GCP SDK API for Policy Analyzer for Python - python-3.x

I can see the Service Account usage out of gcloud CLI by doing as such:
gcloud policy-intelligence query-activity --activity-type=serviceAccountKeyLastAuthentication --project=<project_name>
I would like to replicate this in a python script..
I am attempting to this do this but I am not sure how to authenticate, and I am getting a 401 error, despite having enabled the API. I am following this documentation. https://cloud.google.com/policy-intelligence/docs/activity-analyzer-service-account-authentication#iam-get-service-account-key-id-rest
import requests
r = requests.get(f"https://policyanalyzer.googleapis.com/v1/projects/{self.project_id}/locations/global/activityTypes/serviceAccountKeyLastAuthentication/activities:query?filter=activities.full_resource_name%3D%22%2F%2Fiam.googleapis.com%2Fprojects%2F{self.project_id}%2FserviceAccounts%2F{self.sa_email}%2Fkeys%2F{self.key_id}%22"
Is there some way I need to authenticate my request call? The rest of the script I am using the python client libraries using discovery.build and authenticating as such:
credentials, project = google.auth.default()
self.crm = discovery.build("cloudresourcemanager", "v3", credentials=credentials)
There does not seem to be a "policy analyzer" python library, so I am not sure on next steps.
The end goal is to see the last key authentication time of every service account key in the organization.
Thanks!

You may check this link for the sample Python code
Do note that the feature is still in preview and does not have a Python client for the same yet. The gcloud cli and REST is the way of accessing this feature programmatically.

Take a look at the python example shown towards the bottom of the page here:
https://cloud.google.com/iam/docs/reference/rest/v1/projects.serviceAccounts.keys/list
It shows how to get application default credentials used to pass in the client. You could accomplish the same with http requests, but that example above should help.
Also, looking at the original curl request, if you decode the filter to unicode it should be:
activities.full_resource_name="//iam.googleapis.com/projects/PROJECT_ID/serviceAccounts/SERVICE_ACCOUNT_EMAIL/keys/KEY_ID"
Assuming you got it from the sample [curl][1] request.
[1]: https://cloud.google.com/policy-intelligence/docs/activity-analyzer-service-account-authentication#view-recent-specific-key

Related

Creating a Stripe Refund via Code by Zapier

I've been trying to create a refund in Stripe via code by Zapier, using the python code from this answer: Is is possible to create a Stripe refund action in Zapier?
I'm receiving a "ModuleNotFoundError: no module named 'stripe'" when I attempt to test the step in Zapier.
My code looks something like this:
import stripe
stripe.api_key = "myAPIkey"
stripe.Refund.create(
charge = input_data["charge"],
)
What am I missing?
https://zapier.com/help/create/code-webhooks/use-python-code-in-zaps
You cannot require external libraries or install libraries commonly referred to as "pip modules". Only the standard Python library and requests are available in the Code app and requests is already included in the namespace.
(disclaimer, I've never used Zapier, but)As far as I know, that means you can't use a library like Stripe's official Python library(your error message is that it's now installed).
Instead you'd need to make this call by translating https://stripe.com/docs/api/curl#create_refund directly into calls to Stripe's REST API using the requests library. Remember that you need to supply an API key with it(Making an API call in Python with an API that requires a bearer token)

Source of oauth_token_secret for Evernote Authentication

I am working with the Evernote Python SDK, and proceeding through the Oauth workflow description here.
http://dev.evernote.com/doc/articles/authentication.php
How do I get a oauth_token_secret? I have my consumer secret, but don't see how to get the oauth_token_secret.
To retrieve an access token, I believe I will need to use the "get_access_token" function. One of the required arguments there is the oauth_token_secret.
https://github.com/evernote/evernote-sdk-python/blob/master/lib/evernote/api/client.py
I have the other pieces required (oauth_token, oauth_verifier).
I think you can leave that blank.
https://discussion.evernote.com/topic/18710-access-token-secret-returning-blank/

Create a google contact with python3

I would like to create a contact with the google api and python3
but gdata seemsnot to be compatible with python3.
Like :
AttributeError: 'function' object has no attribute 'func_name'
Does anyone have any sample that works on how to create contact with google api in python3 ?
thanks
First, have you installed the gdata python client with pip, or with pip3? According to Google's repository, which says,
Python 3.3+ is also now supported! However, this library has not yet been > used as thoroughly with Python 3, so we'd recommend testing before
deploying with Python 3 in production,
you can use pip3, like pip3 install google-api-python-client, to reinstall it. Once that's cleared up, see the below modified sample code-block for how to create a contact by just their Name, E-mail and Phone number with Python 3:
import atom.data
import gdata.data
import gdata.contacts.client
import gdata.contacts.data
gd_client = gdata.contacts.client.ContactsClient(source='YOUR_APPLICATION_NAME')
def create_contact(gd_client):
new_contact = gdata.contacts.data.ContactEntry()
# Set the contact's name.
new_contact.name = gdata.data.Name(
given_name=gdata.data.GivenName(text='First'),
family_name=gdata.data.FamilyName(text='Last'),
full_name=gdata.data.FullName(text='Full'))
new_contact.content = atom.data.Content(text='Notes')
# Set the contact's email addresses.
new_contact.email.append(gdata.data.Email(address='handle#gmail.com',\
primary='true', rel=gdata.data.WORK_REL, display_name='E. Bennet'))
new_contact.email.append(gdata.data.Email(address='liz#example.com',\
rel=gdata.data.HOME_REL))
# Set the contact's phone numbers.
new_contact.phone_number.append(gdata.data.PhoneNumber(text='(206)555-1212',
rel=gdata.data.WORK_REL, primary='true'))
new_contact.phone_number.append(gdata.data.PhoneNumber(text='(206)555-1213',
rel=gdata.data.HOME_REL))
# Send the contact data to the server.
contact_entry = gd_client.CreateContact(new_contact)
print ("Contact's ID: {}".format(contact_entry.id.text))
return contact_entry
For read-only access to Contacts, Google has built the new People API, which works just fine with Python3 in the google-api-python-client. However, for write access you'll need to use the older GData format.
The short answer to your question is that you won't be able to get GData to work with Python3 because the gdata-python-client is no longer maintained and never had Python3 support built in (see https://github.com/google/gdata-python-client/issues/29)
However, not all hope is lost! You can still query directly to Google's REST API. Specifically, to create a contact you need to work with the https://www.google.com/m8/feeds/contacts/{userEmail}/full route (see the Contacts API documentation for more information)
The appropriate way to work with the API directly is to submit a web request using something like Python's Requests module.
CREATE_ROUTE = 'https://www.google.com/m8/feeds/contacts/default/full'
FULL_PATH = CREATE_ROUTE + '?access_token=' + ACCESS_TOKEN
import requests
r = requests.get(FULL_PATH)
print(r.text)
Where ACCESS_TOKEN is the access token you got back from Google when you authorized your access (this can still be done using google-api-python-client)

Using SSL with the python-instagram and localhost on sample-app.py

I plan on using the sample-app.py as a baseline of what I am building out and then expanding it from there. Just want to get comfortable with the instagram API and build out from there.
I am trying to use the sample-app.py provided with python-instagram. I have registered an application on instagrams website. I set it up using the default redirect uri from sample-app.py:
http://localhost:8515/oauth_callback .
I was able to authorize my instagram account to use the app, but when I click on any of the links, I get an error about the acccess-token.
When you look at the python command-line window that stays open, I get the following error:
"check_hostname needs a SSL context with either CERT_OPTIONAL or CERT_REQUIRED"
It appears that when the sample app is processing the lines below, it is trying to connect to instagram, but is not able to because SSL in local host is not set up properly. How do I set up SSL so i do not get the above error?
access_token, user_info = unauthenticated_api.exchange_code_for_access_token(code)
if not access_token:
return 'Could not get access token'
api = client.InstagramAPI(access_token=access_token)
request.session['access_token'] = access_token
print ("access token="+access_token)
There are a few steps to solve this problem (it appears that it is actually several problems in aggregate causing this issue):
use openssl to create a ssl certificate and save cert to the same location as your python script. Download open ssl here: http://slproweb.com/products/Win32OpenSSL.html
You need to tweak bottle so that it will support ssl. Do so by adding the following lines in run in class WSGIRefServer(ServerAdapter):
import ssl
srv.socket = ssl.wrap_socket (
srv.socket,
certfile='server.pem', # path to certificate
server_side=True)
There is a bug in python 3 and above(https://github.com/jcgregorio/httplib2/issues/173). I am using 3.4, so the bug could be fixed in 3.5. In the instagram/oauth2.py file, change all disable_ssl_certificate_validation=False to True.

Twitter API 1.1 OAuth Get Use Data

I read this tutorial to implement twitter oauth in nodejs (for "login with twitter" purpose) -
http://codetheory.in/how-to-use-twitter-oauth-with-node-oauth-in-your-node-js-express-application/
The last piece of code has this variable called results which is supposed to hold the user data sent back by twitter, but for me it only contains screen_name and user_id which is not enough. I need much more data like profile image, etc.
So I looked at the twitter documentation -
https://dev.twitter.com/docs/api/1/get/users/show
The sample URL seems to work fine -
https://api.twitter.com/1/users/show.json?screen_name=TwitterAPI&include_entities=true
But recently I read twitter will shut down API 1 soon and replace it with API 1.1
So I tried the 1.1 API -
https://dev.twitter.com/docs/api/1.1/get/users/show
The sample URL does not work -
https://api.twitter.com/1.1/users/show.json?screen_name=rsarver
Gives error -
{"errors":[{"message":"Bad Authentication data","code":215}]}
What am I doing wrong ? How do I get user info properly from twitter and hopefully in my Node.js code that uses this module - https://github.com/ciaranj/node-oauth ?
Thanks in advance!
API v1.1 endpoints require OAuth authentication.
You might look at a different oauth module: ntwitter

Resources