Cara menggunakan python requests openid connect

Question

In this tutorial, you’ll learn how to provide authentication for the requests you make with the Python requests library. Many web services, such as APIs, require authentication. This can often be a daunting topic for beginner or novice programmers, alike. This is especially true, given that there are many different types of authentication. Thankfully, the requests library comes with a large number of different authentication methods built-in, making the process simple and easy.

Table of Contents Show

Use Basic Authentication with Python Requests
Use a Basic Authorization Token as Credentials with Python Requests
Use Digest Authentication with Python Requests
Use OAuth1 Authentication with Python Requests
Use OAuth2 and OpenID Connect Authentication with Python Requests
Create Custom Authentication Methods for Python Requests

By the end of this tutorial, you’ll have learned:

How to use basic authentication with Python requests
How to use a basic authorization token as credentials with Python requests
How to use digest authentication with Python requests
How to use OAuth1 authentication with Python requests
How to use OAuth2 and OpenID Connect with Python requests
How to create your own authentication methods for using with Python requests

Table of Contents

Use Basic Authentication with Python Requests

Basic authentication refers to using a username and password for authentication a request. Generally, this is done by using the

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

1 class provided by the requests library. However, as you’ll later learn, the requests library makes this much easier, as well, by using the

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

4 parameter.

Let’s see how we can pass in a username and password into a simple

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

5 request using the

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

1 class:

# Authentication in Requests with HTTPBasicAuth
import requests
from requests.auth import HTTPBasicAuth
auth = HTTPBasicAuth('user', 'pass')

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=auth))

# Returns: <Response [200]>

Let’s break down what we did in the code above:

We imported both the requests library as well as only the

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

1 class

We then created a new

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

1 object,

# Using an Authorization Token as Credentials
import requests

headers = {'Authorization': 'abcde12345'}
print(requests.get('https://httpbin.org/basic-auth/user/pass', headers=headers))

# Returns: <Response [200]>

0, which contains a string for the username and password

Finally, we printed the

# Using an Authorization Token as Credentials
import requests

headers = {'Authorization': 'abcde12345'}
print(requests.get('https://httpbin.org/basic-auth/user/pass', headers=headers))

# Returns: <Response [200]>

1 we returned when passing our

# Using an Authorization Token as Credentials
import requests

headers = {'Authorization': 'abcde12345'}
print(requests.get('https://httpbin.org/basic-auth/user/pass', headers=headers))

# Returns: <Response [200]>

0 variable into the

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

4 parameter of the

# Using an Authorization Token as Credentials
import requests

headers = {'Authorization': 'abcde12345'}
print(requests.get('https://httpbin.org/basic-auth/user/pass', headers=headers))

# Returns: <Response [200]>

4 function

If you were using this method, you’d change

# Using an Authorization Token as Credentials
import requests

headers = {'Authorization': 'abcde12345'}
print(requests.get('https://httpbin.org/basic-auth/user/pass', headers=headers))

# Returns: <Response [200]>

5 and

# Using an Authorization Token as Credentials
import requests

headers = {'Authorization': 'abcde12345'}
print(requests.get('https://httpbin.org/basic-auth/user/pass', headers=headers))

# Returns: <Response [200]>

6 to the username and password of your choice.

Because the basic authentication method is used so frequently, the requests library abstracts away some of this complexity. Rather than needing to create a new

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

1 object each time, you can simply pass a tuple containing your username and password into the

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

4 parameter.

Let’s see what this looks like:

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

In the code above, we were able to significantly reduce the complexity of our code. The Python requests library handles a lot of the boilerplate code for us!

In the following section, you’ll learn how to use digest authentication in the Python requests library.

Use a Basic Authorization Token as Credentials with Python Requests

Many APIs will simply provide you with a basic authorization (or, auth) token instead of credentials. The Python requests library makes working with these types of authorizations very easy. These tokens can easily be embedded in the headers of a request that’s being made.

In order to use basic authorization tokens as credentials, simply pass the token into the

# Authentication in Requests with HTTPDigestAuth
import requests
from requests.auth import HTTPDigestAuth
auth = HTTPDigestAuth('user', 'pass')

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=auth))

# Returns: <Response [200]>

3 header of a request:

# Using an Authorization Token as Credentials
import requests

headers = {'Authorization': 'abcde12345'}
print(requests.get('https://httpbin.org/basic-auth/user/pass', headers=headers))

# Returns: <Response [200]>

The requests library accepts headers in the form of a Python dictionary. In the example above, we passed in a sample token as a string. Simply switch out the token you’re using with your own API key and pass it into the

# Authentication in Requests with HTTPDigestAuth
import requests
from requests.auth import HTTPDigestAuth
auth = HTTPDigestAuth('user', 'pass')

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=auth))

# Returns: <Response [200]>

5 parameter.

Use Digest Authentication with Python Requests

A very common way of authenticating HTTP requests is to use the digest authentication method. Similar to the Basic HTTP Authentication method shown above, the requests library provides a class to help with digest authentication.

Let’s see how you can use the

# Authentication in Requests with HTTPDigestAuth
import requests
from requests.auth import HTTPDigestAuth
auth = HTTPDigestAuth('user', 'pass')

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=auth))

# Returns: <Response [200]>

7 class to authenticate using digest authentication in Python:

# Authentication in Requests with HTTPDigestAuth
import requests
from requests.auth import HTTPDigestAuth
auth = HTTPDigestAuth('user', 'pass')

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=auth))

# Returns: <Response [200]>

Let’s break down what we did in the code block above:

We imported requests and the

# Authentication in Requests with HTTPDigestAuth
import requests
from requests.auth import HTTPDigestAuth
auth = HTTPDigestAuth('user', 'pass')

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=auth))

# Returns: <Response [200]>

7 class from the

# Using an Authorization Token as Credentials
import requests

headers = {'Authorization': 'abcde12345'}
print(requests.get('https://httpbin.org/basic-auth/user/pass', headers=headers))

# Returns: <Response [200]>

0 module

We then created an

# Using an Authorization Token as Credentials
import requests

headers = {'Authorization': 'abcde12345'}
print(requests.get('https://httpbin.org/basic-auth/user/pass', headers=headers))

# Returns: <Response [200]>

0 object by passing our username and password into the class constructor

Then, we made a request and printed out the response

In the following section, you’ll learn how to use OAuth1 authentication with the Python requests library.

Use OAuth1 Authentication with Python Requests

A very common form of authentication when using web APIs is the OAuth form of authentication. Generally, OAuth authentications come with a client key, client secret, a resource key, and a resource secret. While this may seem like a lot, it’s simple to provide to your request.

In order to use OAuth1 authentication, you need to install the

# Installing the requests-oauthlib library
$ pip install requests requests-oauthlib

3 library. This can be done easily using the

# Installing the requests-oauthlib library
$ pip install requests requests-oauthlib

4 installer:

# Installing the requests-oauthlib library
$ pip install requests requests-oauthlib

Once the library is installed, you can authentication using OAuth1 using the following code:

# Authenticating Using the OAuth1 Authentication Method
import requests
from requests_oauthlib import OAuth1

url = 'https://api.twitter.com/1.1/account/verify_credentials.json'
auth = OAuth1('YOUR_APP_KEY', 'YOUR_APP_SECRET',
              'USER_OAUTH_TOKEN', 'USER_OAUTH_TOKEN_SECRET')

requests.get(url, auth=auth)
<Response [200]>

The OAuth1 method was replaced by the OAuth2 authentication protocol in 2012, making it much more robust and reliable. In the following section, you’ll learn how to authenticate using the OAuth2 method.

Use OAuth2 and OpenID Connect Authentication with Python Requests

The OAuth2 authentication protocol is a more robust and reliable protocol than the OAuth1 method. Similar to the method shown above, the OAuth2 authentication uses access tokens. These access tokens are special kinds of data, often in the form of JSON, that allow users to authenticate for a site or a particular resource. Additionally, these tokens often have an expiry date and time in order to keep them more secure.

In order to use OAuth2 with the requests library, you need to install the

# Installing the requests-oauthlib library
$ pip install requests requests-oauthlib

3 library. This can be done easily using the

# Installing the requests-oauthlib library
$ pip install requests requests-oauthlib

4 installer:

# Installing the requests-oauthlib library
$ pip install requests requests-oauthlib

Once the library is installed, you can authentication using OAuth2 using the following process:

Obtain credentials from the provider manually. Generally, this will include a
```
# Installing the requests-oauthlib library
$ pip install requests requests-oauthlib
```
8, but likely also a
```
# Installing the requests-oauthlib library
$ pip install requests requests-oauthlib
```
9. In some cases, you’ll also need to register a default redirect URI to be used by your application.

Create a OAuth2 session using the

# Installing the requests-oauthlib library
$ pip install requests requests-oauthlib

3 library

Fetch the token from the session object
Access the resources using the session object

# Authenticating with OAuth2 in Requests
from requests_oauthlib import OAuth2Session

# Inlcude your data
client_id = "include your client_id here"
client_secret = "include your client_secret here"
redirect_uri = "include your redirect URI here"

# Create a session object
oauth = OAuth2Session(client_id, redirect_uri = redirect_uri)

# Fetch a token
token = oauth.fetch_token("<url to fetch access token>", client_secret = client_secret)

# Get your authenticated response
resp = oauth.get("URL to the resource")

This process was a bit more complicated. However, this is a worthwhile method to learn given the prevalence of OAuth2. In the following section, you’ll learn how to authenticate using custom methods in the Python requests library.

Create Custom Authentication Methods for Python Requests

In some cases, the required form of authentication won’t exist in the requests library. Thankfully, the library allows you to create your own forms of authentication by providing a general structure via a subclass.

Let’s see how we can create our own form of authentication by inheriting from the

# Authenticating Using the OAuth1 Authentication Method
import requests
from requests_oauthlib import OAuth1

url = 'https://api.twitter.com/1.1/account/verify_credentials.json'
auth = OAuth1('YOUR_APP_KEY', 'YOUR_APP_SECRET',
              'USER_OAUTH_TOKEN', 'USER_OAUTH_TOKEN_SECRET')

requests.get(url, auth=auth)
<Response [200]>

3 class:

# Creating a Custom Authentication Method
import requests
from requests.auth import AuthBase

class CustomAuth(AuthBase):
    def __call__(self, r):
        # Implement authentication here
        return r

requests.get(url, auth=CustomAuth())

In the code above, we demonstrated the basic requirements for how to construct your own form of authentication:

We imported the requests library and the

# Authenticating Using the OAuth1 Authentication Method
import requests
from requests_oauthlib import OAuth1

url = 'https://api.twitter.com/1.1/account/verify_credentials.json'
auth = OAuth1('YOUR_APP_KEY', 'YOUR_APP_SECRET',
              'USER_OAUTH_TOKEN', 'USER_OAUTH_TOKEN_SECRET')

requests.get(url, auth=auth)
<Response [200]>

3 class

We then created our own class, inheriting from the

# Authenticating Using the OAuth1 Authentication Method
import requests
from requests_oauthlib import OAuth1

url = 'https://api.twitter.com/1.1/account/verify_credentials.json'
auth = OAuth1('YOUR_APP_KEY', 'YOUR_APP_SECRET',
              'USER_OAUTH_TOKEN', 'USER_OAUTH_TOKEN_SECRET')

requests.get(url, auth=auth)
<Response [200]>

3 class

The class only have the

# Authenticating Using the OAuth1 Authentication Method
import requests
from requests_oauthlib import OAuth1

url = 'https://api.twitter.com/1.1/account/verify_credentials.json'
auth = OAuth1('YOUR_APP_KEY', 'YOUR_APP_SECRET',
              'USER_OAUTH_TOKEN', 'USER_OAUTH_TOKEN_SECRET')

requests.get(url, auth=auth)
<Response [200]>

7 method implemented, currently

The class can then be used the

# Simplifying Basic Authentication with Python requests
import requests

print(requests.get('https://httpbin.org/basic-auth/user/pass', auth=('user', 'pass')))

# Returns: <Response [200]>

4 parameter of a HTTP request

Conclusion

In this tutorial, you learned how to provide authentication for the requests you make with the Python requests library. Because most web APIs and services require some form of authentication, having a good handle on how to perform these with the requests library is an important skill. You first learned how to use basic authentication, digest authentication, and token authentication. Then, you learned how to use OAuth1 and OAuth2, as well as custom authentication implementations.

kode python