PhoneGap FileTransfer with HTTP basic authentication

Question

I'm attempting to upload a file from PhoneGap to a server using the FileTransfer method. I need HTTP basic auth to be enabled for this upload.

Here's the relevant code:

    var options = new FileUploadOptions({
        fileKey: "file",
        params: {
            id: my_id,
            headers: { 'Authorization': _make_authstr() }
        }
    });
    var ft = new FileTransfer();
    ft.upload(image, 'http://locahost:8000/api/upload', success, error, options);

Looking over the PhoneGap source code it appears that I can specify the authorization header by including "headers" in the "params" list as I've done above:

      JSONObject headers = params.getJSONObject("headers");
      for (Iterator iter = headers.keys(); iter.hasNext();)
      {
        String headerKey = iter.next().toString();
        conn.setRequestProperty(headerKey, headers.getString(headerKey));
      }

However, this doesn't seem to actually add the header.

So: is there a way to do HTTP basic auth with PhoneGap's FileTransfer, for both iPhone and Android?

Answer 1

You can create a authorization header yourself. But you can also enter the credentials in the url like this:

var username = "test", password = "pass";     
var uri = encodeURI("http://"+username + ':' + password +"@localhost:8000/api/upload");

See FileTransfer.js for the implementation (line 45):

function getBasicAuthHeader(urlString) {
var header =  null;


// This is changed due to MS Windows doesn't support credentials in http uris
// so we detect them by regexp and strip off from result url
// Proof: http://social.msdn.microsoft.com/Forums/windowsapps/en-US/a327cf3c-f033-4a54-8b7f-03c56ba3203f/windows-foundation-uri-security-problem

if (window.btoa) {
    var credentials = getUrlCredentials(urlString);
    if (credentials) {
        var authHeader = "Authorization";
        var authHeaderValue = "Basic " + window.btoa(credentials);

        header = {
            name : authHeader,
            value : authHeaderValue
        };
    }
}

return header;
}

Answer 2

The correct location for the headers array is as an immediate child of options. options->headers. Not options->params->headers. Here is an example:

//**************************************************************
//Variables used below:
//1 - image_name: contains the actual name of the image file.
//2 - token: contains authorization token. In my case, JWT.
//3 - UPLOAD_URL: URL to which the file will be uploaded.
//4 - image_full_path - Full path for the picture to be uploaded.
//***************************************************************
var options = {
  fileKey: "file",
  fileName: 'picture',
  chunkedMode: false,
  mimeType: "multipart/form-data",
  params : {'fileName': image_name}
};

var headers = {'Authorization':token};

//Here is the magic!
options.headers = headers;
//NOTE: I creaed a separate object for headers to better exemplify what
// is going on here. Obviously you can simply add the header entry
// directly to options object above.

$cordovaFileTransfer.upload(UPLOAD_URL, image_full_path, options).then(
   function(result) {
      //do whatever with the result here.
 });

Here is the official documentation: https://github.com/apache/cordova-plugin-file-transfer

Answer 3

You can add custom headers by adding them to the options rather than the params like so:

authHeaderValue = function(username, password) {
    var tok = username + ':' + password;
    var hash = btoa(tok);
    return "Basic " + hash;
};

options.headers = {'Authorization': authHeaderValue('Bob', '1234') };