Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk: Python script to extract json data from API through OAUTH2 authentication

sujith_usha_kum
Explorer
‎05-30-2017 04:55 AM

Hi All,

I am new to python script.

I have a requirement to extract json data in API through OAUTH2 authentication.

Following are the credentials which i got from API team,

API : https://abc.com/efg/
{"client_id":"6970.abcservice"}
{"scope":"read_abc write_abc"}
{"grant_type":"client_credentials"}
{"client_secret":"adsfa122222"}
Token URL : https://xyz.com/oauth/ls/connect/token

I am getting access token error in python script.

Please find the code snippet,

It will be great help, if anyone can help me here.

t = requests.get('{}?response_type=code&client_id={}&redirect_uri={}'.format(AUTHORIZE_URL, CLIENT_ID, REDIRECT_URI))

print t

p = requests.get('https://hpdpvaluewalletintsvr.ciodev.accenture.com/ToolProvisioningReport/', headers={'Authorization': 'Bearer YOUR_ACCESS_TOKEN'})

print p

requests.post(
    ACCESS_TOKEN_URL,
    data={
        'grant_type': 'refresh_token',
        'client_id': CLIENT_ID,
        'client_secret': CLIENT_SECRET,
#        'refresh_token': 'YOUR_REFRESH_TOKEN'
        'redirect_uri': REDIRECT_URI
    }
)

**Error message:**
<Response [200]>
<Response [401]>
{"Message":"Authorization has been denied for this request."}
0 Karma
Reply

Rdoggala
Loves-to-Learn Lots
‎08-22-2020 10:31 PM

Hi Sujit,

 

am new to splunk and python.

my requirement is get dashborad report from the splunk api using python scripts.

could you please help me , how can i get it.

what are pre requisites?

how can i authenticate token?

how can i get rest api link?

how can i  get localhost, port details?

please help on those, it would great for me?

0 Karma
Reply

thambisetty
SplunkTrust
SplunkTrust
‎08-23-2020 11:42 AM

Hi @Rdoggala 

Please post your question as new. You question may not be answered if you post like this.

and the subject is different and the one you asked is different.

————————————
If this helps, give a like below.
0 Karma
Reply

sujith_usha_kum
Explorer
‎06-01-2017 10:44 PM

Thanks @pappjr

I have consulted the documentation and updated the program. Its working fine in my local Splunk 6.5.3 .
code_post = requests.post(
ACCESS_TOKEN_URL,
data={
'grant_type': 'client_credentials',
'scope': 'read_mywizard_automationstore write_mywizard_automationstore',
'client_id': CLIENT_ID,
'client_secret': CLIENT_SECRET
}
)

print 'status of Token:', code_post.status_code

if code_post.status_code == 200:
    response = code_post.json()
    access_token=response['access_token']
    expires_in=response['expires_in']
    token_type=response['token_type']
#    print access_token
#    print expires_in
#    print token_type    


API = requests.get('https://hpdpvaluewalletintsvr.ciodev.accenture.com/ToolProvisioningReport/', headers={'Authorization': 'Bearer %s' % access_token})

print 'status of API:', API.status_code

But the sad part is its not working in our PRD splunk instance because of connection issue.

Please find the error message screen shot in the attachment and advise on this.

once again Thanks allot!

alt text

Preview file
1 KB
0 Karma
Reply

sujith_usha_kum
Explorer
‎06-01-2017 10:32 PM

Thanks @pappjr .

I have consult the documentation and made the below changes to the program . It worked fine in Local Splunk 6.5.3 . 

code_post = requests.post(
    ACCESS_TOKEN_URL,
    data={
        'grant_type': 'client_credentials',
        'scope': 'read_mywizard_automationstore write_mywizard_automationstore',
        'client_id': CLIENT_ID,
        'client_secret': CLIENT_SECRET
    }
)

print 'status of Token:', code_post.status_code

if code_post.status_code == 200:
    response = code_post.json()
    access_token=response['access_token']
    expires_in=response['expires_in']
    token_type=response['token_type']
#    print access_token
#    print expires_in
#    print token_type    


API = requests.get('https://hpdpvaluewalletintsvr.ciodev.accenture.com/ToolProvisioningReport/', headers={'Authorization': 'Bearer %s' % access_token})

print 'status of API:', API.status_code

But the sad part is the same program is not working in my PROD Splunk instance because of connection error.

Please find the error message attached and advise on this.

Once again Thank you so much for your help.alt text

Preview file
1 KB
0 Karma
Reply

pappjr
Path Finder
‎06-02-2017 08:34 AM

Hi @sujith_usha_kumar,

Based on the final "ConnectionError" message you're getting caused by "socket.gaierror" it looks like your production instance cannot resolve the IP address of the host.

If you try to ping that host (hpdpvaluewalletintsvr.ciodev.accenture.com) from your Splunk PRD instance command line, does it resolve to an IP? If not you probably need to fix your DNS configuration on that host OR worst-case scenario add the host you're trying to connect to to your /etc/hosts file.

Similar to this StackOverflow answer here: https://stackoverflow.com/questions/23777121/why-am-i-getting-socket-gaierror-errno-2-from-python-ht...

0 Karma
Reply

sujith_usha_kum
Explorer
‎06-13-2017 04:28 AM

Thanks @pappjr .
You are right. Problem in the host, which is a internal so it could not resolve to an IP.

Hopefully i can resolve this issue , once i get a PROD API with a Public IP.

0 Karma
Reply

pappjr
Path Finder
‎06-01-2017 06:58 PM

Hi @sujith_usha_kumar,

Make sure you are reading the documentation for accessing this API very closely - just about every single API I have dealt with requires some minor tweak to my code.

The general flow goes as follows:
- Request (GET) an authorization code using client_id and client_secret (sometimes additional fields are required as well, check documentation)
- The response to this request will include an authorization code embedded in the response URL, you can capture this with code in Python (it will come from one of the response fields, I believe the .text one)
- Send another request (POST) to the OAuth endpoint which will include your authorization code from the last step among other things. The specifics of what is required to be granted an access and refresh token depend on your service - check your documentation!

Some common gotchas:
- Make sure the application allows your redirect URI. Some applications have a strict list of allowed redirect URIs. Most online guides will tell you to use "localhost" for testing code. That is fine, but make sure the application you are accessing ALLOWS localhost as a redirect URI.
- Are you sure you don't need the "scope" value in your initial request? Consult the documentation on this API.
- Your 'Authorization' is not necessarily a Bearer token (but it probably is). You should check the documentation for which type of token the service is expecting.
- Sometimes the authorization code is passed in as one of your "data" fields and you provide a different "header" for authentication (like Authorization: Basic (base64 encoded string of client_id:client_secret)

Looks like you're on the right path but you need to consult the documentation to figure the rest out. If you can share the service you're connecting to I can provide some more help, just let me know!

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...