im trying to retrieve token from endpoint. curl command works as expected but python script fails. im running the script from linux server, the same server from which i can get token.
(py_venv) [myuser@rest_server bin]$ python --version
Python 3.6.8
(py_venv) [myuser@rest_server bin]$ cat /etc/redhat-release
Red Hat Enterprise Linux release 8.10 (Ootpa)
(py_venv) [myuser@rest_server bin]$ python -m requests.help
from cryptography.hazmat.bindings.openssl.binding import Binding
{
"chardet": {
"version": "5.0.0"
},
"charset_normalizer": {
"version": "2.0.12"
},
"cryptography": {
"version": "40.0.2"
},
"idna": {
"version": "3.10"
},
"implementation": {
"name": "CPython",
"version": "3.6.8"
},
"platform": {
"release": "4.18.0-553.22.1.el8_10.x86_64",
"system": "Linux"
},
"pyOpenSSL": {
"openssl_version": "30100000",
"version": "23.2.0"
},
"requests": {
"version": "2.27.1"
},
"system_ssl": {
"version": "101010bf"
},
"urllib3": {
"version": "1.26.20"
},
"using_charset_normalizer": false,
"using_pyopenssl": true
}
Here is a curl command:
token=$(curl -s -X POST -u client_id:client_secret https://rest_server/rest-api-auth/oauth/token -H "Accept: application/json" -d "grant_type=operator_password&username=client_id&password=password&brand_key=BRAND" | cut -d ":" -f2 | cut -d "," -f1 | cut -d '"' -f2)
echo $token
Here is a py script which fails:
import requests
client_id = "client_id"
client_secret = "client_secret"
username = "client_id"
password = "password"
brand = 'BRAND'
url = 'https://rest_server/rest-api-auth/oauth/token'
headers = {'accept': "application/json"}
data = {
'grant_type': 'password',
'username': f'{username}',
'password': f'{password}',
'client_id': f'{client_id}',
'client_secret': f'{client_secret}',
'brand_key': f'{brand}',
}
try:
r = requests.post(url=url,
headers=headers,
data=data, timeout=(30,30))
print(r.content)
except requests.exceptions.HTTPError as errh:
print(f"Http Error: {errh}")
except requests.exceptions.ConnectionError as errc:
print(f"Error Connecting: {errc}")
except requests.exceptions.Timeout as errt:
print(f"Timeout Error: {errt}")
except requests.exceptions.RequestException as err:
print(f"RequestException Error: {err}")
The error displayed is:
Error Connecting: HTTPSConnectionPool(host='rest_server', port=443): Max retries exceeded with url: /rest-api-auth/oauth/token (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)'),))
Any idea what might be the issue?
im trying to retrieve token from endpoint. curl command works as expected but python script fails. im running the script from linux server, the same server from which i can get token.
(py_venv) [myuser@rest_server bin]$ python --version
Python 3.6.8
(py_venv) [myuser@rest_server bin]$ cat /etc/redhat-release
Red Hat Enterprise Linux release 8.10 (Ootpa)
(py_venv) [myuser@rest_server bin]$ python -m requests.help
from cryptography.hazmat.bindings.openssl.binding import Binding
{
"chardet": {
"version": "5.0.0"
},
"charset_normalizer": {
"version": "2.0.12"
},
"cryptography": {
"version": "40.0.2"
},
"idna": {
"version": "3.10"
},
"implementation": {
"name": "CPython",
"version": "3.6.8"
},
"platform": {
"release": "4.18.0-553.22.1.el8_10.x86_64",
"system": "Linux"
},
"pyOpenSSL": {
"openssl_version": "30100000",
"version": "23.2.0"
},
"requests": {
"version": "2.27.1"
},
"system_ssl": {
"version": "101010bf"
},
"urllib3": {
"version": "1.26.20"
},
"using_charset_normalizer": false,
"using_pyopenssl": true
}
Here is a curl command:
token=$(curl -s -X POST -u client_id:client_secret https://rest_server/rest-api-auth/oauth/token -H "Accept: application/json" -d "grant_type=operator_password&username=client_id&password=password&brand_key=BRAND" | cut -d ":" -f2 | cut -d "," -f1 | cut -d '"' -f2)
echo $token
Here is a py script which fails:
import requests
client_id = "client_id"
client_secret = "client_secret"
username = "client_id"
password = "password"
brand = 'BRAND'
url = 'https://rest_server/rest-api-auth/oauth/token'
headers = {'accept': "application/json"}
data = {
'grant_type': 'password',
'username': f'{username}',
'password': f'{password}',
'client_id': f'{client_id}',
'client_secret': f'{client_secret}',
'brand_key': f'{brand}',
}
try:
r = requests.post(url=url,
headers=headers,
data=data, timeout=(30,30))
print(r.content)
except requests.exceptions.HTTPError as errh:
print(f"Http Error: {errh}")
except requests.exceptions.ConnectionError as errc:
print(f"Error Connecting: {errc}")
except requests.exceptions.Timeout as errt:
print(f"Timeout Error: {errt}")
except requests.exceptions.RequestException as err:
print(f"RequestException Error: {err}")
The error displayed is:
Error Connecting: HTTPSConnectionPool(host='rest_server', port=443): Max retries exceeded with url: /rest-api-auth/oauth/token (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)'),))
Any idea what might be the issue?
First, you need to update the requests package:
pip install --upgrade requests urllib3 cryptography
You can try adding verify=False to the request to bypass the verifaction process (not recommended due to security) also If the server uses a custom certificate:
download it:
openssl s_client -connect rest_server:443 -showcerts > rest_server_cert.pem
use this certificate:
verify='/path/to/rest_server_cert.pem'