Technology Musings

Forcing HTTP Basic Authentication on the iPhone

JB

Here's my setup.  I have a RESTful Rails app.  Going to http://whatever.com/contacts gives the search screen for the contacts.  Going to http://whatever.com/contacts.xml gives the full list of contacts as an XML file.  For normal users, I use cookie-based authentication.  However, I also allow, for API users, HTTP basic authentication.  There is no access difference between the two.  However, this is a problem for the iPhone, because, although NSURL supports usernames and passwords, it will not present them for authentication without being challenged!  This is somewhat understandable because it doesn't know what authentication mechanism is being used (basic or digest).  However, it is EXTREMELY annoying to program for.

So, after spending about 2 hours digging through stuff, here is what I found out.

First of all, Basic authentication relies upon Base64 encoding, which isn't available on the iPhone.  Thankfully, someone posted public-domain Objective-C iPhone code for this here and someone else gave an almost-working-but-not-quite version of the request code here.  The Base64 code left out some things (like the class wrapper and header file), and the request code assumed a Base64 method existed which didn't.  In any case, here is the Base64 header file, Base64.h:

#import <Foundation/Foundation.h>


@interface Base64 : NSObject {
}
+ (void) initialize;
+ (NSString*) encode:(const uint8_t*) input length:(NSInteger) length;
+ (NSString*) encode:(NSData*) rawBytes;
+ (NSData*) decode:(const char*) string length:(NSInteger) inputLength;
+ (NSData*) decode:(NSString*) string;

@end

Here is the body of the code, Base64.m:

#import "Base64.h"


@implementation Base64

/* Copied from http://www.cocoadev.com/index.pl?BaseSixtyFour (cyrus.najmabadi@gmail.com) */

#define ArrayLength(x) (sizeof(x)/sizeof(*(x)))

static char encodingTable[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static char decodingTable[128];

+ (void) initialize {
if (self == [Base64 class]) {
memset(decodingTable, 0, ArrayLength(decodingTable));
for (NSInteger i = 0; i < ArrayLength(encodingTable); i++) {
decodingTable[encodingTable[i]] = i;
}
}
}


+ (NSString*) encode:(const uint8_t*) input length:(NSInteger) length {
NSMutableData* data = [NSMutableData dataWithLength:((length + 2) / 3) * 4];
uint8_t* output = (uint8_t*)data.mutableBytes;

for (NSInteger i = 0; i < length; i += 3) {
NSInteger value = 0;
for (NSInteger j = i; j < (i + 3); j++) {
value <<= 8;

if (j < length) {
value |= (0xFF & input[j]);
}
}

NSInteger index = (i / 3) * 4;
output[index + 0] = encodingTable[(value >> 18) & 0x3F];
output[index + 1] = encodingTable[(value >> 12) & 0x3F];
output[index + 2] = (i + 1) < length ? encodingTable[(value >> 6) & 0x3F] : '=';
output[index + 3] = (i + 2) < length ? encodingTable[(value >> 0) & 0x3F] : '=';
}

return [[[NSString alloc] initWithData:data
encoding:NSASCIIStringEncoding] autorelease];
}


+ (NSString*) encode:(NSData*) rawBytes {
return [self encode:(const uint8_t*) rawBytes.bytes length:rawBytes.length];
}


+ (NSData*) decode:(const char*) string length:(NSInteger) inputLength {
if ((string == NULL) || (inputLength % 4 != 0)) {
return nil;
}

while (inputLength > 0 && string[inputLength - 1] == '=') {
inputLength--;
}

NSInteger outputLength = inputLength * 3 / 4;
NSMutableData* data = [NSMutableData dataWithLength:outputLength];
uint8_t* output = data.mutableBytes;

NSInteger inputPoint = 0;
NSInteger outputPoint = 0;
while (inputPoint < inputLength) {
char i0 = string[inputPoint++];
char i1 = string[inputPoint++];
char i2 = inputPoint < inputLength ? string[inputPoint++] : 'A'; /* 'A' will decode to \0 */
char i3 = inputPoint < inputLength ? string[inputPoint++] : 'A';

output[outputPoint++] = (decodingTable[i0] << 2) | (decodingTable[i1] >> 4);
if (outputPoint < outputLength) {
output[outputPoint++] = ((decodingTable[i1] & 0xf) << 4) | (decodingTable[i2] >> 2);
}
if (outputPoint < outputLength) {
output[outputPoint++] = ((decodingTable[i2] & 0x3) << 6) | decodingTable[i3];
}
}

return data;
}


+ (NSData*) decode:(NSString*) string {
return [self decode:[string cStringUsingEncoding:NSASCIIStringEncoding] length:string.length];
}


@end

Okay, so now how do we make the request?  It's pretty evil, but if you wrap it in a function it's not too bad.  Don't forget to import Base64.h!  Anyway, here is the code:

+ (NSData *) loadDataFromURLForcingBasicAuth:(NSURL *url) {
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
NSString *authString = [Base64 encode:[[NSString stringWithFormat:@"%@:%@",[url user], [url password]] dataUsingEncoding:NSUTF8StringEncoding]];
[request setValue:[NSString stringWithFormat:@"Basic %@", authString] forHTTPHeaderField:@"Authorization"];
return [NSURLConnection sendSynchronousRequest:request returningResponse:nil error:nil];
}

Ugly, ain't it?  You can use this with asynchronous connections as well, or extend it to handle the responses/errors from sendSynchronchronousRequest, but that is an exercise for the reader.