I have the code below in Python which is making a POST request for an OAuth2 token. It uses basic authentication.
The code works fine, but I would like to "translate it" to curl.
The code:
#Authorization: Basic c29tZV91c2VyOnBhc3M=
#some_user:pass = base64decode('c29tZV91c2VyOnBhc3M=')
def get_access_token():
burp0_url = "https://myurl:443/api/oauth/token"
burp0_headers = {"Accept": "application/json", "Authorization": "Basic c29tZV91c2VyOnBhc3M=", "Content-Type": "application/x-www-form-urlencoded", "Connection": "close", "Accept-Encoding": "gzip, deflate", "User-Agent": "okhttp/3.0.1"}
burp0_data={"grant_type": "client_credentials"}
return json.loads(requests.post(burp0_url, headers=burp0_headers,
data=burp0_data).text)['access_token']
My guess was be that it would look something like this:
curl -v -XPOST -H 'Authorization: Basic c29tZV91c2VyOnBhc3M=' --header 'Accept: application/json' --header 'Connection: close' --header 'Accept-Encoding: gzip, deflate' --header 'User-Agent: okhttp/3.0.1' --data '{"grant_type": "client_credentials"}' https://myurl:443/api/oauth/token
However I keep getting a HTTP/1.1 400 and the following
* Failed writing body (0 != 10)
* Failed writing data
* stopped the pause stream!
* Closing connection 0
Can you help me?
Looks like you forgot to copy the "Content-Type": "application/x-www-form-urlencoded" header into your curl command.
This would also suggest the data is not submitted as a JSON string as you're currently doing, but as regular form data. You can probably use -F 'grant_type=client_credentials' for that and drop the --data argument.
Related
So i'm trying to consume this API, I got this URL http://www.ventamovil.com.mx:9092/service.asmx?op=Check_Balance
There you can write this {"User":"6144135400","Password":"Prueba$$"} on the input field and you get a response.
https://i.stack.imgur.com/RTEii.png
Response
But when i try to consume this api on python i just can't, i don't exactly know how to consume correctly:
My Code
As you can see i got a different response with my code, i should be getting the same response as the "Response" image.
To save yourself some time, you can use their request to build python code automatically, all you have to do is:
Just as you did at first, enter the json in the input field and invoke.
open the network tab, copy the post request they made as curl
curl 'http://www.ventamovil.com.mx:9092/service.asmx/Check_Balance' -H 'Connection: keep-alive' -H 'Cache-Control: max-age=0' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36' -H 'Origin: http://www.ventamovil.com.mx:9092' -H 'Content-Type: application/x-www-form-urlencoded' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' -H 'Referer: http://www.ventamovil.com.mx:9092/service.asmx?op=Check_Balance' -H 'Accept-Language: en-US,en;q=0.9,ar;q=0.8,pt;q=0.7' --data 'jrquest=%7B%22User%22%3A6144135400%2C+%22Password%22%3A+%22Prueba%24%24%22%7D' --compressed --insecure
Go to postman and import the curl, then click code and select python, and here you go you have all the right headers needed
import requests
url = "http://www.ventamovil.com.mx:9092/service.asmx/Check_Balance"
payload = 'jrquest=%7B%22User%22%3A6144135400%2C+%22Password%22%3A+%22Prueba%24%24%22%7D'
headers = {
'Upgrade-Insecure-Requests': '1',
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
}
response = requests.request("POST", url, headers=headers, data = payload)
print(response.text.encode('utf8'))
As you can see, they accept their input as form encoded payload.
You need to modify this request to be parameterized with user/password you want each time you use.
Btw, the output of this python code is:
b'<?xml version="1.0" encoding="utf-8"?>\r\n<string xmlns="http://www.ventamovil.com.mx/ws/">{"Confirmation":"00","Saldo_Inicial":"10000","Compras":"9360","Ventas":"8416","Comision":"469","Balance":"10345.92"}</string>'
I have cURL code that I need to convert to python code using requests library. I want to use this inside django backend software.
I tried several ways but I am getting some erros. Can someone help me with this?
Here is the cURL code:
curl -XPOST -H 'cache-control: no-cache' -H 'content-type: application/json' -H
'X-Client-Id: asdf1234' -H 'X-Client-Secret: qwer9876' -d '{
"planId":"BASIC", "planName":"Basic subscription plan", "amount":12,
"intervalType":"week", "intervals":2,"description":"This is the standard plan
for our services"}' 'https://test.cashfree.com/api/v2/subscription-plans'
In future, you can use a handy converter like this:
import requests
headers = {
'cache-control': 'no-cache',
'content-type': 'application/json',
'X-Client-Id': 'asdf1234',
'X-Client-Secret': 'qwer9876',
}
data = '{"planId":"BASIC", "planName":"Basic subscription plan", "amount":12,"intervalType":"week", "intervals":2,"description":"This is the standard planfor our services"}'
response = requests.post('https://test.cashfree.com/api/v2/subscription-plans', headers=headers, data=data)
It is bizarre activity, I get different response from cURL and Python with the requests module. Also, Python is very slow: cURL takes about 6 seconds, but Python is 2 minutes.
My cURL command is:
curl -L -s -k --request GET \
--url "https://$1/api/maintenance/maintenance/dual_image_config" \
--header 'Cache-Control: no-cache' \
--header 'Accept-Encoding: gzip, deflate, sdch' \
--header 'Content-Type: application/json' \
--header 'Connection: keep-alive'
The cURL response is:
{ "state_1": "Active", "state_2": "stand-by", "current_active_image": "Image-1", "id": 1}
My Python code is:
import requests, sys
DEFAULT_HEADER = {"Accept-Encoding": "gzip, deflate, br",
"Cache-Control": "no-cache",
"Connection": "keep-alive",
"Content-Type": "application/json",
"X-Requested-With": "XMLHttpRequest"}
url = "https://{0}/api/maintenance/maintenance/dual_image_config".format(sys.argv[1])
response = requests.get(url="", data=None, headers=DEFAULT_HEADER , verify=False)
Python response response.text is:
'0121\r\n{ "state_1": "Active", "state_2": "stand-by", "current_active_image": "Image-1", "id": 1}\r\n0\r\n\r\n'
It will have 0121\r\n & \r\n0\r\n\r\n in start and begin, I have try to change request header & encoding, but it not work, why it is got different response, and so slow ?
How can I convert this CURL PUT request to python requests:
The curl is
curl -X PUT "https://example.com" -H "accept: application/json" -H "Content-Type: application/json-patch+json" -d "{ \"userName\": \"exampleuser\", \"password\": \"examplepass\"}"
Currently got
headers = {"accept": "application/json",
"Content-Type": "application/json-patch+json"}
data = {'\"userName\"': '\"exampleuser\"',
'\"password\"': '\"examplepass\"'}
response = requests.put(url=url, data=data, headers=headers)
print(response)
Currently getting a 401 response. Unfortunately, the curl converter does not recognise it.
In bash, you escaped the quotes of the json
In Python, you shouldn't need to
data = {'userName' : 'exampleuser',
'password': 'examplepass'}
Then, you're sending json, so do json=data instead of data=data
I have a Python script using the Requests library that is of this form:
uhash = '1234567abcdefg'
cookies = {
'uhash':uhash
}
payload = {
'action':'trade.bump',
'hash':uhash,
'tradeid':'12345678'
}
r = requests.post(
'http://www.target_url.com/api/core',
cookies=cookies,
params=payload
)
Above is my Python attempt at creating the following cURL request (written with bash):
HASH="1234567abcdefg"
TRADEID="12345678"
curl 'http://www.target_url.com/api/core' -H "Cookie: uhash=$HASH" --data "action=trade.bump&hash=$HASH&tradeid=$TRADEID"
In summary, both scripts contain:
The cookie - uhash
Three data parameters called action, hash, and tradeid
My issue currently is, the bash script works - the server response for when I use the bash script is this:
{"meta":{"code":200},"data":{"bumped":true,"count":15}}
However, if I use the Python script, with the SAME cookie and parameter values as the bash script, I get:
{"meta":{"code":301},"data":{"message":"You can't bump a trade that doesn't exist ;_;"}}
The above error tells me the trade doesn't exist, despite that tradeid existing and the exact same one as my bash script's parameters.
I tried to debug using Firefox' convenient copy-as-curl tool to copy that curl command, which was how I made the bash script. However, once I tried to translate it to the Python script, it will tell me the aforementioned error. Maybe I am using the Requests library incorrectly, and I am missing something.
Attached is the full cURL request taken from Firefox (don't worry, the parameters were sanitized, meaning, they're not the real values):
curl 'http://www.tf2outpost.com/api/core' -H 'Host: www.tf2outpost.com' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0' -H 'Accept: application/json, text/javascript, */*; q=0.01' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'X-Requested-With: XMLHttpRequest' -H 'Referer: http://www.tf2outpost.com/trades' -H 'Cookie: __qca=P0-6517545-1420724809746; __utma=5135382.11011755.14224810.14331180.14180489.7; __utmz=51353782.1420724810.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); uhash=abcdefg12345678; mb_uid2=3211475230616776; CTag61=14338638870; __utmb=513532.9.10.14180489; __utmc=513782; __utmt=1; __utmt_b=1; __utmt_c=1; OX_plg=sl|qt|pm; HIRO_COOKIE=data=&newSession=true&id=2237524293×tamp=1433506185; HIRO_CLIENT_ID=67751187' -H 'Connection: keep-alive' -H 'Pragma: no-cache' -H 'Cache-Control: no-cache' --data 'action=trade.bump&hash=abcdefg12345678&tradeid=12345678'
Not quite sure why that is happening.
Try using data or json key instead of params, use json.dumps(payload) if data is your preferred method.