Cannot manage an authentication error with text/html contents

[Antonio Mancina]

Hi all,


I'm trying to deploy a very simple restful webapplication making use of:


- Django/Piston on server side
- RestKit on iPhone side


I had my hard times understanding enough to let the magic happen, but I'm quite satisfied with it.
I've only one remaining issue (as on now).

If I issue the following command, with <password> being NOT the correct one,

# curl -i -u username:password -H 'Content-Type:application/json' -H 'Accept:application/json' -X DELETE http://127.0.0.1:8000/api/username/15

I get this answer from the django/piston server side.

HTTP/1.0 401 UNAUTHORIZED
Date: Sun, 27 Nov 2011 09:05:28 GMT
Server: WSGIServer/0.1 Python/2.7.1
Vary: Authorization
Content-Type: text/html; charset=utf-8
WWW-Authenticate: Basic realm="My Realm"


This is given back from the piston backend, BEFORE I can actually parse the request, so it would seem I can't modify any of these headers.

Now, let's move to the RESTKIT part, in iOS. This is the code of the loader delegate functions I have in place:

- (void)objectLoaderDidLoadUnexpectedResponse:(RKObjectLoader *)objectLoader {
  NSLog(@"Your credentials might be wrong/non-existing");
}

- (void)objectLoader:(RKObjectLoader *)objectLoader didFailWithError:(NSError *)error {
  NSLog(@"Raw answer: %@, isJson: %d, isHtml: %d, status code %d",
             [[objectLoader response] bodyAsString],
             [[objectLoader response] isJSON],
             [[objectLoader response] isHTML],
             [[objectLoader response] statusCode]);

  NSLog(@"Rats! Failed to delete! %@", [error localizedDescription]);
}

Trying the very same delete operation, WITHOUT a registered text/html parser and enabling all debugging facilities, I get this:

[1108:fb03] Deleting object with the following fields:
[1108:fb03] User: <RKTUser: 0x6c4b2b0> Title: Title Description: description Id: 15
[1108:fb03] D restkit.network:RKRequest.m:362 Sending asynchronous DELETE request to URL http://localhost:8000/api/username/15.
[1108:fb03] D restkit.network:RKResponse.m:163 Asked if canAuthenticateAgainstProtectionSpace: with authenticationMethod = NSURLAuthenticationMethodDefault
[1108:fb03] D restkit.network:RKResponse.m:137 Received authentication challenge
[1108:fb03] D restkit.network:RKResponse.m:163 Asked if canAuthenticateAgainstProtectionSpace: with authenticationMethod = NSURLAuthenticationMethodDefault
[1108:fb03] D restkit.network:RKResponse.m:137 Received authentication challenge
[1108:fb03] W restkit.network:RKResponse.m:157 Failed authentication challenge after 1 failures
[1108:fb03] Raw answer: (null), isJson: 0, isHtml: 0, status code 0 

[1108:fb03] Rats! Failed to delete! The operation couldn’t be completed. (NSURLErrorDomain error -1012.)

I would expect:

1) The unexpected server response handler being called (since we are dealing with text/html contents).

2) If not, at least something meaningful in the response body (the raw answer part)

Question is: what's happening here? How am I supposed to handle this error condition?

Thanks everyone!

Antonio

[Blake Watters]

We may need to add an authentication failure delegate method to RKRequestDelegate. I believe that when authentication fails, the authentication challenge gets cancelled and that effectively voids the request. NSURLConnection goes to great lengths to hide the actual details of the 401 response cycle from you, so I suspect that why you are seeing a 0 status code and no meaningful info. It's like the request was cancelled.

See - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge in RKResponse.m for details. You may want to add - requestDidFailAuthenticationChallenge:(RKRequest *) to RKRequestDelegate and see if handling that gets you where you want to be. I'd merge a pull request with such functionality.

-- 
Blake Watters
Sent with Sparrow