?

Log in

No account? Create an account
Hello, I need to do a few bash/gawk scripts to have some basic… - LiveJournal Client Discussions [entries|archive|friends|userinfo]
LiveJournal Client Discussions

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

[Nov. 2nd, 2006|07:27 am]
LiveJournal Client Discussions

lj_clients

[mikhailian]
Hello, I need to do a few bash/gawk scripts to have some basic automation for day-to-day tasks. Some of them require a login.

Is there a way to have a simple authentication, without having to mimic the behavior of the browser?
linkReply

Comments:
[User Picture]From: mikhailian
2006-11-02 10:50 am (UTC)
XML-RPC is not a simple way to do autentication in the context of bash/gawk programming.

I'd use HTTP Cookies but I have read somewhere in this community that it does not work anymore.
(Reply) (Parent) (Thread)
[User Picture]From: mikhailian
2006-11-02 10:54 am (UTC)

and indeed,

I tried this example and I get only
errmsg
Invalid password
success
FAIL


as response
(Reply) (Parent) (Thread)
[User Picture]From: ralesk
2006-11-02 04:05 pm (UTC)

Re: and indeed,

I actually used that as an example to do Cookie auth in Python and it’s perfectly WfM here.

__h = httplib.HTTPConnection(self.site, self.port)
__h.request("POST", self.interface, __req, {'X-LJ-Auth': 'cookie', 'Cookie': 'ljsession='+self.getSession()})

Also, question: did you urlencode the cookie in case it’s stored urldecoded? and did you set auth_method=cookie?

(Reply) (Parent) (Thread)
[User Picture]From: tymofiy
2006-11-02 10:56 am (UTC)
old-skool?

It is a one-liner in Python/Perl/Ruby.
(Reply) (Parent) (Thread)
[User Picture]From: vanbeast
2006-11-02 12:35 pm (UTC)
I'd like to see that one-liner in any of the languages you just specified.

XML-RPC is a giant pain in the ass. It's not so much that it's complex, just that the libraries suck.
(Reply) (Parent) (Thread)
[User Picture]From: tymofiy
2006-11-02 12:59 pm (UTC)

Python one

import xmlrpclib, md5

server = xmlrpclib.Server("http://www.livejournal.com/interface/xmlrpc:80")

username = 'test'
hpassword = md5.md5('test').hexdigest()
howmany = 2

#that the magic on that grabs 'howmany' posts into plain python variable
result = server.LJ.XMLRPC.getevents({'username': username, 'hpassword': hpassword, 'ver': '1','lineendings': '0x0A', "selecttype": "lastn", "itemid": -1, "howmany": howmany })

#print the last subject
print result['events'][0]['subject']

hope that helps. if you want to - have a look at my python LJ client, http://clear.com.ua/en/projects/python/zapys
(Reply) (Parent) (Thread)
[User Picture]From: vanbeast
2006-11-02 01:21 pm (UTC)

Re: Python one

Thanks for proving my point :) Don't claim it's doable in one line when it takes 7.

Yes, I know you could compress the variable assignments in-line, but if it's at the cost of readability, there's not much value in it.

My point was that there's no reason to be down on the guy who wants to do stuff in bash just because it's easier in your pet language. My pet language is Ruby, where it's certainly at least as easy as what you just posted... but I'm not trying to convert the guy.
(Reply) (Parent) (Thread)
[User Picture]From: tymofiy
2006-11-02 01:29 pm (UTC)

Re: Python one

well, did you expect

import LJ
LJ.get_my_last_post_automagically_guessing password() ?

joking. My point was not to say "you're dumb, cause you do not use ..." but a hint that bash is not the best tool for the task. Because in my experience everyone who knows shell scripting knows at least one language of the mentioned triad.
(Reply) (Parent) (Thread)
[User Picture]From: vanbeast
2006-11-02 01:46 pm (UTC)

Re: Python one

Well, in some languages (*ahem* ruby, perl.. where there are LJ libraries) you can do that... sorta ;)

I apologize, your previous comment read (to me) like the "you're dumb" option and I jumped to conclusions. Sorry about that.

I know quite a few people who can scrape by in bash but don't know other languages, so while I agree with you that it would be easier elsewhere, it's interesting to see what people can do in *sh.
(Reply) (Parent) (Thread)
[User Picture]From: tymofiy
2006-11-02 01:35 pm (UTC)

One-liner

I tried, I really tried... Just can't resist the temptation to post that "one-liner"...

print xmlrpclib.Server("http://www.livejournal.com/interface/xmlrpc:80").LJ.XMLRPC.getevents({'username': 'myusername', 'hpassword': md5.md5('mypasswd').hexdigest(), 'ver': '1','lineendings': '0x0A', "selecttype": "lastn", "itemid": -1, "howmany": 1 })['events'][0]['subject']

but you got to have really big screen to avoid line wraps
(Reply) (Parent) (Thread)
[User Picture]From: vanbeast
2006-11-02 01:43 pm (UTC)

Re: One-liner

AWESOME :D

I come from perl, so I know that style. I love it.
(Reply) (Parent) (Thread)
[User Picture]From: ralesk
2006-11-02 03:57 pm (UTC)

Re: One-liner

Hahaha, yes! That tickled the Perlist in me too :D

(Reply) (Parent) (Thread)
[User Picture]From: vanbeast
2006-11-02 12:36 pm (UTC)
Basically, no. The entire protocol suite is over HTTP, so one way or the other you're going to need to pretend to be a browser.

You might consider writing a small glue script in something else that you can use to handle the protocol stuff, and then just call it from your bash/gawk scripts.
(Reply) (Thread)
[User Picture]From: boggyb
2006-11-02 03:22 pm (UTC)
By "require a login", do you mean "require a login for the client protocol" or "require a login for the rest of the site"?
(Reply) (Thread)
[User Picture]From: mikhailian
2006-11-03 11:58 am (UTC)

The client protocol

That is, the flat interface, preferably.
(Reply) (Parent) (Thread)
[User Picture]From: boggyb
2006-11-03 12:07 pm (UTC)

Re: The client protocol

Pass something like user=$username&password=$password on the login line.

Horribly insecure, but it works. There's options to MD5 the password or use a challenge/response system, but depending on the situation you may find cleartext is good enough.
(Reply) (Parent) (Thread)
[User Picture]From: mikhailian
2006-11-05 06:02 pm (UTC)

Re: The client protocol

AFAIU, this does not work for accessing the site, e.g. doing requests to www.livejournal.com/export.bml would require a different mechanism, am I right?
(Reply) (Parent) (Thread)
[User Picture]From: boggyb
2006-11-05 06:19 pm (UTC)

Re: The client protocol

If you want to pretend to be someone using a web browser then you need to use the getsession method to get a session id. Then set that as the ljmastersession cookie, and set the "u123:s456" part of it as the ljloggedin cookie. That seems to work.
(Reply) (Parent) (Thread)
[User Picture]From: boggyb
2006-11-03 12:10 pm (UTC)

Re: The client protocol

See http://www.livejournal.com/doc/server/ljp.csp.auth.clear.html for the docs on it. It says deprecated (for good reasons), but still works. The challenge/response system is at http://www.livejournal.com/doc/server/ljp.csp.auth.challresp.html but may be hard to do from bash/gawk.
(Reply) (Parent) (Thread)