stackoom
  简体   繁体   中英

How to hit a API which is PingIdentity authenticated; via python?

 原文  2022-01-13 19:49:18       python/ oauth-2.0/ jwt/ openid-connect/ fastapi

Question

I have this API, something like this:

https://baseurl.com/endpoint

It is a GET API and has PingIdentity's OIDC + Auth2.0 authentication & authorization(enabled at KONG API GATEWAY level) mechanism. The first time I hit this API via my browser, it redirects me to a sign-in page, which on successful sign-in, successfully triggers this API and shows me the output JSON on the browser. For the next 1 hour, whenever I hit this API again, it doesn't ask for a sign-in again. After that, I again have to sign in once.

Now, I need to hit this API via Python. The problem is, in response, it gives an HTML output, which is basically that sign-in page that the browser was redirecting me to. Here is what I have tried:

I wrote this API using FastAPI in python, and when I requested it on the browser, I recorded its headers in FastAPI via request.headers . Here is what the headers contained:

'host':
'keep-alive':
'connection':
'x-forwarded-for':
'x-forwarded-proto':
'x-forwarded-host':
'x-forwarded-port':
'x-forwarded-path':
'x-forwarded-prefix':
'x-real-ip':
'cache-control':
'sec-ch-ua':
'sec-ch-ua-mobile':
'sec-ch-ua-platform':
'upgrade-insecure-requests':
'user-agent':
'accept':
'sec-fetch-site':
'sec-fetch-mode':
'sec-fetch-user':
'sec-fetch-dest':
'referer':
'accept-encoding':
'accept-language':
'cookie': {contained my organization specific data, which I am sure are not essential}
'username':
'client_id':
'oidc-access-token': {it is a JWT token, which I have confirmed with my teammates, is the access token from PingIdentity}

However, when I set these same headers when using Python requests library to hit this same API, it is again returning me the HTML of the sign-in page and is not giving me the result, I also tried copying headers from the NETWORKS tab in the Debugger tool in browser and setting those same parameters in my requests in python: but nothing works still! Here is how I am hitting the API in python:

import requests
hit_my_api = requests.get("https://baseurl.com/endpoint", headers={<The ones I mentioned above>})

How to get around with this?

1 answers

solution1
 0  2022-01-13 20:45:14

You should add the JWT token in the headers as below (see here ):

hit_my_api = requests.get("https://baseurl.com/endpoint", headers={'Authorization': 'access_token myToken'})

EDIT: If the above doesn't work, try this:

hit_my_api = requests.get("https://baseurl.com/endpoint", headers={ 'Authorization': 'Bearer <your_token>' })

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to login into an website which is authenticated by google + API using python? How to get results from a HIT on sandbox via Mturk API Creating authenticated Python API call Authenticated call to MtGox WebSocket API in Python 3 How to fill textareas and select option (select tag) and hit submit (input tag) via python? Calling Authenticated Beebole API using Python i have done with python flask api. Now how to create log file to know whenever the api is hit? How do I code POST authenticated request to an API using python requests? How to authorize via token in Python to an API How to control a Python GUI via HTTP API
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM