I am trying to access the Azure Kudu Web API interface to get historical information about my WebJobs. The URL is https://myfakewebappname.scm.azurewebsites.net/api/triggeredwebjobs/HubSpot/history
This works just fine in a browser with a one time (first time you login) user and password authentication.
When I call it with a python script using the requests library, I get a 401 response code and 'WWW-Authenticate': 'Basic realm="site"'. I then send another request:
resp = requests.get('https://myfakewebappname.scm.azurewebsites.net/api/triggeredwebjobs/HubSpot/history', auth=('actualuser', 'actualpassword')). I use the user and Password that work using my browser.
I get the same 401 response code again with the same response.headers. What am I doing wrong?
The Authentication of the WebJobs Kudu API is via basic auth, to call the API successfully in python, please follow the steps below.
1.Navigate to the Azure portal -> your web app which has the webjob -> click Get publish profile.
2.Open the downloaded file with the format joyweb11.PublishSettings in step 1, note down the userName and userPWD in this file.
3.Then use the code below, replace the value of username and password with the values in step 2, also replace the webapp name in the url with yours, it works fine on my side.
import requests
from base64 import b64encode
username = '$joyweb11'
password = '7pWclexxxxxJlHwoLRwtrneE'
base64AuthInfo = b64encode((username+':'+password).encode('ascii')).decode('ascii')
url = 'https://joyweb11.scm.azurewebsites.net/api/triggeredwebjobs/HubSpot/history'
headers = {'Authorization': 'Basic ' + base64AuthInfo}
response = requests.get(url=url, headers=headers)
print(response.status_code)
print(response.text)
Related
I'm trying to fetch metadata from thoughtspot. I am able to call the url using browser and fetch the data. But here I'm trying to achieve it via python program. According to thougthspot documentation. I have to enable trusted authentication and pass my secret key & username to obtain a token which I can use in my program.
https://developers.thoughtspot.com/docs/?pageid=api-auth-session
my username : username#username.com
secret key : secret-key
Below is my code:(generated by postman)
import requests
url = "https://<ThoughtSpot-host>/callosum/v1/tspublic/v1/session/auth/token?auth_token=secret-key&access_level=FULL&username=username#username.com"
payload={}
headers = {}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)
I'm getting Bad request error. Anyone here using thoughtspot over this issue. Appreciate your support very much.
Error I'm getting:
{"type":"Bad Request","description":"The server could not understand the request due to invalid syntax."}
I can fetch data by calling the api using a web-browser. Below url returns list of all meta-data objects. I want to achieve this using a python program (I have to authenticate first & call the below URL - Authentication step is not working for me when I tried to follow the documentation)
https://<ThoughtSpot-host>/callosum/v1/tspublic/v1/metadata/list
Did you try changing the url so that it includes the domain name?
Also post the error you are getting. And a screenshot of a working request would be great!
I'm trying to test out some AWS APIs that are protected by Cognito. I found the first part on how to get the Json token but I can't figure out how to use the token correctly so I can authenticate on the API.
Here's my code :
import boto3 as boto3;
import requests
username='test#gmail.com'
password='test1234567'
client = boto3.client('cognito-idp')
response = client.initiate_auth(
AuthFlow='USER_PASSWORD_AUTH',
AuthParameters={
"USERNAME": username,
"PASSWORD": password,
},
ClientId='12121212121212',
)
token = response['AuthenticationResult']['AccessToken']
#print("Log in success")
#print("Access token:", response['AuthenticationResult']['AccessToken'])
#print("ID token:", response['AuthenticationResult']['IdToken'])
url = 'https://XXXXXXXX.execute-api.eu-west-1.amazonaws.com/Prod/incidents'
#print('url:', url)
#response = requests.get(url, headers={'authorization': token })
#print('GET:', response.status_code)
head = {'Authorization': token}
response = requests.get(url, headers=head)
print(response.content)
I'm getting the following error message :
b'{"message":"Authorization header requires \'Credential\' parameter. Authorization header requires \'Signature\' parameter. Authorization header requires \'SignedHeaders\' parameter. Authorization header requires existence of either a \'X-Amz-Date\' or a \'Date\' header. Authorization=
Ok so I found the problem and it's working fine now, 2 things were wrong :
The endpoint was wrong - AWS doesn't send a correct error message (!)
The request has to be sent with response['AuthenticationResult']['IdToken']
Please make sure you have selected Cognito or IAM in your API Gateway. From the error message it seems you have selected IAM for protecting the API.
Check the Authorization header's name which you configured for your Cognito Authorizer. You need to use same header name while passing the Cognito token.
If you have configured OAuth scopes in API Gateway side, then you must use access token. And no scope is configured then you can use ID token for authorization.
That said, you can try from Postman application for testing purpose.
I have been working on using the powerbi REST API and I haven't been able to properly make use of it. I made use of this and I was able to register an app and get as far as getting an access token, but still I get 401 statuses on my requests.
My major points of confusion are with regards to the app registration:
1) I am trying to read and write data from a python script. Is this a Native-App or a Web Side Server?
2) What is the meaning of the redirect and home urls on the app registration page? I am currently using my localhost:5000 with different /paths. Could this be the source of the issue?
3) My research indicates that there should be some sort of login interaction. I don't have one, is this an indication that something isn't being done properly?
My code is as follows:
import adal
import requests
AUTHORITY_URL = 'https://login.microsoftonline.com/{my_company}.onmicrosoft.com'
RESOURCE = 'https://analysis.windows.net/powerbi/api'
CLIENT_ID = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
CLIENT_SECRET = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
def make_headers(access_token):
return {
'Authorization': "Bearer {}".format(access_token)
}
context = adal.AuthenticationContext(AUTHORITY_URL)
token = context.acquire_token_with_client_credentials(RESOURCE, CLIENT_ID, CLIENT_SECRET)
access_token = token['accessToken']
headers = make_headers(access_token)
url = "https://api.powerbi.com/v1.0/myorg/datasets"
resp = requests.get(url, headers=headers)
As I said above this works to give me an access token though a get a status 401 response on the request and there is no sign in prompt.
Any help/guidance would be tremendously appreciated.
1) In your case you should register a Native app.
2) Native apps has only Redirect URI. Redirect URI gives AAD more details about the specific application it authenticates. For Native apps you should set it to https://login.live.com/oauth20_desktop.srf.
3) It's hard to say why you are getting Unauthorized response. Check what rights you gave to your application - does it has rights to read or write all datasets? Try to decode the access token at https://jwt.io and look at scp - does it contain "Dataset.Read.All" or "Dataset.ReadWrite.All"?
I am trying to access the Azure AD Graph API using the Python requests library. My steps are to first get the authorization code. Then, using the authorization code, I request an access token/refresh token and then finally query the API.
When I go through the browser, I am able to get my authorization code. I copy that over to get the access token. However, I've been unable to do the same with a Python script. I'm stuck at the part where I get the authorization code.
My script returns a response code of 200, but the response headers don't include that field. I would've expected the new URL with the code to be in the response headers. I would have also expected a response code of 301.
Does anyone know why my response headers don't have the auth code? Also, given the auth code, how would I pull it out to then get the access/refresh tokens using Python?
My code is below:
import requests
s = requests.Session()
s.auth = (USERNAME, PASSWORD)
# Authorize URL
authorize_url = 'https://login.microsoftonline.com/%s/oauth2/authorize' % TENANT_ID
# Token endpoint.
token_url = 'https://login.microsoftonline.com/%s/oauth2/token' % TENANT_ID
payload = { 'response_type': 'code',
'client_id': CLIENT_ID,
'redirect_uri': REDIRECT_URI
}
request = s.get(authorize_url, json=payload, allow_redirects=True)
print request.headers
It looks that you are implementing with Authorization Code Grant Flow via python requests. As the flow shows, the response of the request of authorize_url will redirect to a SSO page of your AD tenant. After your user login on, it will redirect to the location which set in redirect_uri with code as the URL parameters. E.G. http://localhost/?code=AAABAAAAiL...
And your code seems cannot simply display a html page with JavaScript allowed, so it will not redirect to the login on page.
So you can refer to # theadriangreen’s suggestion to implement with a python web server application.
Otherwise, you can refer to Microsoft Azure Active Directory Authentication Library (ADAL) for Python, which is a python package for acquiring access token from AD and can be easily integrated in your python application.
I am trying to login on edx website through script. For this i am using requests library of python. Here is the code
from requests import session
ID = 'example#gmail.com'
PASSWORD = '*********'
with session() as c:
g = c.get('https://courses.edx.org/login/', allow_redirects=True)
csrftoken = (g.headers['set-cookie']).split()[0][10:-1]
login_data = dict(email=ID, password=PASSWORD, csrfmiddlewaretoken=csrftoken, next='/')
a = c.post('https://courses.edx.org/login/', data=login_data, headers={'Referer':'https://courses.edx.org/login/'})
response = c.get('https://courses.edx.org/dashboard')
print response.url
But this code is not working. Output is
https://courses.edx.org/accounts/login?next=/dashboard
When i run a.content. It is showing
CSRF verification failed. Request aborted
Please anyone help me out.
Actually you are splitting for CSRF token the wrong way
csrftoken = (g.headers['set-cookie']).split()[0][10:-1]
will obtain csrf token as 'essionid=csrfstring'. you have to remove 'sessionid' part too. So change that to
csrftoken = (g.headers['set-cookie']).split(';')[0].split('=')[1]
Use a python shell to verify that you are getting csrf token in the right way.
Its good to register your app with edx api if you want to pull formatted data from edx. Then you can use OAuth 2 mechanism to access api. This includes creating a code and exchanging that code for access token. Its like OAuth2 authentication provided by gmail and facebook . More info on how to create tokens is here. A demo is also available