I'm trying to authenticate to a server using the requests_kerberos package, following the instructions here:
https://github.com/requests/requests-kerberos
import requests
from requests_kerberos import HTTPKerberosAuth
kerberos_auth = HTTPKerberosAuth()
r = requests.get(<myserver>, auth=kerberos_auth)
r.text
And here is the response:
'Apache Tomcat/6.0.53 - Error report HTTP Status 401 - Authentication requiredtype Status reportmessage Authentication requireddescription This request requires HTTP authentication.Apache Tomcat/6.0.53'
klist shows that I have a valid TGT.
I have tried setting the principal directly, but that didn't help. I can authenticate using curl:
curl -i -L --negotiate -u : "<server>"
I'm not sure what else to try; everything is happening "behind the scenes" so I don't know what I'm doing wrong.
Related
I have a curl command. I want to execute in in Python and fetch the response to pass it through other code.
curl https://api.box.com/oauth2/token -d 'grant_type=refresh_token' -d 'refresh_token=Ew38UXVKS3kc0axFt6MdDklUnoHpipxTzDWBmKlXAG9ImvGafbbaUhQndv89e677' -d 'client_id=3qkm5h4wh765b3khiws0z8hdpkc56jhs' -d 'client_secret=h9AeXzZL3KATJuaHmimFFBRBDZQrp9tr' -X POST
How can I execute the script in Python and get the response and pass it through other code?
When I am executing the curl script in CMD, I am getting this response:
{"access_token":"uz843jpIiEWnu0CcuT9as2XbA3UEQTR67","expires_in":4261,"restricted_to":[],"refresh_token":"GsDaP6VyUpHN8vDHbz9ktAjLfMLN0dFL6PMIK4fmDH8eKRqR360vDhQTBhIMZxy67","token_type":"bearer"}
From the above response I need to take the access_token value.
Like avloss said - try out requests.
Another great resource is the application Postman
It will let you try out any http calls you'd like, and then can also translate that into/out of curl and/or python requests code for you (and a bunch of other languages).
I find it really useful when trying to figure how to use requests for anything more than simple http calls.
you should use requests library (pip install requests)
import requests
url = 'https://api.box.com/oauth2/token'
data = {
'grant_type':'refresh_token',
'refresh_token':'***',
'client_id':'***',
'client_secret':'***'
}
response = requests.post(url, data).json()
print(response)
I am trying to get an acess token from the Spotify API. This is the curl command for it :
curl -H "Authorization: Basic M2...xMTJiNDc=" -d "grant_type=authorization_code" -d "code=AQAXvqFp....29kd09" -d "redirect_uri=https%3A%2F%2Fexample.com%2Fcallback" https://accounts.spotify.com/api/token
This works.
However,if I try to run it using python requests,I get a "invalid authorization" token error. I have reproduced the steps to get the auth token multiple times,but still same error.
I read on their GitHub that the auth code works only once,so I used the new auth code with python requests first,but still no luck. This is the python code:
import requests as req
data = {
'grant_type': 'authorization_code',
'code':'AQAXvqFp........9kd09',
'state': '34fFs29kd09=34fFs29kd09',
'redirect_uri': 'https://example.com/callback'
}
header={
"Authorization":f"Basic {authbasic}" #same as in the curl command
}
url = "https://accounts.spotify.com/api/token"
response = req.post(url,headers=header,data=data)
print(response.content)
This is the error:
b'{"error":"invalid_grant","error_description":"Invalid authorization code"}'
How do I resolve this? I am using Python3.6
I have come into a trouble that when using execSync in node.js, it's not working as directly type the command in the shell.
Here is my issue:
I use a curl to request for some data from a server, and I need to do that with a cookie because there is a login requirement.
It's easy to handle the login process and get the cookie, but it's weird that using the cookie with a curl in node.js would cause the server an "internal error". And since I don't have the permission to change the server-code, I'm looking for help about the difference of calling curl in Node.js and directly use curl.
Here is the code:
var command = 'curl --cookie cookie.txt ' + getURL();
console.log(command);
// output: curl --cookie cookie.txt http://example.com/getdata
var result = child_process.execSync(command).toString();
// will cause an internal error and the "result" is an error-reporting page.
Directly calling this in the shell:
curl --cookie cookie.txt http://example.com/getdata
Everything works, I got the data I need.
I tried to find some plots, for instance, changing the code to:
var command = 'curl --cookie cookie-bad.txt ' + getURL();
I put some wrong cookie in the cookie-bad.txt, I will get a "you are not log in" result.
So there must be something wrong with:
sending a cookie to the server to request some data with curl running inside a nodejs script with execSync.
Is there any way I can improve the code or something?
What is your Node.js version? I don't have any problem with 10.16.0.
I am trying to make a post call to IPv6 server using python-requests module on linux. This gives me a 502 Bad Gateway error.
Here are the details of the versions:
Python version: 2.7
Requests module version: 2.22
But I have tried to make the same request from a windows machine(using requests 2.21), and the request is successful.
payload = {
'username' : "abc",
'password' : "xxxx"
}
response = requests.post('https://[2606:b400:605:b857::489]/xyz/auth/tokens', data=payload, verify=False)
print response
I get a 502 Bad Gateway Response Code
This is probably because you didn't add headers required to make a request. Sometimes the request may accept only specific Content-Type
Try capturing the request and have a look to find out what's the issue.
My piston application works correctly when I run it locally with python manage.py runserver command but returns
urllib2.HTTPError: HTTP Error 403:
FORBIDDEN
under apache. How can I debug django-piston application?
I usually debug Piston apps by:
Setting my handlers to use Basic Authentication, even if I'm normally using something else.
Use curl to make requests
Use pdb (or ipdb) to set a breakpoint in my handler if desired.
You can conditionally change to BasicAuthentication like this:
auth = {'authentication': WhateverYouAreUsingForAuthentication(realm="YourSite")}
if getattr(settings, "API_DEBUG", None):
from piston.authentication import HttpBasicAuthentication
auth = {'authentication': HttpBasicAuthentication(realm="Spling")}
some_handler = Resource(SomeHandler, **auth)
To pass a username and password using curl, use the -u option:
curl -u username:password http://localhost:8000/api/some/endpoint/
So in your local settings module, just set API_DEBUG=True whenever you want to use basic auth.