I'm able to authenticate and connect to AWSQueryConnection using Boto3, but whenever I try to get information about a URL using the 'UrlInfo' method, I receive a 204 response with no data.
import boto
from boto.connection import AWSQueryConnection
conn = AWSQueryConnection(aws_access_key_id='', aws_secret_access_key='', host='awis.amazonaws.com')
response = conn.make_request('UrlInfo', params={
'Url' : 'http://reddit.com',
'ResponseGroup': 'LinksInCount'
})
print(response.status)
Is there anything wrong with the way I'm using this module?
I was working on a similar thing lately, here is the code I was able to get working using aws-requests-auth, it has built-in support for boto3:
(Notice: host, region and quote method safe parameter)
import requests
from aws_requests_auth.boto_utils import BotoAWSRequestsAuth
auth = BotoAWSRequestsAuth(
aws_host='awis.us-west-1.amazonaws.com',
aws_region='us-west-1',
aws_service='awis'
)
url = 'https://awis.us-west-1.amazonaws.com/api'
query_params = quote(
'Action=UrlInfo&ResponseGroup=LinksInCount&Url=google.com',
safe = '/-_.~=&'
)
response = requests.get(url + '?' + query_params, auth=auth)
print(response.content)
If you prefer to do it without any 3rd party library, you could always do:
from boto3.session import Session
aws_credentials = Session().get_credentials()
print(aws_credentials.access_key)
print(aws_credentials.secret_key)
Then go with the full fun signature process as described at the AWIS Documentation - Calculating Signatures.
Related
I need some help on authorizing in Thycotic using current domain authorization via its API (no need to enter domain username and pass).
So the Thycotic API has this possibility, but i dont understand how to use it. In it manual i see some example, but using PS
$api = "https://<Secret Server URL>/winauthwebservices/api/v1"
$endpoint = "$api/secrets/8387"
$secret = Invoke-RestMethod $endpoint -UseDefaultCredentials
In my python script i'm trying with sspi
from requests_negotiate_sspi import HttpNegotiateAuth
site = 'https://<Secret Server URL>/SecretServer'
windows_auth_API = '/winauthwebservices/api/v1'
headers = {'Accept':'application/json', 'content-type':'application/x-www-form-urlencoded'}
how do i make the further login here? resp gives me 401: Unauthorized
resp = requests.post(site+windows_auth_API, headers=headers, auth=HttpNegotiateAuth)
the solution
from requests_negotiate_sspi import HttpNegotiateAuth
import requests
site = 'https://<Secret Server URL>/SecretServer'
windows_auth_API = '/winauthwebservices/api/v1'
resp = requests.get(site+windows_auth_API+"/secrets/8387", auth=HttpNegotiateAuth())
I have an Openshift 3.11 cluster with the default installation of Prometheus and Alertmanager.
I want to write a python script to scrape the Alertmanager API endpoint so that I can parse the data and pass that on to s third party monitoring tool for our ops team.
My problem is that to get to the API I need to authenticate against oauth. How can I do this within python?
I don't know if this is any different for alert manager compared with the Reddit API, but when I set up a bot for that, I had to first register it on their OAuth page, then I needed to use the codes that it gave me there, to request an access token with the rest of my user data (Login and password as well as what the application was called) Then I could use that authentication to contact the API endpoint.
Here is the function I made to request the access token from Reddit:
def AuthRequest():
import requests
import requests.auth
import json
client_auth = requests.auth.HTTPBasicAuth('Application ID code', 'OAuth secret code')
post_data = {"grant_type": "password", "username": "Your_Username", "password": "Your_Password"}
headers = {"User-Agent": "Name_Of_Application"}
response = requests.post("https://www.reddit.com/api/v1/access_token", auth=client_auth, data=post_data, headers=headers)
return response.json()
And here is the code that contacts the endpoint and takes the data from it:
import requests
import requests.auth
import json
currentComments = []
headers = {"Authorization": auth['token_type'] + " " + auth['access_token'], "User-Agent": "Your_Application_Name"}
mentions = requests.get("https://oauth.reddit.com/message/unread.json", headers=headers).json()
Note here that 'auth' is simply the 'response' from the authentication token. I hope that helps, I don't really know how this differs with alertmanager as I've never really had to use it.
I found the fix for me.
I needed to create a service account
oc create serviceaccount <serviceaccount name> -n <your-namespace>
Then create a cluster role binding for it
oc create clusterrolebinding <name for your role> \
--clusterrole=cluster-monitoring-view \
--serviceaccount=<your-namespace>:<serviceaccount name>
Get a token from the SA and then use that in the curl
oc sa get-token <serviceaccount name> -n <your-namespace>
I want to delete a job in Jenkins use api, I use python's requests library.
It ok when I make a GET request (requests.get(...)) but when I make a POST request (requests.post(...)), it return code 403.
I searched a solution use urllib2, but I can't find it on my library (have urllib, urllib3 but not urllib2).
Does anyone know what my problem is and how to fix it?
I use Python 3.7.3 and Jenkins version 2.176.1
import requests
if __name__ == "__main__":
server = 'my jenkins server'
username = 'my user'
passwd = 'my password'
params = {}
job = 'Test_2'
api = '/doDelete'
url = server + '/job/' + job + api
response = requests.post(url=url, auth=(username, passwd), params=params)
print(response.status_code)
Output is '403'
In a Python script I use the "Requests" library with HTTP basic authentication and a custom CA certificate to trust like this:
import requests
response = requests.get(base_url, auth=(username, password), verify=ssl_ca_file)
All requests I need to make have to use these parameters. Is there a "Python" way to set these as default for all requests?
Use Session(). Documentation states:
The Session object allows you to persist certain parameters across
requests.
import requests
s = requests.Session()
s.auth = (username, password)
s.verify = ssl_ca_file
s.get(base_url)
How can I use automatic NTLM authentication from python on Windows?
I want to be able to access the TFS REST API from windows without hardcoding my password, the same as I do from the web browser (firefox's network.automatic-ntlm-auth.trusted-uris, for example).
I found this answer which works great for me because:
I'm only going to run it from Windows, so portability isn't a problem
The response is a simple json document, so no need to store an open session
It's using the WinHTTP.WinHTTPRequest.5.1 COM object to handle authentication natively:
import win32com.client
URL = 'http://bigcorp/tfs/page.aspx'
COM_OBJ = win32com.client.Dispatch('WinHTTP.WinHTTPRequest.5.1')
COM_OBJ.SetAutoLogonPolicy(0)
COM_OBJ.Open('GET', URL, False)
COM_OBJ.Send()
print(COM_OBJ.ResponseText)
You can do that with https://github.com/requests/requests-kerberos. Under the hood it's using https://github.com/mongodb-labs/winkerberos. The latter is marked as Beta, I'm not sure how stable it is. But I have requests-kerberos in use for a while without any issue.
Maybe a more stable solution would be https://github.com/brandond/requests-negotiate-sspi, which is using pywin32's SSPI implementation.
I found solution here https://github.com/mullender/python-ntlm/issues/21
pip install requests
pip install requests_negotiate_sspi
import requests
from requests_negotiate_sspi import HttpNegotiateAuth
GetUrl = "http://servername/api/controller/Methodname" # Here you need to set your get Web api url
response = requests.get(GetUrl, auth=HttpNegotiateAuth())
print("Get Request Outpot:")
print("--------------------")
print(response.content)
for request by https:
import requests
from requests_negotiate_sspi import HttpNegotiateAuth
import urllib3
urllib3.disable_warnings()
GetUrl = "https://servername/api/controller/Methodname" # Here you need to set your get Web api url
response = requests.get(GetUrl, auth=HttpNegotiateAuth(), verify=False)
print("Get Request Outpot:")
print("--------------------")
print(response.content)
NTLM credentials are based on data obtained during the interactive logon process, and include a one-way hash of the password. You have to provide the credential.
Python has requests_ntlm library that allows for HTTP NTLM authentication.
You can reference this article to access the TFS REST API :
Python Script to Access Team Foundation Server (TFS) Rest API
If you are using TFS 2017 or VSTS, you can try to use Personal Access Token in a Basic Auth HTTP Header along with your REST request.