Geek Answers Handbook

Using OAuth2 with username and password

I got the REST API for a specific service as part of the beta. I was told that authorization went through OAuth2.

I got the following:

  • ID
  • SECRET
  • SITE

I also got a sample code in Ruby:

client = OAuth2::Client.new(key, secret, :site => site) token = client.password.get_token(' your_email@mail.com ', 'your_password') access_token = OAuth2::AccessToken.new(client, token) JSON.parse access_token.get("/v1/users/me").body rescue {}

I am trying to implement the same fragment in python with the oauth2 package without success:

 consumer = oauth2.Consumer(key=self._client_id, secret=self._client_secret) request_token_url = "api.theservice.com/" token = oauth2.Token(key=self._email, secret=self._password) client = oauth2.Client(consumer, token) resp, content = client.request(request_token_url, "GET") pprint.pprint(resp) pprint.pprint(content) resp, content = client.request(request_token_url + 'v1/users/me', "GET") pprint.pprint(resp) pprint.pprint(content)

The second answer contains the following:

 'www-authenticate': 'Bearer realm="Doorkeeper", error="invalid_token", ' 'error_description="The access token is invalid"',

I also tried creating an oauth2.Client object without a token and checked the first answer for access_token , but none of this happened.

What is the correct authentication method here?

+7
python authentication ruby oauth2
source share
1 answer

As far as I can see, neither oauth2 nor oauth2 requests support a username and password strategy. Therefore, you need to get the access token yourself.

Check your API docs for details, but overall it should be something like this:

 r = requests.post('http://api.theservice.com/auth', data = {'email':email, 'password': password}).json() token = oauth2.Token(key=r['key'], secret=r['secret']) consumer = oauth2.Consumer(key=self._client_id, secret=self._client_secret) client = oauth2.Client(consumer, token)
0
source share

More articles:


All Articles