In a situation where I'll need to add an Authorization header to the curl request that feeds sends out via the http fetcher. If I do implement anything, is there any other conciderations I should keep in mind, or should I just offer a text field in the FeedsHttpFetcher admin screen so that people can append their own custom header.

Anyone know of any other use-cases besides Authorization? I've got an idea where to start (libraries/http_request.inc), but any extra pointers would be appreciated :)

Comments

patcon’s picture

Hmmm... spoke too soon. From looking at the code, seems I can just use this format:

user:pass@www.example.com/file.xml

Will close this if it works!

patcon’s picture

Kinda slamming my head against a wall here... I can't seen to even hardcode it into working yet. If I can get the right response easy-peasy with curl -H "Authorization: user:pass" http://www.example.com/my/endpoint, anyone have any suggestions how I'd get the simplest hardcoded proof-of-concept working with feeds? Thanks y'all

bcweaver’s picture

I'm in a similar boat in that our staging servers use self-signed SSL certs, and I want to add a configuration setting to tell curl to disregard invalid certs. The code in http_request.inc already supports user/pass authentication on line 153 and ignoring invalid certs on line 161.. these settings simply need to be added to FeedsHTTPFetcher and passed properly through to http_request_get().

I'm looking at version 7.x-2.0-alpha5.. so these line numbers might not be exactly right for other versions..

I've already added the setting to the settings form, but it needs to get passed to http_request_get(), which is called from plugins/FeedsHTTPFetcher.inc in the getRaw() function on line 30.. the trouble is, I can't quite figure out how getRaw() is being called.. fetch() instantiates the object on line 49 or 51, but I'm not sure how that's calling getRaw()..

It seems pretty strange to me that the fetch() function isn't doing the actual fetching.. the FeedsHTTPFetcherResult object is actually doing the fetching, and this is making it trickier to pass $username, $password, or $allow_invalid_certs in.

Could the call to http_request_get() be moved into the fetcher's fetch() function? I'm willing to code this and write a patch.. I just want it to get approved and committed by the maintainer..

bcweaver’s picture

Okay this adds support for ignoring self-signed certs which works for me.. I think I added working HTTP auth support too but I don't have a handy way to test it.

imiksu’s picture

Status: Active » Needs work

I would keep invalid SSL part as separate issue and patch.

And I would set 'use_auth_credentials' settings to be FALSE by default.

twistor’s picture

#4, You cannot get rid of FeedsHTTPFetcherResult. That class very specifically implements a delayed download feature so that if a parser wants to do stream parsing while downloading it can.

@patcon, you should be able to set the username and pass in the url. There was quite a bit of work done lately to enhance auth options. Perhaps this is fixed?

lmeurs’s picture

Issue summary: View changes

Setting user name and password in the URL (ie. https://username:password@domain.tld/file.csv) works fine for me.

twistor’s picture

Status: Needs work » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.