I'm using python3 to send a request to the Twitter Search API. I'm testing these requests in Postman, and then using the code snippit generator to copy and paste into my editor to run like so:
url = "https://api.twitter.com/1.1/search/tweets.json?q=twitter"
payload={}
headers = {
'Authorization': 'OAuth oauth_consumer_key="",oauth_token="",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1613517432",oauth_nonce="x",oauth_version="1.0",oauth_body_hash="",oauth_signature=""',
'Cookie': 'personalization_id=""; lang=en; guest_id='
}
twitter_response = requests.request("GET", url, headers=headers, data=payload)
The requests work just fine in Postman. But in my script, the request only works when the query parameter for the URL is "nasa". If I change it to anything else, I get error 32 Could not authenticate.
Is there some quirk about Python I don't know about when it comes to the Twitter Search API? Any guidance would be helpful here.
Sounds like you’re copying and pasting the OAuth headers from the Twitter Dev docs instead of calculating them with every new query. I think the docs use NASA as an example search query.
I was able to find a way around this by using the Tweepy API wrapper, which solved my OAuth issues. The headers weren't getting formatted properly for the request.
Related
✨ Hello everyone!✨
General Problem:
I have a web app that has about 50 images that shouldn't be able to be accessed before the user logs into the site. This should be a simple answer I suspect, there are plenty of sites that also require this basic protection. Maybe I do not know the right words to google here, but I am having a bit of trouble. Any help is appreciated.
App details:
My web app is built in typescript react, with a node.js/express/mongoDB backend. Fairly typical stuff.
What I have tried:
My best thought so far was to upload them into the public folder on the backend server hosted on heroku. Then I protected the images with authenication middlewear to any url that had "/images/" as a part of it. This works, partially. I am able to see the images when I call the api from postman with the authenication header. But I cannot figure out a way to display that image in my react web app. Here is the basic call I used.
fetch(url,
{
headers: {
Authorization:token,
},
}
);
and then the actual response is just an empty object when I try to copy it
{}
but I also get this when I console log the pure response, some kind of readable stream:
from following related question
I came up with the following: (which is normally wrapped in a asyc function)
const image = await fetch(url,{headers:{ Authorization:token}});
const theBlob = await image.blob();
console.log(URL.createObjectURL(theBlob));
which gives me the link: http://localhost:3000/b299feb8-6ee2-433d-bf05-05bce01516b3 which only displays a blank page.
Any help is very much appreciated! Thanks! 😄
After lots of work trying to understand whats going on, here is my own answer:
const image = await axios(url, { responseType: "blob", headers: {Authorization: token }});
const srcForImage = URL.createObjectURL(image.data)
Why it makes sense now
So I did not understand the innerworkings of what was going on. Please correct me, but the following is my understanding:
So the image was being sent in binary. What I had to do to fix that was to set the reponseType in axios as "blob", which then sent a blob, which I believe means its base 64 encoded instead. Then the function URL.createObjectURL does some magic, and must save it to the browser as part of the page. Then we can just use that as the image url. When you visit it yourself, you must type the 'blob:' part of the url it give you too, otherwise its blank, or stick it in <img src={srcForImage}/> and it works great. I bet it would've worked in the original fetch example in the question, I just never put the url in a tag or included 'blob:' as part of the URL.
That's correct, you send the auth token and the backend uses that to auth the user (check that he exists in the DB, that he has the correct Role and check the jwt too)
The server only responds with the images if the above is true
If your server is responding with an empty object then the problem is the backend not the frontend, console.log what you're sending to the frontend
I am trying to post a payload to a rest endpoint using the python requests library and having an issue with the formatting of the endpoint. The below code works:
endpoint="https://api.something/path/to/my/endpoint"
headers= {"Authorization": "Bearer <token>"}
req = requests.post(endpoint, headers=headers, data).json()
However I were to change the endpoint to something like this
my_var="my"
endpoint="https://api.something/path/to/{}/endpoint".format(my_var)
My post request no longer works giving me a not found . In both cases the endpoint resolves to the exact same URL but yet using format doesnt seem to work.
What am I missing ?
I am trying to send an auth header along with an axios POST request from inside a Vue application. I currently am getting a 401 from my back end with an auth header that works when I do a curl.
I've tried splitting it up into variables and putting it in but that did not work and resulted in the same error (401).
This is just the axios code I am trying to get to work. I have checked with console.log and all values I am trying to send exist, though I don't know how to check the axios headers before sending.
axios.defaults.headers.common["Authorization"] = JWTtoken;
axios.post(updateURL, {
token: result.token
});
The backend code can't be changed easily for testing so need to figure out why not sending from the front end
I'd like it to send the correct header along with my request so I don't get a 401 status code.
I think you need this..
axios.defaults.headers.common["Authorization"] = "Bearer " + JWTtoken;
axios.post(updateURL, {
token: result.token
});
Notice that I add Bearer in the Authorization. It is how JWT was meant to be used according to their introduction.
However, if the answer is wrong. Help us by providing more information about your response in Developer Console as #RuChernChong suggest. Any error logs would be helpful as well.
Another way by using Axios globals to set for example X-Auth-Token encoding from JWT.io directly like this:
axios.defaults.headers.common["X-Auth-Token"] = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c";
I am trying to get data from Uni Stats API by sending a get request. Following is my code:
import requests
dt = requests.get(url='https://API_TOKEN#data.unistats.ac.uk/api/v4/KIS/Institution/10007856.json')
print(dt)
Whenever I run this code it returns me <401 Response> but If I try the same url https://API_TOKEN#data.unistats.ac.uk/api/v4/KIS/Institution/10007856.json in the Postman software it returns correct data in json format.
So I wanted to know how can I send a get request with requests which can return correct data?
requests.get('https://data.unistats.ac.uk/api/v4/KIS/Institution/10007856.json', auth=('user', 'pass'))
401 is an authorization error, provide authorisation to the request.get method.
Depending on your user agent, you may be able to include the access token in the url as in the following examples:
https://accesstoken#data.unistats.ac.uk/api/v4/KIS/Institution/{ukprn}/Course/{kisCourseId}
Emphasis added.
I want to send a request to this Amazon Alexa API.
That page contains the last 50 activities I made with my Amazon Echo. The page returns JSON. Before you can request that page, you need to authorize your account, so the proper cookies are set in your browser.
If I do something simple as:
const rp = require("request-promise");
const options = {
method: "GET",
uri: "https://alexa.amazon.com/api/activities?startTime=&size=50&offset=-1",
json: true
};
rp(options).then(function(data) {
console.log(data);
}).catch(function(err) {
console.log(err);
});
I can send a GET request to that URL. This works fine, except Amazon has no idea it's me who's sending the request, because I haven't authorized my NodeJS application.
I've successfully copied ~10 cookies from my regular browser into an incognito tab and authorized that way, so I know copying the cookies will work. After adding them all using tough-cookie, it didn't work, unfortunately. I still got redirected to the signin page (according to the error response).
How do I authorize for this API, so I can send my requests?
I have been looking for a solution for this too. The best idea I have is to use account linking, but I haven't try it yet. Looks like ASK-CLI has interface for this also, but I can't figure it out how to use it (what is that URL?). For linking account to 3rd party server is not easy, but link it back to Amazon for the json API should not be that complicated.