How can I get an oauth2 access_token using Python
Question:
For a project someone gave me this data that I have used in Postman for testing purposes:
In Postman this works perfectly.
Auth URL: https://api.example.com/oauth/access_token
Access Token URL: https://api.example.com/access_token
client ID: abcde
client secret: 12345
Token name: access_token
Grant type: Client Credentials
All I need is to get back the access token.
Once, I got the access token I can continue.
I have already tried several Python packages and some custom code, but somehow this seemingly simple task starts to create a real headache.
One exemple I tried:
import httplib
import base64
import urllib
import json
def getAuthToken():
CLIENT_ID = "abcde"
CLIENT_SECRET = "12345"
TOKEN_URL = "https://api.example.com/oauth/access_token"
conn = httplib.HTTPSConnection("api.example.com")
url = "/oauth/access_token"
params = {
"grant_type": "client_credentials"
}
client = CLIENT_ID
client_secret = CLIENT_SECRET
authString = base64.encodestring('%s:%s' % (client, client_secret)).replace('n', '')
requestUrl = url + "?" + urllib.urlencode(params)
headersMap = {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": "Basic " + authString
}
conn.request("POST", requestUrl, headers=headersMap)
response = conn.getresponse()
if response.status == 200:
data = response.read()
result = json.loads(data)
return result["access_token"]
Then I have got this one:
import requests
import requests.auth
CLIENT_ID = "abcde"
CLIENT_SECRET = "12345"
TOKEN_URL = "https://api.example.com/oauth/access_token"
REDIRECT_URI = "https://www.getpostman.com/oauth2/callback"
def get_token(code):
client_auth = requests.auth.HTTPBasicAuth(CLIENT_ID, CLIENT_SECRET)
post_data = {"grant_type": "client_credentials",
"code": code,
"redirect_uri": REDIRECT_URI}
response = requests.post(TOKEN_URL,
auth=client_auth,
data=post_data)
token_json = response.json()
return token_json["access_token"]
If this would work, what should I put into the code parameter
I really hope someone can help me out here.
Thanks in advance.
Answers:
I was finally able to get it done by using the rauth library (pip install rauth).
This is the code I used:
from rauth import OAuth2Service
class ExampleOAuth2Client:
def __init__(self, client_id, client_secret):
self.access_token = None
self.service = OAuth2Service(
name="foo",
client_id=client_id,
client_secret=client_secret,
access_token_url="http://api.example.com/oauth/access_token",
authorize_url="http://api.example.com/oauth/access_token",
base_url="http://api.example.com/",
)
self.get_access_token()
def get_access_token(self):
data = {'code': 'bar', # specific to my app
'grant_type': 'client_credentials', # generally required!
}
session = self.service.get_auth_session(data=data, decoder=json.loads)
self.access_token = session.access_token
Simply (in case of Facebook Authentication):
import requests, json
access_token = requests.get("https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=your_client_id&client_secret=your_client_secret").json()["access_token"]
Or you can use rauth library.
In the docs there is an interesting example with facebook oAuth2 authentication:
from rauth import OAuth2Service
facebook = OAuth2Service(
client_id='your_client_id',
client_secret='your_client_secret',
name='facebook',
authorize_url='https://graph.facebook.com/oauth/authorize',
access_token_url='https://graph.facebook.com/oauth/access_token',
base_url='https://graph.facebook.com/')
and after open a session:
session = facebook.get_auth_session(data={'code': 'foo','redirect_uri': redirect_uri})
in the session json there is your access token
Before using it, you need to pip install requests
import requests
def get_access_token(url, client_id, client_secret):
response = requests.post(
url,
data={"grant_type": "client_credentials"},
auth=(client_id, client_secret),
)
return response.json()["access_token"]
get_access_token("https://api.example.com/access_token", "abcde", "12345")
You can use the below code when you don’t have the client_secret.
Import these two libraries – import requests & import json
auth_server_url = "**mention_your_url**"
data = {"client_id": "**mention_your_client_id**", "grant_type": "**your_grant_type**", "username":"**your_username**", "password":"**your_password**", "scope": "**your_scope**"}
response = requests.post(auth_server_url, data=data, verify=False, allow_redirects=False)
tokens = json.loads(response.text)
print(tokens['access_token'])
I found this to work:
from oauthlib.oauth2 import BackendApplicationClient
from requests.auth import HTTPBasicAuth
from requests_oauthlib import OAuth2Session
# Set the OAuth2 provider URL and client credentials
provider_url = "https://oauth2.provider.com"
client_id = "your-client-id"
client_secret = "your-client-secret"
# Create a BackendApplicationClient object
client = BackendApplicationClient(client_id=client_id)
# Create an OAuth2Session object
oauth = OAuth2Session(client=client)
# Get the access token
token = oauth.fetch_token(
token_url=provider_url + "/oauth2/token",
auth=HTTPBasicAuth(client_id, client_secret)
)
# Print the access token
print(token["access_token"])
This code will create an OAuth2Session object using the oauthlib library and use it to get an access token from the OAuth2 provider. The provider URL, client ID, and client secret must be set to the correct values for your application. Once you have the access token, you can use it to authenticate API calls to the OAuth2 provider.
This is just an example and may not work with all OAuth2 providers. You may need to adjust the code and the parameters to match the specific requirements of your OAuth2 provider.
For a project someone gave me this data that I have used in Postman for testing purposes:
In Postman this works perfectly.
Auth URL: https://api.example.com/oauth/access_token
Access Token URL: https://api.example.com/access_token
client ID: abcde
client secret: 12345
Token name: access_token
Grant type: Client Credentials
All I need is to get back the access token.
Once, I got the access token I can continue.
I have already tried several Python packages and some custom code, but somehow this seemingly simple task starts to create a real headache.
One exemple I tried:
import httplib
import base64
import urllib
import json
def getAuthToken():
CLIENT_ID = "abcde"
CLIENT_SECRET = "12345"
TOKEN_URL = "https://api.example.com/oauth/access_token"
conn = httplib.HTTPSConnection("api.example.com")
url = "/oauth/access_token"
params = {
"grant_type": "client_credentials"
}
client = CLIENT_ID
client_secret = CLIENT_SECRET
authString = base64.encodestring('%s:%s' % (client, client_secret)).replace('n', '')
requestUrl = url + "?" + urllib.urlencode(params)
headersMap = {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": "Basic " + authString
}
conn.request("POST", requestUrl, headers=headersMap)
response = conn.getresponse()
if response.status == 200:
data = response.read()
result = json.loads(data)
return result["access_token"]
Then I have got this one:
import requests
import requests.auth
CLIENT_ID = "abcde"
CLIENT_SECRET = "12345"
TOKEN_URL = "https://api.example.com/oauth/access_token"
REDIRECT_URI = "https://www.getpostman.com/oauth2/callback"
def get_token(code):
client_auth = requests.auth.HTTPBasicAuth(CLIENT_ID, CLIENT_SECRET)
post_data = {"grant_type": "client_credentials",
"code": code,
"redirect_uri": REDIRECT_URI}
response = requests.post(TOKEN_URL,
auth=client_auth,
data=post_data)
token_json = response.json()
return token_json["access_token"]
If this would work, what should I put into the code parameter
I really hope someone can help me out here.
Thanks in advance.
I was finally able to get it done by using the rauth library (pip install rauth).
This is the code I used:
from rauth import OAuth2Service
class ExampleOAuth2Client:
def __init__(self, client_id, client_secret):
self.access_token = None
self.service = OAuth2Service(
name="foo",
client_id=client_id,
client_secret=client_secret,
access_token_url="http://api.example.com/oauth/access_token",
authorize_url="http://api.example.com/oauth/access_token",
base_url="http://api.example.com/",
)
self.get_access_token()
def get_access_token(self):
data = {'code': 'bar', # specific to my app
'grant_type': 'client_credentials', # generally required!
}
session = self.service.get_auth_session(data=data, decoder=json.loads)
self.access_token = session.access_token
Simply (in case of Facebook Authentication):
import requests, json
access_token = requests.get("https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=your_client_id&client_secret=your_client_secret").json()["access_token"]
Or you can use rauth library.
In the docs there is an interesting example with facebook oAuth2 authentication:
from rauth import OAuth2Service
facebook = OAuth2Service(
client_id='your_client_id',
client_secret='your_client_secret',
name='facebook',
authorize_url='https://graph.facebook.com/oauth/authorize',
access_token_url='https://graph.facebook.com/oauth/access_token',
base_url='https://graph.facebook.com/')
and after open a session:
session = facebook.get_auth_session(data={'code': 'foo','redirect_uri': redirect_uri})
in the session json there is your access token
Before using it, you need to pip install requests
import requests
def get_access_token(url, client_id, client_secret):
response = requests.post(
url,
data={"grant_type": "client_credentials"},
auth=(client_id, client_secret),
)
return response.json()["access_token"]
get_access_token("https://api.example.com/access_token", "abcde", "12345")
You can use the below code when you don’t have the client_secret.
Import these two libraries – import requests & import json
auth_server_url = "**mention_your_url**"
data = {"client_id": "**mention_your_client_id**", "grant_type": "**your_grant_type**", "username":"**your_username**", "password":"**your_password**", "scope": "**your_scope**"}
response = requests.post(auth_server_url, data=data, verify=False, allow_redirects=False)
tokens = json.loads(response.text)
print(tokens['access_token'])
I found this to work:
from oauthlib.oauth2 import BackendApplicationClient
from requests.auth import HTTPBasicAuth
from requests_oauthlib import OAuth2Session
# Set the OAuth2 provider URL and client credentials
provider_url = "https://oauth2.provider.com"
client_id = "your-client-id"
client_secret = "your-client-secret"
# Create a BackendApplicationClient object
client = BackendApplicationClient(client_id=client_id)
# Create an OAuth2Session object
oauth = OAuth2Session(client=client)
# Get the access token
token = oauth.fetch_token(
token_url=provider_url + "/oauth2/token",
auth=HTTPBasicAuth(client_id, client_secret)
)
# Print the access token
print(token["access_token"])
This code will create an OAuth2Session object using the oauthlib library and use it to get an access token from the OAuth2 provider. The provider URL, client ID, and client secret must be set to the correct values for your application. Once you have the access token, you can use it to authenticate API calls to the OAuth2 provider.
This is just an example and may not work with all OAuth2 providers. You may need to adjust the code and the parameters to match the specific requirements of your OAuth2 provider.