Accessing Password-Protected IRSA services from scripts
This page gives some examples of how to do Single Sign-on (SSO) authentication when using IRSA's web APIs. This is required for scripts to access non-public data. Logging in to the IRSA SSO service can be done from scripts using curl or wget utilities. These are usually available or can be easily installed on most Unix systems including Linux and MacOS. The two basic methods are:
- send username & password for each operation
- send username & password to the login service, store the returned cookie, then attach that cookie to subsequent calls.
Method #1: Specify username & password with each operation
This method is the most straightforward, but requires the username & password to be included in a script for every operation that is performed. Alternatively, the script can set USER and PASS variables, and use them as part of each operation.
Example using curl:
% curl --user ${USER}:${PASS} [...] "https://irsa.ipac.caltech.edu/...."
The curly braces are required around the USER and PASS variables because of the colon used in between them. Because of that, the password must not contain a colon!
Example using wget:
% wget --auth-no-challenge --user=$USER --pass=$PASS [...] "https://irsa.ipac.caltech.edu/...."
(NOTE: if requests are issued via a browser session that the user has logged into, the login sessions will expire after 2 hours of inactivity, up to a maximum of 1 week.)
Method #2: Using cookies
In this method, the username & password is sent to a login service. If the login is successful, the service will return an authentication token as a cookie, which can be saved to a local file. Then that cookie can be attached to subsequent operations. NOTE: currently the cookies will be valid for 1 week, after which a new cookie file must be obtained.
First, obtain a login cookie.
Example using curl:
% curl -c cookies.txt "https://irsa.ipac.caltech.edu/account/signon/login.do?josso_cmd=login&josso_username=$USER&josso_password=$PASS"
Example using wget:
% wget --save-cookies=cookies.txt -O /dev/null "https://irsa.ipac.caltech.edu/account/signon/login.do?josso_cmd=login&josso_username=$USER&josso_password=$PASS"
Now that we have the login cookies saved, access services by attaching that cookie file to subsequent curl/wget calls.
Example using curl:
% curl -b cookies.txt [...] "https://irsa.ipac.caltech.edu/....."
Example using wget:
% wget --load-cookies=cookies.txt [...] "https://irsa.ipac.caltech.edu/....."
Finally, how to logout (disabling the saved cookie from being reused):
% curl -c cookies.txt "https://irsa.ipac.caltech.edu/account/signon/logout.do"
% wget --save-cookies=cookies.txt -O /dev/null "https://irsa.ipac.caltech.edu/account/signon/logout.do"