.encode('base64')[:-1]
authheader =  "Basic %s" % userpass
req.add_header("Authorization",authheader)
handle = urllib2.urlopen(req)
json_response = handle.read()
self.response.out.write (json_response)

This yields a HTTPError: HTTP Error 500: Internal Server Error

This is a verified bug in bitcoin.

bitcoin requires the Content-Length header, but several JSON-RPC libraries do not provide it.  When the Content-Length header is absent, bitcoin returns 500 Internal Server Error.
BitcoinTalk
#6
From:
vess
Subject:
Re: Authentication, JSON RPC and Python
Date:
What you say is true, but urllib2 does send Content Length.

In my case, we had a datatypes problem which Gavin helped me find: params needs to get a list in python, so

"params" : []

will work.
"params" : ""

did not.

With that amendation, my second sample code works well now. Hope it's helpful to others.
BitcoinTalk
#7
From:
Gavin Andresen
Subject:
Re: Content-Length header and 500 (was Re: Authentication, JSON RPC and Python)
Date:
Quote from: jgarzik on August 03, 2010, 06:09:08 PM
bitcoin requires the Content-Length header, but several JSON-RPC libraries do not provide it.  When the Content-Length header is absent, bitcoin returns 500 Internal Server Error.
Can you be more specific about which JSON libraries don't provide Content-Length ?  It'd be nice to document that.

BitcoinTalk
#8
From:
jgarzik
Subject:
Re: Content-Length header and 500 (was Re: Authentication, JSON RPC and Python)
Date:
Quote from: gavinandresen on August 03, 2010, 06:56:44 PM
Quote from: jgarzik on August 03, 2010, 06:09:08 PM
bitcoin requires the Content-Length header, but several JSON-RPC libraries do not provide it.  When the Content-Length header is absent, bitcoin returns 500 Internal Server Error.
Can you be more specific about which JSON libraries don't provide Content-Length ?  It'd be nice to document that.

The two JSON RPC libs available at CPAN (Perl), and a compliant C lib that I wrote locally to verify the behavior.
BitcoinTalk
#9
From:
aceat64
Subject:
Re: Authentication, JSON RPC and Python
Date:
Another issue I noticed with bitcoind's JSON-RPC is that by default there is no user, and PHP's fopen() function does not try to send the authentication information if no user was specified.

For example, this URL does not work:
Quote
"http://:[email protected]:8332/"
But this one does:
Quote
"http://username:[email protected]:8332/"

I had to set the "rpcuser" in my node's bitcoin.conf file in order to get PHP to play nicely.
BitcoinTalk
#10
From:
vess
Subject:
Re: Authentication, JSON RPC and Python
Date:
I encountered this as well: there's no documentation as to what auth string should be accepted in the case of no user.

It's probably best to require rpcuser and rpcpassword in future versions is my two cents. This is generally what's expected from an HTTP Auth anyway.
BitcoinTalk
#11
From:
satoshi
Subject:
Re: Content-Length header and 500 (was Re: Authentication, JSON RPC and Python)
Date:
Quote from: gavinandresen on August 03, 2010, 06:56:44 PM
Quote from: jgarzik on August 03, 2010, 06:09:08 PM
bitcoin requires the Content-Length header, but several JSON-RPC libraries do not provide it.  When the Content-Length header is absent, bitcoin returns 500 Internal Server Error.
Can you be more specific about which JSON libraries don't provide Content-Length ?  It'd be nice to document that.
I guess we should try to support the case where there's no Content-Length parameter.  I don't want to rip and replace streams though, even if it has to read one character at a time.

Edit: That is, assuming there actually are any libraries that don't support Content-Length.