如何访问经过 PingIdentity 认证的 API; 通过 python?
[英]How to hit a API which is PingIdentity authenticated; via python?
问题描述
I have this API, something like this:
我有这个 API,是这样的:
https://baseurl.com/endpoint
It is a GET API and has PingIdentity's OIDC + Auth2.0 authentication & authorization(enabled at KONG API GATEWAY level) mechanism.它是一个 GET API 并具有 PingIdentity 的 OIDC + Auth2.0 身份验证和授权(在 KONG API GATEWAY 级别启用)机制。 The first time I hit this API via my browser, it redirects me to a sign-in page, which on successful sign-in, successfully triggers this API and shows me the output JSON on the browser. The first time I hit this API via my browser, it redirects me to a sign-in page, which on successful sign-in, successfully triggers this API and shows me the output JSON on the browser. For the next 1 hour, whenever I hit this API again, it doesn't ask for a sign-in again.在接下来的 1 小时内,每当我再次点击此 API 时,它都不会再次要求登录。 After that, I again have to sign in once.之后,我再次必须登录一次。
Now, I need to hit this API via Python.现在,我需要通过 Python 访问这个 API。 The problem is, in response, it gives an HTML output, which is basically that sign-in page that the browser was redirecting me to.问题是,作为响应,它给出了 HTML output,这基本上是浏览器将我重定向到的登录页面。 Here is what I have tried:这是我尝试过的:
I wrote this API using FastAPI in python, and when I requested it on the browser, I recorded its headers in FastAPI via request.headers .我在 python 中使用 FastAPI 编写了这个 API,当我在浏览器上请求它时,我通过request.headers在 FastAPI 中记录了它的标题。 Here is what the headers contained:以下是标题包含的内容:
'host':
'keep-alive':
'connection':
'x-forwarded-for':
'x-forwarded-proto':
'x-forwarded-host':
'x-forwarded-port':
'x-forwarded-path':
'x-forwarded-prefix':
'x-real-ip':
'cache-control':
'sec-ch-ua':
'sec-ch-ua-mobile':
'sec-ch-ua-platform':
'upgrade-insecure-requests':
'user-agent':
'accept':
'sec-fetch-site':
'sec-fetch-mode':
'sec-fetch-user':
'sec-fetch-dest':
'referer':
'accept-encoding':
'accept-language':
'cookie': {contained my organization specific data, which I am sure are not essential}
'username':
'client_id':
'oidc-access-token': {it is a JWT token, which I have confirmed with my teammates, is the access token from PingIdentity}
However, when I set these same headers when using Python requests library to hit this same API, it is again returning me the HTML of the sign-in page and is not giving me the result, I also tried copying headers from the NETWORKS tab in the Debugger tool in browser and setting those same parameters in my requests in python: but nothing works still!但是,当我在使用 Python 请求库时设置这些相同的标头以访问相同的 API 时,它再次返回给我 HTML 的标头,我也尝试了登录页面的 WORKS 结果,而不是从标头中给我浏览器中的调试器工具并在 python 的请求中设置相同的参数:但仍然没有任何效果! Here is how I am hitting the API in python:这是我在 python 中击中 API 的方式:
import requests
hit_my_api = requests.get("https://baseurl.com/endpoint", headers={<The ones I mentioned above>})
How to get around with this?如何解决这个问题?
1 个解决方案
解决方案1
0 2022-01-13 20:45:14
You should add the JWT token in the headers as below (see here ):您应该在如下标题中添加 JWT 令牌(请参见此处):
hit_my_api = requests.get("https://baseurl.com/endpoint", headers={'Authorization': 'access_token myToken'})
EDIT: If the above doesn't work, try this:编辑:如果上述方法不起作用,请尝试以下操作:
hit_my_api = requests.get("https://baseurl.com/endpoint", headers={ 'Authorization': 'Bearer <your_token>' })
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.