Sending a search query to Splunk using Python's request library - python-3.x

I want to send a search query to Splunk using Python3 and the requests library and would like to receive a SID of search job. Firstly, I am able to get the session_key with:
#!/usr/bin/env python3
import requests
from bs4 import BeautifulSoup
username = 'my_username'
password = 'my_password'
base_url = 'https://splunk-search:8089'
r = requests.get(base_url+"/servicesNS/admin/search/auth/login", data={'username':username,'password':password}, verify="/etc/pki/tls/cert.pem")
session_key = BeautifulSoup(r.text, 'lxml').find("sessionkey").text
#verify we get the session key as string
print(f"session key is {session_key} and its type is {type(session_key)}")
which makes me confident that I am authenticated. Once I have the session_key, I would like to post a search job with:
search_query = "search = search earliest=-5m index=_internal"
r = requests.post(base_url+'/services/search/jobs', data=search_query, headers = {'Authorization': 'Splunk %s' % session_key}, verify="/etc/pki/tls/cert.pem")
#view the response, I would hope to see a SID here
print(r.text)
Despite having access to the Splunk index I query, I get the following response:
<?xml version="1.0" encoding="UTF-8"?>
<response>
<messages>
<msg type="WARN">call not properly authenticated</msg>
</messages>
</response>
What am I missing here? Intuition tells me it is the request.post method that is malfored but I can't see to find where the error is.

After more googling I found this Splunk docs:
https://docs.splunk.com/Documentation/Splunk/7.3.1/Security/UseAuthTokens
The call not properly authenticated response means lack of authentication. After more digging I verified that token authentication is not enabled in my cluster, hitting https://splunk-search:8089/services/authorization/tokens gives me the following response:
<?xml version="1.0" encoding="UTF-8"?>
<response>
<messages>
<msg type="ERROR">Splunk token authorization is disabled.</msg>
</messages>
</response>

Related

Make requests to Google API with Python

I'm trying to make requests to the Google API to create source repositories using a service account and his JSON key file.
Since there are no client libraries for this product, I am using the queries with Python using this documentation
https://cloud.google.com/source-repositories/docs/reference/rest
I already used a similar code to invoke my cloud-functions with success, but this time I'm block for these requests at the 401 error. I set up the GOOGLE_APPLICATION_CREDENTIALS with the JSON of my service account, give the service-account the permissions of Source Repository Administrator, but still return 401.
Here's my code
import urllib.request
import json
import urllib
import google.auth.transport.requests
import google.oauth2.id_token
body = { "name" : "projects/$my_project_name/repos/$name_repo"}
jsondata = json.dumps(body).encode("utf8")
req = urllib.request.Request('https://sourcerepo.googleapis.com/v1/projects/$my_project_name/repos')
req.add_header('Content-Type', 'application/json; charset=utf-8')
auth_req = google.auth.transport.requests.Request()
id_token = google.oauth2.id_token.fetch_id_token(auth_req, 'https://www.googleapis.com/auth/cloud-platform')
req.add_header("Authorization", f"Bearer {id_token}")
response = urllib.request.urlopen(req, jsondata)
print (response.read().decode())
I tried also using the with an API-KEY at the end of the url like this
req = urllib.request.Request('https://sourcerepo.googleapis.com/v1/projects/$my_project_name/repos?key=$my-api-key')
Thank you
I tried also using the with an API-KEY at the end of the url like this
API Keys are not supported.
Your code is using an OIDC Identity Token instead of an OAuth Acess Token.
from google.oauth2 import service_account
credentials = service_account.Credentials.from_service_account_file(
'/path/to/key.json',
scopes=['https://www.googleapis.com/auth/cloud-platform'])
request = google.auth.transport.requests.Request()
credentials.refresh(request)
// Use the following code to add the access token:
req.add_header("Authorization", f"Bearer {credentials.token}")

XML request is not well-formed or request is incomplete to call Elavon api to generate token

I am trying to send an xml request to generate token
the code is
import requests
url = "https://api.demo.convergepay.com/VirtualMerchantDemo/processxml.do"
dataXml = """
<?xml version="1.0" encoding="UTF-8"?>
<txn>
<ssl_merchant_id>mercentId</ssl_merchant_id>
<ssl_user_id>userID</ssl_user_id>
<ssl_pin>sslPin</ssl_pin>
<ssl_transaction_type>ccgettoken</ssl_transaction_type>
<ssl_card_number>0000000000000000</ssl_card_number>
<ssl_exp_date>1222</ssl_exp_date>
<ssl_avs_address>7300</ssl_avs_address>
<ssl_avs_zip>12345</ssl_avs_zip>
<ssl_verify>N</ssl_verify>
</txn>
"""
x = requests.post(url, data=dataXml)
print(x.text)
But i am getting below error
<?xml version="1.0" encoding="UTF-8"?>
<txn><errorCode>6042</errorCode><errorName>Invalid Request Format</errorName><errorMessage>XML request is not well-formed or request is incomplete.</errorMessage></txn>
What is the wrong with my request ?

Issues using shareplum to access sharepoint

I'm trying to access a sharepoint site using Shareplum.
from shareplum import Site
from shareplum import Office365
authcookie = Office365('https://my.sharepoint.com', username='username#domain.edu', password='password').GetCookies()
site = Site('https://my.sharepoint.com/personal/.../_layouts/15/onedrive.aspx', authcookie=authcookie)
sp_list = site.List('list items')
data = sp_list.GetListItems('All Items', rowlimit=200)
However, I get the following error when I try to run this script.
Exception: ('ERROR:', 500, '<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>Exception of type \'Microsoft.SharePoint.SoapServer.SoapServerException\' was thrown.</faultstring><detail><errorstring xmlns="http://schemas.microsoft.com/sharepoint/soap/">\r\n List does not exist.\r\n The page you selected contains a list that does not exist. It may have been deleted by another user.\r\n </errorstring><errorcode xmlns="http://schemas.microsoft.com/sharepoint/soap/">0x82000006</errorcode></detail></soap:Fault></soap:Body></soap:Envelope>')
Any ideas of what is going on?
The error shows that the specified list does not exist. From the site url, i understand you want to retrieval list items from personal site (onedrive). Please take a reference of below code, it works well here:
from shareplum import Site
from shareplum import Office365
from shareplum.site import Version
from config import config
# get data from configuration
username = config['sp_user']
password = config['sp_password']
authcookie = Office365('https://xxx-my.sharepoint.com', username=username, password=password).GetCookies()
site = Site('https://xxx-my.sharepoint.com/personal/aaa_xxx_onmicrosoft_com',version=Version.v365, authcookie=authcookie)
sp_list = site.List('Documents')
data = sp_list.GetListItems('All',row_limit=10)
print(data)

Add headers and payload in requests.put

I am trying to use requests in a Python3 script to update a deploy key in a gitlab project with write access. Unfortunately, I am receiving a 404 error when trying to connect via the requests module. The code is below:
project_url = str(url)+('/deploy_keys/')+str(DEPLOY_KEY_ID)
headers = {"PRIVATE-TOKEN" : "REDACTED"}
payload = {"can_push" : "true"}
r = requests.put(project_url, headers=headers, json=payload)
print(r)
Is there something that I am doing wrong where in the syntax of my Private Key/headers?
I have gone through gitlab api and requests documentation. I have also confirmed that my Private Token is working outside of the script.
I am expecting it to update the deploy key with write access, but am receiving a upon exit, making me think the issue is with the headers/auth.
This is resolved, it was actually not an auth problem. You must use the project ID instead of url, for example:
project_url = f'https://git.REDACTED.com/api/v4/projects/{project_id}/deploy_keys/{DEPLOY_KEY_ID}'
headers = {"PRIVATE-TOKEN" : "REDACTED"}
payload = {'can_push' : 'true'}
try:
r = requests.put(project_url, headers=headers, data=payload)

soap4r authentication error

I am using soap4r with ruby 1.8.7p358 and I am facing a strange error. I have an endpoint_url, when I browse it, there is no authentication error message. It prints out the response. However, when I create a soap client and try to access the method of the client, it gives me authentication error.
For instatance:
I have a url (say) endpoint_url.com/api/get_name.php?user_name="test"&api_key="test"
This link gives me response like
<response>
<result>
<success>1</success>
</result>
<userspage="1" numberofpages="1" numberofusers="1"><row>Sadiksha</row>
</domains>
</response>
I initialize the rpc driver as
def initialize
#username = "test"
#apikey = "test"
#driver = SOAP::RPC::Driver.new("endpoint_url.com/api/get_name.php", "urn:UserDetails")
end
I have a method in the same file that gets all the statistics of user
def getStats (name)
#driver.add_method('GetDetails', 'name')
user_details = {
'user_name' => #username,
'api_key' => #apikey,
'name' => name
}
result = #driver.GetDetails(user_details)
return result
end
When I run the program it gives me error "Your username & apikey were not recognised!" I have been looking at it for a sometime now. But, I really cannot figure out what might be wrong! Can anyone please let me know what I am doing wrong here!

Resources