使用python发送包含用户名/密码的JWT Get请求 [英] Sending JWT Get Request containing username/password using python
问题描述
我可以访问一个API,我正试图利用它来实现一些任务的自动化,我跳入了该API,但遭到了JWT(我从未使用过)的困扰.几年来我还没有使用python,所以有点生锈.请忍受我.
I have access to an API that I'm trying to start leveraging to automate some tasks and I jumped right into it but was stymied by JWT, which I have never used. I'm also coming off a couple years not using python, so I'm a little rusty. Please bear with me.
以下是API文档的直接引文:
Here is a direct quote from the API documentation:
The authentication mode for an organization is with a JSON Web Token. Users
must pass a JSON Web Token (JWT) in the header of each API request made.
To obtain the JWT, send the user’s API key (UUID) and password in a JSON Web
Token GET Request. The authorization method of "Bearer" and a
space is then prefixed to the encoded token string returned. The token will
be tied to the user account that generated the JWT.
我尝试使用requests
,但出现405错误,我也安装并导入了pyjwt
,但这使我感到困惑.从本质上讲,这就是我要通过python发送的内容:
I've tried with requests
but I'm get 405 errors, I've also installed and imported pyjwt
but it's confusing to me. This is essentially what I'm trying to send via python:
POST https://<our endpoint>/v1/token/get HTTP/1.1
Content-Type: application/json
{
"username": "<myUsername>",
"password": "<myPassword>"
我已经验证了目标API是否可以正常工作,因为有一小部分功能可以在不使用JWT的情况下运行,并且可以通过requests
I've verified that the target API is working, as there is a small set of functionality that works without JWT and was easily accessed via requests
与任何教程一样,我们也欢迎您提出建议.我已经尝试阅读一些JWT教程,但是很难将其翻译成python.
Advice is welcome, as are any tutorials. I've tried to read several JWT tutorials but I'm having a hard time translating it to python.
谢谢!
推荐答案
问题:要获取JWT,请在JSON Web令牌GET请求中发送用户的API密钥(UUID)和密码
Question: To obtain the JWT, send the user’s API key (UUID) and password in a JSON Web Token GET Request
使用python_jwt
的解决方案.
假设:
编码方法= HS256
claims
字段名'consumerId'
claims
字段名'httpMethod'
Assumptions:
Encoding Method = HS256
claims
Fieldname 'consumerId'
claims
Fieldname 'httpMethod'
您在url
中的JWT
看起来像:
'http://httpbin.org/get?eyJ0eXAiOiAiSldUIiwgImFsZyI6ICJIUzI1NiJ9... (omitted for brevity)
response.json()
包含您随后必须使用的请求的JWT
.
response.json()
contains the requested JWT
you have to use afterwards.
注意:您必须使用
https://<base url>/v1/token/get
import python_jwt as jwt
# Create claims dictionary for generation of JwToken
claims = {
'consumerId': 'My App ID',
'httpMethod': 'GET'
}
import datetime
# create JWToken
jwtoken = jwt.generate_jwt(claims, 'My secret', 'HS256', datetime.timedelta(minutes=5))
response = requests.get('http://httpbin.org/get', jwtoken)
print(response.json())
使用Python:3.4.2测试-请求:2.11.1
Tested with Python:3.4.2 - requests:2.11.1
这篇关于使用python发送包含用户名/密码的JWT Get请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!