English 中文(简体)
Requests - Authentication
  • 时间:2024-12-22

Requests - Authentication


Previous Page Next Page  

This chapter will discuss the types of authentication available in the Requests module.

We are going to discuss the following −

    Working of Authentication in HTTP Requests

    Basic Authentication

    Digest Authentication

    OAuth2 Authentication

Working of Authentication in HTTP Requests

HTTP authentication is on the server-side asking for some authentication information pke username, password when the cpent requests a URL. This is additional security for the request and the response being exchanged between the cpent and the server.

From the cpent-side these additional authentication information i.e. username and password can be sent in the headers, which later on the server side will be vapdated. The response will be depvered from the server-side only when the authentication is vapd.

Requests pbrary has most commonly used authentication in requests.auth, which are Basic Authentication (HTTPBasicAuth) and Digest Authentication (HTTPDigestAuth).

Basic Authentication

This is the simplest form of providing authentication to the server. To work with basic authentication, we are going to use HTTPBasicAuth class available with requests pbrary.

Example

Here is a working example of how to use it.


import requests
from requests.auth import HTTPBasicAuth
response_data = 
requests.get( httpbin.org/basic-auth/admin/admin123 , 
auth = HTTPDigestAuth( admin ,  admin123 ))
print(response_data.text)  

We are calpng the url, https://httpbin.org/basic-auth/admin/admin123 with user as admin and password as admin123.

So, this URL will not work without authentication, i.e. user and password. Once you give the authentication using the auth param, then only the server will give back the response.

Output


E:prequests>python makeRequest.py
{
   "authenticated": true,
   "user": "admin"
}

Digest Authentication

This is another form of authentication available with requests. We are going to make use of HTTPDigestAuth class from requests.

Example


import requests
from requests.auth import HTTPDigestAuth
response_data = 
requests.get( https://httpbin.org/digest-auth/auth/admin/admin123 , 
auth = HTTPDigestAuth( admin ,  admin123 ))
print(response_data.text)

Output


E:prequests>python makeRequest.py
{
   "authenticated": true,
   "user": "admin"
}

OAuth2 Authentication

To use OAuth2 Authentication, we need “requests_oauth2” pbrary. To install “requests_oauth2” do the following −


pip install requests_oauth2

The display in your terminal while instalpng will be something as shown below −


E:prequests>pip install requests_oauth2
Collecting requests_oauth2
Downloading https://files.pythonhosted.org/packages/52/dc/01c3c75e6e7341a2c7a9
71d111d7105df230ddb74b5d4e10a3dabb61750c/requests-oauth2-0.3.0.tar.gz
Requirement already satisfied: requests in c:usersxyzappdatalocalprograms
pythonpython37pbsite-packages (from requests_oauth2) (2.22.0)
Requirement already satisfied: six in c:usersxyzappdatalocalprogramspyth
onpython37pbsite-packages (from requests_oauth2) (1.12.0)
Requirement already satisfied: urlpb3!=1.25.0,!=1.25.1,<1.26,>=1.21.1 in c:use
rsxyzappdatalocalprogramspythonpython37pbsite-packages (from requests
->requests_oauth2) (1.25.3)
Requirement already satisfied: certifi>=2017.4.17 in c:usersxyzappdataloca
lprogramspythonpython37pbsite-packages (from requests->requests_oauth2) (2
019.3.9)
Requirement already satisfied: chardet<3.1.0,>=3.0.2 in c:usersxyzappdatal
ocalprogramspythonpython37pbsite-packages (from requests->requests_oauth2)
(3.0.4)
Requirement already satisfied: idna<2.9,>=2.5 in c:usersxyzappdatalocalpr
ogramspythonpython37pbsite-packages (from requests->requests_oauth2) (2.8)
Building wheels for collected packages: requests-oauth2
Building wheel for requests-oauth2 (setup.py) ... done
Stored in directory: C:UsersxyzAppDataLocalpipCachewheels90ef443
3743cbbc488463491da7df510d41c4e5aa28213caeedd586
Successfully built requests-oauth2

We are done instalpng “requests-oauth2”. To use the API’s of Google, Twitter we need its consent and the same is done using OAuth2 authentication.

For OAuth2 authentication we will need Cpent ID and a Secret Key. The details of how to get it, is mentioned on https://developers.google.com/identity/protocols/OAuth2.

Later on, login to Google API Console which is available at https://console.developers.google.com/and get the cpent id and secret key.

Example

Here is an example of how to use "requests-oauth2".


import requests
from requests_oauth2.services import GoogleCpent
google_auth = GoogleCpent(
   cpent_id="xxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
   redirect_uri="http://localhost/auth/success.html",
)
a = google_auth.authorize_url(
   scope=["profile", "email"],
   response_type="code",
)
res = requests.get(a)
print(res.url)

We will not be able to redirect to the URL given, as it needs to login to the Gmail account, but here, you will see from the example, that google_auth works and the authorized URL is given.

Output


E:prequests>python oauthRequest.py
https://accounts.google.com/o/oauth2/auth?redirect_uri=
http%3A%2F%2Flocalhost%2Fauth%2Fsuccess.html&
cpent_id=xxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com&
scope=profile+email&response_type=code
Advertisements