Authentication refers to giving a user permissions to access a particular resource. Since, everyone can’t be allowed to access data from every URL, one would require authentication primarily. To achieve this authentication, typically one provides authentication data through Authorization header or a custom header defined by server. Example –
# import requests module import requests from requests.auth import HTTPBasicAuth # Making a get request response = requests.get( 'https://api.github.com / user, ' , auth = HTTPBasicAuth( 'user' , 'pass' )) # print request object print (response) |
Replace “user” and “pass” with your username and password. It will authenticate the request and return a response 200 or else it will return error 403.If you an invalid username or password, it will return an error as –
Types of Authentication
Digest Authentication Another very popular form of HTTP Authentication is Digest Authentication, and Requests supports this out of the box as well:>>> from requests.auth import HTTPDigestAuth >>> url = ‘https://httpbin.org/digest-auth/auth/user/pass’ >>> requests.get(url, auth=HTTPDigestAuth(‘user’, ‘pass’))
OAuth 1 Authentication A common form of authentication for several web APIs is OAuth. The requests-oauthlib library allows Requests users to easily make OAuth 1 authenticated requests:>>> import requests >>> from requests_oauthlib import OAuth1 >>> url = ‘https://api.twitter.com/1.1/account/verify_credentials.json’ >>> auth = OAuth1(‘YOUR_APP_KEY’, ‘YOUR_APP_SECRET’, … ‘USER_OAUTH_TOKEN’, ‘USER_OAUTH_TOKEN_SECRET’) >>> requests.get(url, auth=auth)
For more information on how to OAuth flow works, please see the official OAuth website. For examples and documentation on requests-oauthlib, please see the requests_oauthlib repository on GitHub OAuth 2 and OpenID Connect Authentication The requests-oauthlib library also handles OAuth 2, the authentication mechanism underpinning OpenID Connect. See the requests-oauthlib OAuth2 documentation for details of the various OAuth 2 credential management flows:
- Web Application Flow
- Mobile Application Flow
- Legacy Application Flow
- Backend Application Flow
Other Authentication Requests is designed to allow other forms of authentication to be easily and quickly plugged in. Members of the open-source community frequently write authentication handlers for more complicated or less commonly-used forms of authentication. Some of the best have been brought together under the Requests organization, including:
Leave a Reply