Develop Reference

Seting Auth headers in Django tests

I am trying to write a test which goes through the signup/login workflow, and then attempts to change the status of a user, which requires them to be logged in. I verified that the first 2 POST requests work (the user is indeed created and then gets a valid auth token after logging in), however I cannot seem to pass in said token in the headers for the 3rd and final POST request. I also checked that the auth_headers variable is indeed set with the correct token, but I keep getting back a 401 status code.
Thanks in advance!
tests.py
from email.headerregistry import ContentTypeHeader
from urllib import request
from wsgiref import headers
from django.http import HttpRequest
from django.test import TestCase, Client
from rest_framework import status
from rest_framework.test import APITestCase
from django.urls import reverse
from rest_framework.authtoken.models import Token
from django.contrib.auth.models import User
from profiles_api.serializers import UserProfileSerializer
from django.contrib.auth import get_user_model
from profiles_api.views import UserLoginApiView
client = Client()
User = get_user_model()
class MyTestCase(APITestCase,UserLoginApiView):
def test_add_status_to_profile(self):
response = self.client.post("/api/profile/", data={
'email':"John#gmail.com",
'name':'Pavle',
'password':'password'
})
response = self.client.post("/api/login/", data={
'username':"John#gmail.com",
'password':'password'
})
auth_headers = {
'Authorization': 'Bearer ' + response.json()['token']
}
response = self.client.post("/api/feed/", content_type='application/json', data={
'status_text':'Hello world!'
}, **auth_headers)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)

Upload image to Firebase using Django

I have a Django rest API, in which there is an API to get an image from formdata.
from django.shortcuts import render
from django.http.response import JsonResponse
from rest_framework.parsers import JSONParser
from rest_framework import status
from django.core.files.storage import default_storage
from django.core.files.base import ContentFile
from django.conf import settings
import os
import io
from rest_framework.decorators import api_view
import firebase_admin
from firebase_admin import credentials, firestore, storage
cred = credentials.Certificate("JSON FILE PATH")
firebase_admin.initialize_app(cred,{'storageBucket': 'BUCKET URL'})
#api_view(['GET','POST'])
def login(request):
if request.method == 'POST':
data = request.data
if(type(data)!=dict):
data=data.dict()
file_obj=data['image']
fileName=file_obj.name
blob=bucket.blob(fileName)
blob.upload_from_file(file_obj.file)
blob.make_public()
print("File url", blob.public_url)
return JsonResponse({'username':'Testing post response'})
elif request.method == 'GET':
return JsonResponse({'username':'Testing get response'})
Now, when I send an image in formdata, it is uploading in firebase but not in image format, instead, it is uploading as application/octet-stream type and image is not being displayed. can anyone please help me with this?

change this line
blob.upload_from_file(file_obj.file)
**to**
blob.upload_from_file(file_obj, content_type = file_obj.content_type)

How to decode SAMLResponse in Django View?

I am writing a view to create a user in project that has logged into another site. Whenever the user logins to that site he/she gets redirected to url:https://localhost:127.0.0.1:8000/auth/ad/reply/.
The site sends me an SAMLResponse from which I want to extract the email address, firstname & lastname for the user.
Following is my views.py and urls.py:
views.py
from django.shortcuts import render, redirect
from django.http import HttpResponse
from django.views.decorators.csrf import csrf_exempt
# Create your views here.
#csrf_exempt
def ad_auth(request):
response = request.POST.get('SAMLResponse')
return HttpResponse(response)
urls.py
from django.urls import path
from .views import *
urlpatterns = [
path('auth/ad/reply/', ad_auth, name='ad_auth'),
]
Output:
PHNhbWxwOlJlc3BvbnNlIElEPSJfOTJmYjAyYTMtN2ZiMC00NjZlLTk0NGItNTQxMjhlOGI5NGM2IiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAyMC0xMS0xMVQxNDowMDoxMi43NzlaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9sb2NhbGhvc3Q6ODAwMC9hdXRoL2FkL3JlcGx5LyIgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI+PElzc3VlciB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+aHR0cHM6Ly9zdHMud2luZG93cy5uZXQvYmYzODg4M2EtOGRlNi00NGFhLWJkYzktODFjMzAzY2YxMDMzLzwvSXNzdWVyPjxzYW1scDpTdGF0dXM+PHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbHA6U3RhdHVzPjxBc3NlcnRpb24gSUQ9Il8wYjExNzMwNi03YTI2LTQ2OGQtYTI5Yy1mYTZkMjk2MTQ3MDAiIElzc3VlSW5zdGFudD0iMjAyMC0xMS0xMVQxNDowMDoxMi43NjlaIiBWZXJzaW9uPSIyLjAiIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48SXNzdWVyPmh0dHBzOi8vc3RzLndpbmRvd3MubmV0L2JmMzg4ODNhLThkZTYtNDRhYS1iZGM5LTgxYzMwM2NmMTAzMy88L0lzc3Vlcj48U2lnbmF0dXJlIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48U2lnbmVkSW5mbz48Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PFJlZmVyZW5jZSBVUkk9IiNfMGIxMTczMDYtN2EyNi00NjhkLWEyOWMtZmE2ZDI5NjE0NzAwIj48VHJhbnNmb3Jtcz48VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9UcmFuc2Zvcm1zPjxEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiLz48RGlnZXN0VmFsdWU+YjdXZGtxd0d0VncyVGIxbG1ybklabHI3bXNDektFemkreGZrMVZTT2tMQT08L0RpZ2VzdFZhbHVlPjwvUmVmZXJlbmNlPjwvU2lnbmVkSW5mbz48U2lnbmF0dXJlVmFsdWU+aW9ldm5INHIyb05ra1QvaXhrelVSQ01sKzQ4enNVQUdFTFBmWmZDMXVsTmROWE5EcVVKelVFL2FYTzR6MzduWCtDY1htcGw4ZmZrRlNtNHFWNS9WaTV1TzkreFB5U3QvejhlWXV3WGg5THkvVGFsbmlCVTZ5L2JCMFF1NW9pb2pXczYxVWlIQlhGMTlGVy9WTXd2WVdlUnpXNGdKUU03cDNNdVE0MjV6Zk9PaHk2V2puNW1MU1RkOVNZT2pSOHkraWlOKzZDdHJNd2NVTk9LNXFMTFNSOGdpdUNkSVZyTUY2V2lIUkZWTjY1SlRsYXNKSVpuSWw0dldnUDdkaUJvdDB1cmtkR28wb1djMU4vQ3FOOWN1OENlTTJtTmc5SW5XS1RHWGJVaDhuZDNtcEwwa1RnZE9OOUpxMUhWTytsck94ZVcwZ0dacDB4VmVEMERnRlBHU0pBPT08L1NpZ25hdHVyZVZhbHVlPjxLZXlJbmZvPjxYNTA5RGF0YT48WDUwOUNlcnRpZmljYXRlPk1JSUM4RENDQWRpZ0F3SUJBZ0lRSk1TOWVpdVJQSVZCeVY5NW5TeDBhakFOQmdrcWhraUc5dzBCQVFzRkFEQTBNVEl3TUFZRFZRUURFeWxOYVdOeWIzTnZablFnUVhwMWNtVWdSbVZrWlhKaGRHVmtJRk5UVHlCRFpYSjBhV1pwWTJGMFpUQWVGdzB5TURFd01EWXdOVEkxTkRWYUZ3MHlNekV3TURZd05USTFORFZhTURReE1qQXdCZ05WQkFNVEtVMXBZM0p2YzI5bWRDQkJlblZ5WlNCR1pXUmxjbUYwWldRZ1UxTlBJRU5sY25ScFptbGpZWFJsTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF0WmZVZjQzNE1HeVI1ZzdPUzViMFhzV2tEUVYrYk9BWkpuZlROZTE2R1ZQV2U1ZnBhdW9XaDY1NUZjQVF3OXdEd3Z3eUJsa04vc1pqc1JnMTFLRmZyeGZkNmhkQk1Ka3FpKzN3MENMYTZzWDg5VzBmZzhnWXA3bDN4WVFBVG94RDI2MWhuT1dRaXE5em5nS2V4dVNWaW8wL25IdXNBeEdvZDdMV1A5ckRqWGh6bDRBWXQrcjZpVWt3QlNFQnoyeE41RU4rRnVPQjY5UlpaVFNGRzdUVVBCd1NseWlJZms4L3JpclhHOVFhMVk2SmFySVY4M1JSTjJKM1lpdU91Q3E2WWxseDFyNXlJVmlONlFSOG1zTlN0cmFaSS9hTGI5QjFaajJVaFBwNG8veXkwemFIQnV3Y0xjc1k4RDNSWFExblJLMVFSS041Y28rUUhkeEVrdmdicFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJxVHhkRTZxTHd2M0tmelNhZDU5NkJuNU9aNWVxakp5MW1vVGZoY0dHOVpBYnh5eDlDL1N6MFkyaW02dCs4YmQwdzdqUG51NHA1YWZjMGUyQ2tIL0IyZElldHBkcWpvdEdlSmZhUng3OVJJSTF6OU9LQUZQcDlkYzY5eGhndDNYN3RuZlJhVDNmeml3QSt3Z3VocjJ0YUpRUHVLOVkyL2w0VTI1N0JUNFkvMzd5S0EwM0lDakZTcXZTTzE4bmx5UkUzRVArbTEyR0tPTVYvVjZwTjJqTFRJV2I5cXIyc1E2VGl1alc3T2g0S0lyTk5pRWx2QnFRcWZyNE5OTEZuZCt1RHBWUFhHc0JYQ2NkOXZhQWswelJFUGxwMUdKQW0yOHZJMnNPLytWcjZ3cmVoR0gwVFNmOU5DQkY2cDUzVHN0RWNOVldCYUNHTkFwQlZrY0RKaGRYTDwvWDUwOUNlcnRpZmljYXRlPjwvWDUwOURhdGE+PC9LZXlJbmZvPjwvU2lnbmF0dXJlPjxTdWJqZWN0PjxOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiPmxpbmdheWF0YWpheTI4MTBfZ21haWwuY29tI0VYVCNAa3Jpc3AxNTA2Z21haWwub25taWNyb3NvZnQuY29tPC9OYW1lSUQ+PFN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIwLTExLTExVDE1OjAwOjEyLjM4OFoiIFJlY2lwaWVudD0iaHR0cHM6Ly9sb2NhbGhvc3Q6ODAwMC9hdXRoL2FkL3JlcGx5LyIvPjwvU3ViamVjdENvbmZpcm1hdGlvbj48L1N1YmplY3Q+PENvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDIwLTExLTExVDEzOjU1OjEyLjM4OFoiIE5vdE9uT3JBZnRlcj0iMjAyMC0xMS0xMVQxNTowMDoxMi4zODhaIj48QXVkaWVuY2VSZXN0cmljdGlvbj48QXVkaWVuY2U+RGVsbGNhbGNJRDwvQXVkaWVuY2U+PC9BdWRpZW5jZVJlc3RyaWN0aW9uPjwvQ29uZGl0aW9ucz48QXR0cmlidXRlU3RhdGVtZW50PjxBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9pZGVudGl0eS9jbGFpbXMvdGVuYW50aWQiPjxBdHRyaWJ1dGVWYWx1ZT5iZjM4ODgzYS04ZGU2LTQ0YWEtYmRjOS04MWMzMDNjZjEwMzM8L0F0dHJpYnV0ZVZhbHVlPjwvQXR0cmlidXRlPjxBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9pZGVudGl0eS9jbGFpbXMvb2JqZWN0aWRlbnRpZmllciI+PEF0dHJpYnV0ZVZhbHVlPjg0MjYwMmMxLWNhZDQtNDg2OC05Yzk5LWZjMDhmOTExNzk1MzwvQXR0cmlidXRlVmFsdWU+PC9BdHRyaWJ1dGU+PEF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2lkZW50aXR5L2NsYWltcy9kaXNwbGF5bmFtZSI+PEF0dHJpYnV0ZVZhbHVlPkFqYXkgTGluZ2F5YXQ8L0F0dHJpYnV0ZVZhbHVlPjwvQXR0cmlidXRlPjxBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9pZGVudGl0eS9jbGFpbXMvaWRlbnRpdHlwcm92aWRlciI+PEF0dHJpYnV0ZVZhbHVlPmxpdmUuY29tPC9BdHRyaWJ1dGVWYWx1ZT48L0F0dHJpYnV0ZT48QXR0cmlidXRlIE5hbWU9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vY2xhaW1zL2F1dGhubWV0aG9kc3JlZmVyZW5jZXMiPjxBdHRyaWJ1dGVWYWx1ZT5odHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvYXV0aGVudGljYXRpb25tZXRob2QvcGFzc3dvcmQ8L0F0dHJpYnV0ZVZhbHVlPjwvQXR0cmlidXRlPjxBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvZ2l2ZW5uYW1lIj48QXR0cmlidXRlVmFsdWU+QWpheTwvQXR0cmlidXRlVmFsdWU+PC9BdHRyaWJ1dGU+PEF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9zdXJuYW1lIj48QXR0cmlidXRlVmFsdWU+TGluZ2F5YXQ8L0F0dHJpYnV0ZVZhbHVlPjwvQXR0cmlidXRlPjxBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvZW1haWxhZGRyZXNzIj48QXR0cmlidXRlVmFsdWU+bGluZ2F5YXRhamF5MjgxMEBnbWFpbC5jb208L0F0dHJpYnV0ZVZhbHVlPjwvQXR0cmlidXRlPjxBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZSI+PEF0dHJpYnV0ZVZhbHVlPmxpbmdheWF0YWpheTI4MTBfZ21haWwuY29tI0VYVCNAa3Jpc3AxNTA2Z21haWwub25taWNyb3NvZnQuY29tPC9BdHRyaWJ1dGVWYWx1ZT48L0F0dHJpYnV0ZT48L0F0dHJpYnV0ZVN0YXRlbWVudD48QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDIwLTExLTExVDA3OjI4OjM1LjAwMFoiIFNlc3Npb25JbmRleD0iXzBiMTE3MzA2LTdhMjYtNDY4ZC1hMjljLWZhNmQyOTYxNDcwMCI+PEF1dGhuQ29udGV4dD48QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L0F1dGhuQ29udGV4dENsYXNzUmVmPjwvQXV0aG5Db250ZXh0PjwvQXV0aG5TdGF0ZW1lbnQ+PC9Bc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4=
How do I extract information from the following SAMLResponse?
Thanks in Advance.

That is sending you a base64 encoded string.
Decode it and you will find it to be xml.
The email attribute will look something like this
<AttributeValue>xxxxxxxxx2810#gmail.com</AttributeValue>
Some sudo code to get you started
import base64
foo = base64.b64decode("PHNhbWxwOlJlc3BvbnN....") # put your entire string here
print(foo)

You can also use pysaml2 and djangosaml modules to decrypt the SAMLResponse.

How to give user input to Django RestAPI using postman?

I have made an DjangoRestApi and giving user input using postman(POST method).but the error is
TypeError: Object of type 'JSONDecodeError' is not JSON serializable
it is showing in django server where i am going wrong please help Thanks
views.py
import spacy
from django.shortcuts import render,HttpResponse
from django.http import Http404
from rest_framework.views import APIView
from rest_framework.decorators import api_view
from rest_framework.response import Response
from rest_framework import status
from django.http import JsonResponse
from django.core import serializers
from django.conf import settings
import json
nlp = spacy.load('en_core_web_sm')
#api_view(["POST"])
def nounphrases(requestdata):
try:
text = json.loads(requestdata.body)
nounphrases = []
for word in (nlp((text))):
c = (word.lemma_)
nounphrases.append(c)
output = [{"nounphrases" : nounphrases }]
return JsonResponse(json.dumps(output))
except ValueError as e:
return Response(e,status.HTTP_400_BAD_REQUEST)

Google API and Django getting 400 error when trying to copy a folder

I am trying to copy a folder using the google api, python and Django and have managed to get things working with an adaptation of the code found here
But when I try to copy a folder I get:
< HttpError 400 when requesting https://www.googleapis.com/drive/v3/files/FileId/copy?alt=json returned "Bad Request">
import os
import logging
import httplib2
from pprint import pprint
from googleapiclient.discovery import build
from django.contrib.auth.decorators import login_required
from django.conf import settings
from django.http import HttpResponseBadRequest
from django.http import HttpResponseRedirect
from django.shortcuts import render
from django.http import HttpResponse
from django.template import loader
from django.http import JsonResponse
from django.db.utils import IntegrityError
from .models import Entries, CredentialsModel
from oauth2client.contrib import xsrfutil
from oauth2client.client import flow_from_clientsecrets
from oauth2client.contrib.django_util.storage import DjangoORMStorage
from .pipeline_lib import pipeline_lib as pipeline
FLOW = flow_from_clientsecrets(
settings.GOOGLE_OAUTH2_CLIENT_SECRETS_JSON,
scope=['https://www.googleapis.com/auth/drive',
'https://www.googleapis.com/auth/drive.file',
'https://www.googleapis.com/auth/drive.appdata',
'https://www.googleapis.com/auth/drive.metadata'],
redirect_uri='http://somedomain.com:8000/workflow/oauth2callback')
#login_required
def index(request):
storage = DjangoORMStorage(CredentialsModel, 'id', request.user, 'credential')
credential = storage.get()
if credential is None or credential.invalid == True:
FLOW.params['state'] = xsrfutil.generate_token(settings.SECRET_KEY,
request.user)
authorize_url = FLOW.step1_get_authorize_url()
return HttpResponseRedirect(authorize_url)
else:
http = httplib2.Http()
http = credential.authorize(http)
service = build("drive", "v3", http=http)
newfile = {'title': 'New Master 123', 'parents': [{'id': 'folderId'}]}
result = service.files().copy(fileId='folderId',body=newfile).execute()
pprint(result)
# results = service.files().list(pageSize=10,fields="nextPageToken, files(id, name)").execute()
# items = results.get('files', [])
# if not items:
# print('No files found.')
# else:
# print('Files:')
# for item in items:
# print('{0} ({1})'.format(item['name'], item['id']))
return HttpResponse("Hello, world. You're at the index.")
#login_required
def auth_return(request):
credential = FLOW.step2_exchange(request.GET)
storage = DjangoORMStorage(CredentialsModel, 'id', request.user, 'credential')
storage.put(credential)
return HttpResponseRedirect("/workflow")

The problem was that I was attempting to copy a folder and apparently files().copy doesn't operate on a folder at least not one with children but I haven't tested the caveat yet.
After replacing the id of the folder I wanted to copy with the file id of a pdf in the same parent the function ran with out error.
Edit - Now that I've figured this out for myself I stumbled upon a stack overflow post that explains why this is.
In Google Drive SDK how do you copy a folder?