I'm trying to use github oauth. I'n using urllib and urllib2 and have this code:
def github_login(request):
post_data = [('client_id','****'),('redirect_uri','http://localhost:8000/callback')]
result = urllib2.urlopen('https://github.com/login/oauth/authorize', urllib.urlencode(post_data))
content = result.read()
And after sending query I have httperror 403. I had already configured allowed_hosts in settings.py
From my expirence I know that working with urllib is rly hard, I would suggest to use requests
http://requests.readthedocs.org/en/latest/
You can easly send the get:
r = requests.get('https://api.github.com/user', auth=('user', 'pass'))
Related
I am trying to use Python to log into some websites. Here is my sample code:
import requests
from requests.auth import HTTPBasicAuth
username='username'
password ='alllongpasswordsareforchumps'
response = requests.get('https://github.com/', auth = HTTPBasicAuth(username,password))
print('Response Code '+ str(response.status_code))
I get Response Code 200, it should have been rejected. Even though the username and password mentioned here are not real. How can I check to see which authentication method the website is using?
To get unauthorized response you should send your request to other endpoints of Github instead of its base address for example see the below code snippet:
import requests
from requests.auth import HTTPBasicAuth
# Making a get request to this address
response = requests.get('https://api.github.com/user',
auth = HTTPBasicAuth('user', 'pass'))
print(response)
# this will print: <Response [401]>
Make the request without attempting authentication, receive a 401 response, but github response doesn't have the WWW-Authenticate header for you to check the authentication method of this RESTAPI and for check github authentication ways, you should read Basics of authentication section on github docs.
I have gone through all the questions on stackoverflow related to this but I can't solve my problem. When I am implementing the follwing code,it runs successfully without any error but nothing gets printed.
import requests
payload = {'username': 'user','password': 'pass'}
with requests.Session() as s:
p = s.post(' file-transfers.in/login.php?rid=worlddomains',
params=payload)
r = s.get('http://file-transfers.in/member_arean.php')
print r.text
There is a whole chapter about Authentication in the Python requests docs.
Basic Authentication
Many web services that require authentication accept HTTP Basic Auth.
This is the simplest kind, and Requests supports it straight out of
the box.
Making requests with HTTP Basic Auth is very simple:
>>> from requests.auth import HTTPBasicAuth
>>> requests.get('https://api.github.com/user', auth=HTTPBasicAuth('user', 'pass'))
<Response [200]>
In fact, HTTP Basic Auth is so common that Requests provides a handy
shorthand for using it:
>>> requests.get('https://api.github.com/user', auth=('user', 'pass'))
<Response [200]>
Providing the credentials in a tuple like this is exactly the same as
the HTTPBasicAuth example above.
The website in question is expecting you to send your username/pass as POST data, not as URL params so:
payload = {'username': 'user','password': 'pass'}
with requests.Session() as s:
p = s.post('http://file-transfers.in/login.php?rid=worlddomains', data=payload)
r = s.get('http://file-transfers.in/member_arean.php')
print(r.text)
There might be more to it once the login passes, but without an account we cannot check what's going on.
I'm working with an external API that unfortunately doesn't have that great error logging.
I use django 1.9.5 and requests 2.11.1.
When I make the following request with the built-in python server (python manage.py runserver) on my local machine, I get back a 200 status code, so this works fine.
r = requests.post(
'https://plazaapi.bol.com/offers/v1/%s' % product.ean, data=xml_to_send,
headers=headers)
headers are a dictionary of the date, an authorization code and the content-type
.
But as there is a problem with requests on GAE according to other answers on this site, I have tried to use the requests_toolbelt monkeypatch and urlfetch, but I always get back the following error then:
Request contains invalid authentication headers
Code with the monkeypatch:
import requests_toolbelt.adapters.appengine
requests_toolbelt.adapters.appengine.monkeypatch()
r = requests.post(
'https://plazaapi.bol.com/offers/v1/%s' % product.ean, data=xml_to_send,
headers=headers)
and
from google.appengine.api import urlfetch
r = urlfetch.fetch(
url='https://plazaapi.bol.com/offers/v1/%s' % product.ean,
payload=xml_to_send,
method=urlfetch.POST,
headers=headers,
follow_redirects=False) # tried this, but has no effect.
The headers I'm setting are:
headers = {'Content-Type': 'application/xml',
'X-BOL-Date': date,
'X-BOL-Authorization': signature}
Is GAE changing my request and adding headers? If so, can I stop it
from doing so?
I have to admit I am complitely clueless about this: I need to login to this site https://segreteriaonline.unisi.it/Home.do and then perform some actions. Problem is I cannot find the form to use in the source of the webpage, and I basically have never tried to login to a website via python.
This is the simple code I wrote.
import requests
url_from = 'https://segreteriaonline.unisi.it/Home.do'
url_in = 'https://segreteriaonline.unisi.it/auth/Logon.do'
data = {'form':'1', 'username':'myUser', 'password':'myPass'}
s = requests.session()
s.get(url_from)
r = s.post(url_in, data)
print r
Obviously, what i get is:
<Response [401]>
Any suggestions?
Thanks in advance.
You need to use the requests authentication header.
Please check here:
from requests.auth import HTTPBasicAuth
requests.get('https://api.github.com/user', auth=HTTPBasicAuth('user', 'pass'))
<Response [200]>
That site appears to not have a login form, but instead uses HTTP Basic auth (causing the browser to request the username and password). requests supports that via the auth argument to get - so you should be able to do something like this:
s.get(url_in, auth=('myUser', 'myPass'))
I am trying to connect to a webpage using urllib3. The code is provided below.
import urllib3
http=urllib3.PoolManager()
fields={'username':'abc','password':'xyz'}
r=http.request('GET',url,fields)
If we assume that url is some webpage which needs to be authenticated using username and password, am i using the right code to authenticate ?
I have did this using urllib2 very comfortably but i was not able to do the same thing using urllib3.
Many Thanks
Assuming you're trying to do Basic Authentication, then you need to put the username and password encoded in an Authorization header. Here's one way to do that using the urllib3.make_headers helper:
import urllib3
http = urllib3.PoolManager()
url = '...'
headers = urllib3.make_headers(basic_auth='abc:xyz')
r = http.request('GET', url, headers=headers)
Below is a working example to authenticate to an API using the requests library (ubuntu with python 3.6). Hope it helps!
import json
import requests
from requests.auth import HTTPBasicAuth
def __init__(self):
header = {"Content-Type": "application/json"}
access_url = "https://your.login.url/context_path"
data = {
"key_to_send":"value_to_send"
}
def get_token(self):
self.data = json.dumps(self.data)
encoded_data = json.dumps(self.data).encode('utf-8')
self.response = requests.post(self.access_url, auth=HTTPBasicAuth(self.username, self.password), headers=self.header, data=self.data)
# Show me what you found
print(self.response.text)