Getting Data In
Highlighted

Splunk: Python script to extract json data from API through OAUTH2 authentication

New Member

Hi All,

I am new to python script.

I have a requirement to extract json data in API through OAUTH2 authentication.

Following are the credentials which i got from API team,

API : https://abc.com/efg/
{"clientid":"6970.abcservice"}
{"scope":"read
abc writeabc"}
{"grant
type":"clientcredentials"}
{"client
secret":"adsfa122222"}
Token URL : https://xyz.com/oauth/ls/connect/token

I am getting access token error in python script.

Please find the code snippet,

It will be great help, if anyone can help me here.

t = requests.get('{}?response_type=code&client_id={}&redirect_uri={}'.format(AUTHORIZE_URL, CLIENT_ID, REDIRECT_URI))

print t

p = requests.get('https://hpdpvaluewalletintsvr.ciodev.accenture.com/ToolProvisioningReport/', headers={'Authorization': 'Bearer YOUR_ACCESS_TOKEN'})

print p

requests.post(
    ACCESS_TOKEN_URL,
    data={
        'grant_type': 'refresh_token',
        'client_id': CLIENT_ID,
        'client_secret': CLIENT_SECRET,
#        'refresh_token': 'YOUR_REFRESH_TOKEN'
        'redirect_uri': REDIRECT_URI
    }
)

**Error message:**
<Response [200]>
<Response [401]>
{"Message":"Authorization has been denied for this request."}
0 Karma
Highlighted

Re: Splunk: Python script to extract json data from API through OAUTH2 authentication

Path Finder

Hi @sujithushakumar,

Make sure you are reading the documentation for accessing this API very closely - just about every single API I have dealt with requires some minor tweak to my code.

The general flow goes as follows:
- Request (GET) an authorization code using clientid and clientsecret (sometimes additional fields are required as well, check documentation)
- The response to this request will include an authorization code embedded in the response URL, you can capture this with code in Python (it will come from one of the response fields, I believe the .text one)
- Send another request (POST) to the OAuth endpoint which will include your authorization code from the last step among other things. The specifics of what is required to be granted an access and refresh token depend on your service - check your documentation!

Some common gotchas:
- Make sure the application allows your redirect URI. Some applications have a strict list of allowed redirect URIs. Most online guides will tell you to use "localhost" for testing code. That is fine, but make sure the application you are accessing ALLOWS localhost as a redirect URI.
- Are you sure you don't need the "scope" value in your initial request? Consult the documentation on this API.
- Your 'Authorization' is not necessarily a Bearer token (but it probably is). You should check the documentation for which type of token the service is expecting.
- Sometimes the authorization code is passed in as one of your "data" fields and you provide a different "header" for authentication (like Authorization: Basic (base64 encoded string of clientid:clientsecret)

Looks like you're on the right path but you need to consult the documentation to figure the rest out. If you can share the service you're connecting to I can provide some more help, just let me know!

0 Karma
Highlighted

Re: Splunk: Python script to extract json data from API through OAUTH2 authentication

New Member

Thanks @pappjr .

I have consult the documentation and made the below changes to the program . It worked fine in Local Splunk 6.5.3 .

code_post = requests.post(
    ACCESS_TOKEN_URL,
    data={
        'grant_type': 'client_credentials',
        'scope': 'read_mywizard_automationstore write_mywizard_automationstore',
        'client_id': CLIENT_ID,
        'client_secret': CLIENT_SECRET
    }
)

print 'status of Token:', code_post.status_code

if code_post.status_code == 200:
    response = code_post.json()
    access_token=response['access_token']
    expires_in=response['expires_in']
    token_type=response['token_type']
#    print access_token
#    print expires_in
#    print token_type    


API = requests.get('https://hpdpvaluewalletintsvr.ciodev.accenture.com/ToolProvisioningReport/', headers={'Authorization': 'Bearer %s' % access_token})

print 'status of API:', API.status_code

But the sad part is the same program is not working in my PROD Splunk instance because of connection error.

Please find the error message attached and advise on this.

Once again Thank you so much for your help.alt text

0 Karma
Highlighted

Re: Splunk: Python script to extract json data from API through OAUTH2 authentication

Path Finder

Hi @sujithushakumar,

Based on the final "ConnectionError" message you're getting caused by "socket.gaierror" it looks like your production instance cannot resolve the IP address of the host.

If you try to ping that host (hpdpvaluewalletintsvr.ciodev.accenture.com) from your Splunk PRD instance command line, does it resolve to an IP? If not you probably need to fix your DNS configuration on that host OR worst-case scenario add the host you're trying to connect to to your /etc/hosts file.

Similar to this StackOverflow answer here: https://stackoverflow.com/questions/23777121/why-am-i-getting-socket-gaierror-errno-2-from-python-ht...

0 Karma
Highlighted

Re: Splunk: Python script to extract json data from API through OAUTH2 authentication

New Member

Thanks @pappjr .
You are right. Problem in the host, which is a internal so it could not resolve to an IP.

Hopefully i can resolve this issue , once i get a PROD API with a Public IP.

0 Karma
Highlighted

Re: Splunk: Python script to extract json data from API through OAUTH2 authentication

New Member

Thanks @pappjr

I have consulted the documentation and updated the program. Its working fine in my local Splunk 6.5.3 .
codepost = requests.post(
ACCESS
TOKENURL,
data={
'grant
type': 'clientcredentials',
'scope': 'read
mywizardautomationstore writemywizardautomationstore',
'client
id': CLIENTID,
'client
secret': CLIENT_SECRET
}
)

print 'status of Token:', code_post.status_code

if code_post.status_code == 200:
    response = code_post.json()
    access_token=response['access_token']
    expires_in=response['expires_in']
    token_type=response['token_type']
#    print access_token
#    print expires_in
#    print token_type    


API = requests.get('https://hpdpvaluewalletintsvr.ciodev.accenture.com/ToolProvisioningReport/', headers={'Authorization': 'Bearer %s' % access_token})

print 'status of API:', API.status_code

But the sad part is its not working in our PRD splunk instance because of connection issue.

Please find the error message screen shot in the attachment and advise on this.

once again Thanks allot!

alt text

0 Karma
Speak Up for Splunk Careers!

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.