Why?
import requests
import json
from firebase_token_generator import create_token
auth_payload = { "uid": "BAD-BAD-BAD-KEY"}
CREDENTIAL = create_token("my-secret-key", auth_payload)
payload = json.dumps({"dude":"me"})
path = "/test1/test.json"
url = "https://omgfirebase.firebaseio.com%s?auth=%s" % (path,CREDENTIAL)
print url
print payload
r = requests.put(url, data=payload)
print r.status_code
print r.text
{"dude": "me"}
200
If I use a bad invalid uid, I can still write to the database. Why? The data is in Firebase Database.
Related
I am trying to connect to an api for which I was provided with link, certificate(.p12) and subscription key.
Having some issue while giving the certificate details. I am trying in the following 2 ways:
1.
import json
from requests_pkcs12 import get,post
url = 'https://....'
pkcs12_filename = '<certificate file path>'
pkcs12_password = '<certificate password>'
headers = {
# Request headers
'Subscription-Key': '<subscription key>',}
response = post(url, headers=headers, verify=False, pkcs12_filename=pkcs12_filename,pkcs12_password=pkcs12_password)
print(response.status_code)
import http.client, urllib.request, urllib.parse, urllib.error, base64
#file = "<certificate path>"
headers = {
'Subscription-Key': '<subscriptionkey>',
#'cert' : crypto.load_pkcs12(open(file, 'rb').read(), "<password>").get_certificate(),
'file' : '<certificate path>',
'password':'<certificate password>',}
params = urllib.parse.urlencode({
})
conn = http.client.HTTPSConnection('<api main link>')
conn.request("GET", "<api remaining link>" , params, headers)
response = conn.getresponse()
data = response.read()
print("Status: {} and reason: {}".format(response.status, response.reason))
conn.close()
I am new to API concept. Will someone help me over this?
Refered to this link: How to use .p12 certificate to authenticate rest api
But didn't get what i need to put in data variable
Im struggling with this Dokumentation here:
Send your credential base64 encoded to the authentication server.
Get a response including an UUID for authentication.
Use the UUID to authenticate REST requests.
It shows this request as an example:
**Header**
“`json
{
‘Content-Type’: ‘application/x-www-form-urlencoded’,
‘authorization’: ‘Basic <base64 encoded username:password>’
}
“`
**Body**
“`json
{
‘grant_type’: ‘client_credentials’
}
“`
How do I turn with into a requests.post() ?
you have to build dictionaries and post them with requests :
import requests
import base64
import json
username = "user"
password = "password"
url = 'https://myurl.com'
headers = {}
headers['Content-Type'] = 'application/x-www-form-urlencoded'
headers['authorization'] = 'Basic ' + base64.b64encode(bytes(username + ':' + password, 'utf-8')).decode('utf-8')
body = {}
body['grant_type'] = 'client_credentials'
r = requests.post(url, data=json.dumps(body), headers=json.dumps(headers))
i can access a API by browser requesting URL?access_token=jdjdfjhdjkdhf for example, and open a json in browser with datas, so 200 OK
The api is Oauth2.0
When i try open this same API in python, i'm receveing a 401 error, i check the readers but can't access, code below
import requests
import json
url = 'https://www.myRUL/web_api/auth' #url de obtenção token
consumer_key = 'MYCONSUMERKEY'
consumer_secret = 'MYSECRET'
code = 'MYCODE'
payload = {'consumer_key' : consumer_key,'consumer_secret' : consumer_secret,'code' : code}
response = requests.post(url, json=payload)
response = response.json()
print(response)
At this point I can receive a access_token into a json in python, with a 200OK code, so I try access data with my ne access_token
Something like that, just a example json with no real datas:
HTTP/1.1 201 OK
{
code: 201,
message: "Created tokens",
access_token: "abc96fb7b1defd2496b9a9d81071fa12319b12306465e057d0ebca9bd9ab19",
refresh_token: "bbc96fb7b1defd2496b9a9d81071fa12319b12306465e057d0ebca9bd9ab19",
date_expiration_access_token: "2016-08-12 14:35:14",
date_expiration_refresh_token: "2016-09-11 11:35:14",
date_activated: "2016-08-12 11:35:14",
store_id: "123123"
}
And than, finally when i try acceses the api with my access_token
url_orders = 'myURL/web_api/orders' #url de consulta
headers = {"Accept": "application/json"}
pay = {'access_token': response['access_token']}
print(requests.get(url_orders, json=pay))
So i receive a error 401
What I'm doing wrong
Thank you
I am learning Python and I am trying to create a playlist using the Spotify web api but get a http 400 error: Error parsing json. I guess it has to do with an incorrect variable type in the token but I am having a really hard time debugging it as I can't figure out a way to see the post request in raw format.
Posting through the API requires authorizing and this is the script I've created for that:
import requests
import base64
requests.packages.urllib3.disable_warnings()
client_id = 'ID'
client_secret = 'SECRET'
redirect_uri = 'http://spotify.com/'
scope = 'playlist-modify-private playlist-read-private'
def request_token():
# 1. Your application requests authorization
auth_url = 'https://accounts.spotify.com/authorize'
payload = {'client_id': client_id, 'response_type':'code','redirect_uri':redirect_uri}
auth = requests.get(auth_url,params = payload)
print '\nPlease go to this url to authorize ', auth.url
# 2. The user is asked to authorize access within the scopes
# 3. The user is redirected back to your specified URI
resp_url = raw_input('\nThen please copy-paste the url you where redirected to: ')
resp_code= resp_url.split("?code=")[1].split("&")[0]
# 4. Your application requests refresh and access tokens
token_url = 'https://accounts.spotify.com/api/token'
payload = {'redirect_uri': redirect_uri,'code': resp_code, 'grant_type': 'authorization_code','scope':scope}
auth_header = base64.b64encode(client_id + ':' + client_secret)
headers = {'Authorization': 'Basic %s' % auth_header}
req = requests.post(token_url, data=payload, headers=headers, verify=True)
response = req.json()
return response
This is the function actually trying to create the playlist using the authorization token (import authorizer is the function above):
import requests
import authorizer
def create_playlist(username, list_name):
token = authorizer.request_token()
access_token = token['access_token']
auth_header = {'Authorization': 'Bearer {token}'.format(token=access_token), 'Content-Type': 'application/json'}
api_url = 'https://api.spotify.com/v1/users/%s/playlists' % username
payload = {'name': list_name, 'public': 'false'}
r = requests.post(api_url, params=payload, headers=auth_header)
But whatever I try it only leads to a 400 error. Can anyone please point out my error here?
Solved by adding a json.dumps for the input: json.dumps(payload) and changing the payload to be 'data' and not 'params' in the request.
So the new functioning request equals:
r = requests.post(api_url, data=json.dumps(payload), headers=auth_header)
I am looking on how to use an APIs, more specifically Egnyte's API.
From their documentation, I must first get a oauth2 token, which I was able to get successfully.
Here are their documentation:
https://developers.egnyte.com/docs/read/Getting_Started
https://developers.egnyte.com/docs/User_Management_API_Documentation#Get-User-List
However, I am not sure what to do afterwards. I am trying to use their User management API, which I am suppose to make a call to:
https://{Egnyte Domain}.egnyte.com/pubapi/v2/users
However, how do i use their token for a requests.get call to their api?
Below is my python code, I am using the the Requests Module (http://docs.python-requests.org/en/latest/):
import requests
api_key = 'MY_API_KEY'
username = 'myUserName'
password = 'myPassword'
payload = {
'grant_type': 'password',
'client_id': api_key,
'username': username,
'password': password
}
token = requests.post("https://{Egnyte Domain}.egnyte.com/puboauth/token", params = payload)
print r.text
The response I get is:
{"access_token":"*MYToken","token_type":"bearer","expires_in":-1}
Thanks!
Ah, someone had showed me.
had to do minor adjustments to the script:
r = requests.post("https://{Egnyte Domain}.egnyte.com/puboauth/token", params=payload)
token = r.json()['access_token']
users = requests.get(url, headers={'Authorization': 'Bearer %s' % token})
You need to use the token in the authorization header of requests. The best thing would be to create a persistent connection.
r = requests.post("https://{Egnyte Domain}.egnyte.com/puboauth/token", params=payload)
if r.ok:
access_token = r.json()['access_token']
session = requests.Session()
session.headers['Authorization'] = "Bearer %s" % access_token
users = session.get('https://{Egnyte Domain}.egnyte.com/pubapi/v2/users')
OR
headers = {"Authorization":"Bearer %s" % access_token}
requests.get('https://{Egnyte Domain}.egnyte.com/pubapi/v2/users', headers=headers)