身份验证失败 - '授权' header 丢失 - Python HTTP 请求 Z3A37580F14322206
[英]Authentication Failed - 'Authorization' header is missing - Python HTTP request to Azure
问题描述
请参阅下面我在尝试向 Azure 发送 REST API PUT 调用时遇到的错误。
{"error":{"code":"AuthenticationFailed","message":"Authentication failed. The 'Authorization' header is missing."}}
这是我的授权代码。
def authorized():
if request.args.get('state') != session.get("state"):
return redirect(url_for("index")) # No-OP. Goes back to Index page
if "error" in request.args: # Authentication/Authorization failure
return render_template("auth_error.html", result=request.args)
if request.args.get('code'):
cache = _load_cache()
result = _build_msal_app(cache=cache).acquire_token_by_authorization_code(
request.args['code'],
scopes=app_config.SCOPE, # Misspelled scope would cause an HTTP 400 error here
redirect_uri=url_for("authorized", _external=True))
if "error" in result:
return render_template("auth_error.html", result=result)
session["user"] = result.get("id_token_claims")
_save_cache(cache)
return redirect(url_for("index"))
def _load_cache():
cache = msal.SerializableTokenCache()
if session.get("token_cache"):
cache.deserialize(session["token_cache"])
return cache
def _save_cache(cache):
if cache.has_state_changed:
session["token_cache"] = cache.serialize()
def _build_msal_app(cache=None, authority=None):
return msal.ConfidentialClientApplication(
app_config.CLIENT_ID, authority=authority or app_config.AUTHORITY,
client_credential=app_config.CLIENT_SECRET, token_cache=cache)
def _build_auth_url(authority=None, scopes=None, state=None):
return _build_msal_app(authority=authority).get_authorization_request_url(
scopes or [],
state=state or str(uuid.uuid4()),
redirect_uri=url_for("authorized", _external=True))
def _get_token_from_cache(scope=None):
cache = _load_cache() # This web app maintains one cache per session
cca = _build_msal_app(cache=cache)
accounts = cca.get_accounts()
if accounts: # So all account(s) belong to the current signed-in user
result = cca.acquire_token_silent(scope, account=accounts[0])
_save_cache(cache)
return result
这是包含 http 请求的代码所在的位置。
@app.route('/storageaccountcreate', methods = ['POST', 'PUT'])
def storageaccountcreate():
name = request.form['storageaccountname']
resourcegroup = request.form['resourcegroup']
subscriptionId = request.form['subscriptionId']
location = request.form['location']
sku = request.form['sku']
url = f'https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourcegroup}/providers/Microsoft.Storage/storageAccounts/{name}?api-version=2019-06-01'
r = requests.put((url))
print(r.text)
return r.text
另请注意,我已经使用 Azure AD 注册了该应用程序,并且我已经将我的应用程序设置为使用 Azure AD 进行身份验证,并且我可以使用 Z3A580F142203677F1F0BC30838 身份验证登录到该应用程序。 我也在登录时收到了令牌,它被存储在缓存中。
1 个解决方案
解决方案1
2 已采纳 2020-04-09 02:43:10
If you want to create Azure storage account with Azure rest API, we need to call the Azure rest API with Azure AD access token. 更多详情请参考官方文档和博客
例如
REST API
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}?api-version=2019-06-01
Authorization: Bearer <access token>
content-type: application/json
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus"
}
python代码
import json
@app.route("/storageaccountcreate")
def graphcall():
token = _get_token_from_cache(["https://management.azure.com/user_impersonation"])
if not token:
return redirect(url_for("login"))
headers={'Authorization': 'Bearer ' + token['access_token'],
'Content-Type': 'application/json'
}
payload={
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus"}
payload=json.dumps(payload)
name = request.form['storageaccountname']
resourcegroup = request.form['resourcegroup']
subscriptionId = request.form['subscriptionId']
location = request.form['location']
sku = request.form['sku']
url = f'https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourcegroup}/providers/Microsoft.Storage/storageAccounts/{name}?api-version=2019-06-01'
response = requests.request("PUT", url, headers=headers, data = payload)
print(response.text)
return response.text
在Python中使用GET和POST以及Authorization HTTP标头
[英]Using GET and POST with Authorization HTTP header in Python
如何从 HTTP 触发的 Python Azure Function 请求标头获取请求主机名?
[英]How to get request hostname from an HTTP-triggered, Python Azure Function request header?
使用URLLIB2的客户端摘要身份验证Python不会记住授权标头信息
[英]Client Digest Authentication Python with URLLIB2 will not remember Authorization Header Information
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
使用 Python 解析 HTTP 请求授权标头
在python中使用HTTP授权标头
请求中缺少授权标头(Angular4和Django)
检查传入请求的授权HTTP Header,Django
在Python中使用GET和POST以及Authorization HTTP标头
Python 请求:POST 请求丢弃授权 header
Selenium 请求的 HTTP 标头中缺少 Referer
如何从 HTTP 触发的 Python Azure Function 请求标头获取请求主机名?
使用URLLIB2的客户端摘要身份验证Python不会记住授权标头信息
使用Python SDK for Azure的HTTP标头错误
相关标签