A few months ago, I hastily put together a Python program that hit my company's web services API. It worked in three different modes:
1) HTTP with no authentication
2) HTTP with user-name and password authentication
3) HTTPS with client certificate authentication
I got 1) to work with urllib, but ran into problems with 2) and 3). Instead of figuring it out, I ended up calculating the proper command-line parameters to curl, and executing it via os.system().
Now I get to re-write this program with the benefit of experience, and I'm not sure if I should use urllib, urllib2, or just stick with curl.
The urllib documentation mentions:
When performing basic authentication, a FancyURLopener instance
calls its prompt_user_passwd() method. The default implementation
asks the users for the required information on the controlling
terminal. A subclass may override this method to support
more appropriate behavior if needed.
It also mentions the **x509 argument to urllib.URLopener():
Additional keyword parameters, collected in x509, may be used for
authentication of the client when using the https: scheme. The
keywords key_file and cert_file are supported to provide an SSL
key and certificate; both are needed to support client
authentication.
But urllib2 is one greater than urllib, so naturally I want to use it instead. The urllib2 documentation is full of information about authentication handlers that seem to be designed for 2) above, but makes no mention whatsoever of client certificates.
My question: do I want to use urllib, because it appears to support everything I need to achieve? Or should I just stick with curl?
Thanks.
Edit: Maybe my question isn't specific enough, so here's another shot. Can I achieve what I want to do with urllib? Or with urllib2? Or am I forced to use curl out of necessity?