I have a website that requires login then allows a search api, that's public, it's returning error 405, How do I give parameters in requests.post, since following code isn't working
response = requests.post(
'https://www.somewebsite.com/api/public/',
auth=('asct1#gmail.com', 'Cons')
)
As you can see here 405 means that the method you chose in your case .get(...) is not allowed on the endpoint.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/405
You wrote as well that you should make a Post request. So give requests.post(...) a try!
Happy Coding, T!
Related
There was a question about an undocumented method in the steam api, which serves to confirm authorization in the client (https://steamapi.xpaw.me/#IAuthenticationService/UpdateAuthSessionWithMobileConfirmation). With the help of Charles proxy, I saw a discrepancy with the documentation, instead of post parameters in the request, access_token is passed in the get parameter. When you try to retry the request, a 500 error is returned. The question is, how to implement the execution of this API method and what is needed for this? Is it possible to use another undocumented method to confirm authorization - UpdateAuthSessionWithSteamGuardCode and where can I get the parameters for its implementation? if anyone has an example of the implementation of these methods in python?
I tried to make a test request in python, but in response I received a 401 error, although according to the documentation I passed the necessary parameter
import requests
url = "https://api.steampowered.com/IAuthenticationService/UpdateAuthSessionWithMobileConfirmation/v1/"
data = {
'key': 'my steam web api key from [https://steamcommunity.com/dev/apikey]'
}
req = requests.post(url,data)
print(req.status_code) # 401
maybe there are convenient libraries for python where these methods are implemented?
I am using the tutorial in the following link to create an Access Token automatically for Oauth Zoom API: OAuth with Zoom
The issue lies in the first step where I am required to provide a redirect link. Everytime I try to make a post request to their API, I get an error
"Invalid redirect url (4,700)".
This token which I desire will be needed to use the rest of the functions in the API. The token can be generated manually, but I desire it to be automated for my process. I am using python requests for this.
Here is the code:
import requests
import json
headers = {
'content-type': "application/json"
}
url = "https://zoom.us/oauth/authorize?response_type=code&client_id=ulDD9pB4RG28mFrX0jnIQ&redirect_uri=https://zoom.us"
res = requests.post(url,headers = headers)
print(res.text)
I have looked this issue up everywhere, but I haven't been able to find an answer to my issue.
Any help for this would be greatly appreciated. Thank you.
If you check the documentation for Oauth 2.o Authorization you will find that the Redirect Uri is defined as folows
So the redirect URI is the endpoint on your system which is designed to handle the oauth response, it must have also been added to the Oauth app settings when you set up your project on zoom.
You have added https://zoom.us unless your a developer at zoom i dont think that you can have a app located at https://zoom.us designed to handle the oauth response.
I would expect a redirect uri to look something like https://www.yourdomain.com/zoom/oauthcallback.py
If you even check the tutorial you are following you will notice they use https://yourapp.com
https://zoom.us/oauth/authorize?response_type=code&client_id=7lstjK9NTyett_oeXtFiEQ&redirect_uri=https://yourapp.com
I would double check that the redirect_uri in your /oauth request URL matches exactly that which is referenced in your oauth configuration/whitelist settings for Zoom.
Even the smallest difference like http vs https or including wwww., etc. can throw an error. You might find some of the tips in this OAuth Troubleshooting Guide helpful for other common OAuth errors to check, too!
The first item in that guide covers some common invalid redirect errors.
I'm using Python requests 2.19.1 .
But I'm facing an intermittent issue where I get no response at all when I post to a specific url.
I'm trying to check if the LDAP is giving me the expected output for invalid credentials.
Here's the format:
requests.post('https://oxhp-member.uhc.com/Member/MemberPortal/j_acegi_security_check',
credentials_payload)
that I'm posting
Almost everytime, it works fine. But sometimes, it doesn't give any response for that. Even network issues gives us some response. Right? Why am I not getting any response for the above call.
Is there any existing bug in requests?
Somebody please point me in correct direction.
requests is not responsible for "giving back response". The server you are using requests to post to is.
To see the response you have to keep it in a variable and handle it somehow.
resp = requests.post('https://oxhp-member.uhc.com/Member/MemberPortal/j_acegi_security_check',
credentials_payload)
print(resp.status_code)
print(resp.content)
Whatever resp contains is the responsibility of the server.
UPDATE: Solved. I was indeed making a basic mistake, among other things. My usage of the session.headers.update function was incorrect; instead of session.headers.update = {foo:bar}, I needed to be doing session.headers.update({foo:bar}). Additionally, I changed the following section of code:
From this:
payload = urllib.parse.urlencode({
"grant_type":"urn:ietf:params:oauth:grant-type:jwt-bearer",
"assertion": str(token)
})
To this:
payload = "grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=" + token.decode("utf-8")
The code now works as intended.
Original question below
I've seen several hits on SO and Google about this problem; none of them have helped, although I've certainly made sure to double-check my code to make sure I'm not guilty of the same problems they detail. The problems people tend to have involve passing the POST data as parameters or POSTing to the wrong URL, which I'm not doing, as far as I can tell. Additionally, most of the hits I've found involve 3-legged OAuth2 involving users; I've found comparatively few hits pertaining to service accounts and JWTs, which differ enough from the user flow that I'm concerned about how relevant they are to my problem.
I'm trying to get an access token from the Google Authentication server for a service account. I've generated my JWT and now want to POST to the server to receive back my access token. I've set the headers according to the documentation described here, under "Making the access token request," and as far as I can tell, my request is up to spec, but Google responds back with a 400 response, and the following JSON:
{'error': 'invalid_request', 'error_description': 'Required parameter is missing: grant_type'}
Here's the code causing the problem:
# Returns the session, now with the Host and Authorization headers set.
def gAuthenticate(session):
token = createJWT()
session.headers.update = {
"Host": "www.googleapis.com",
"Content-Type": "application/x-www-form-urlencoded"
}
payload = urllib.parse.urlencode({
"grant_type":"urn:ietf:params:oauth:grant-type:jwt-bearer",
"assertion": str(token)
})
response = session.post("https://www.googleapis.com/oauth2/v4/token", data = payload)
session.headers.update = {"Authorization": "Bearer " + response.json()["access_token"]}
return session
I'm having a lot of strange issues with this code. First of all, if I don't urllib.parse.urlencode my dictionary (i.e. simply payload = {dictionary}), I get only a Bad Request / 'invalid_request' error, which I assume from the less specific error message means that this is less acceptable than what I'm currently doing. Why do I have to do this? Isn't Requests supposed to encode my data for me? I've never had this problem when POSTing with Requests before.
Second, examining the prepared request before it's sent reveals that my headers aren't being correctly set, despite the header update. Neither of the headers I've added to the request are being transmitted.
I've examined the request body and it looks to be identical (except of course the content of the JWT) to the one that Google provides as an example in the documentation.
All of this leads me to believe that I'm making a very basic error somewhere, but I haven't had any success finding it. What am I doing wrong here? Links to any helpful documentation would be extremely appreciated; thanks for your time and attention.
Try "grant_type": "authorization_code". And add grant type as header.
Also, check this link - Accessing Google oAuth giving invalid grant_type (Bad request)
I am using Python 2.7 with the requests module to send http post with parameters. I encountered a strange problem.
To do http post, it is just one line;
x = requests.post(URL, params)
I have no problem with the params. It is the URL that puzzled me.
Sometimes, this URL http://hostname/path/post works. Sometimes, I use http://hostname/path without the /post to get the HTTP post to work. I am puzzled why is this so. What is the difference between the two? Under what conditions do I use which one?
'http://hostname/path/post' is a path. You could in principle issue and HTTP GET request to that same path (although probably you wouldn't get anything meaningful back).
In general, you should look at the site's API documentation and post to the url that they say you should post to without adding anything extra to the url.
There are two different concepts, url and HTTP method. You are confused by trying to mix them.
url - an address you talk to
The url is addressing something on some server. If you get valid url, you can take it as a string, do not read in, and use it. Consider it to be a string.
If I would link it to a visiting your friend, url is address of a doors to come to.
HTTP method (POST, GET, DELETE...)
There are multiple HTTP methods which differ in the way, how you talk to given url.
Linking it to visiting a friend, it would be the way, you try to make the doors open (use the bell, knock or use a hammer)