以下是使用cURL和Python进行授权和调用API的完整示例
cURL
1. 授权
您已收到类似以下的访问数据:
Username: johndoe
Password: zznAQOoWyj8uuAgq
Consumer Key: ggczWttBWlTjXCEtk3Yie_WJGEIa
Consumer Secret: uuzPjjJykiuuLfHkfgSdXLV98Ciga
你可以用curl这样调用:
curl -k -d "grant_type=password&username=Username&password=Password" \
-H "Authorization: Basic Base64(consumer-key:consumer-secret)" \
https://somedomain.test.com/token
或者对于这种情况,它将是:
curl -k -d "grant_type=password&username=johndoe&password=zznAQOoWyj8uuAgq" \
-H "Authorization: Basic zzRjettzNUJXbFRqWENuuGszWWllX1iiR0VJYTpRelBLZkp5a2l2V0xmSGtmZ1NkWExWzzhDaWdh" \
https://somedomain.test.com/token
答案应该如下:
{
"access_token": "zz8d62zz-56zz-34zz-9zzf-azze1b8057f8",
"refresh_token": "zzazz4c3-zz2e-zz25-zz97-ezz6e219cbf6",
"scope": "default",
"token_type": "Bearer",
"expires_in": 3600
}
2. 调用 API
下面是如何调用使用上述认证的某些 API。 Limit
和 offset
只是 API 可能实现的 2 个参数示例。
你需要在 "Bearer "
后插入上述获取的 access_token
。因此,以下是如何使用上述认证数据调用某些 API 的方法:
curl -k -X GET "https://somedomain.test.com/api/Users/Year/2020/Workers?offset=1&limit=100" -H "accept: application/json" -H "Authorization: Bearer zz8d62zz-56zz-34zz-9zzf-azze1b8057f8"
Python
以下为使用Python实现与上述代码相同的功能。我将文本放在注释中,以便可以复制粘贴代码。
import base64
import requests
username = 'johndoe'
password= 'zznAQOoWyj8uuAgq'
consumer_key = 'ggczWttBWlTjXCEtk3Yie_WJGEIa'
consumer_secret = 'uuzPjjJykiuuLfHkfgSdXLV98Ciga'
consumer_key_secret = consumer_key+":"+consumer_secret
consumer_key_secret_enc = base64.b64encode(consumer_key_secret.encode()).decode()
headersAuth = {
'Authorization': 'Basic '+ str(consumer_key_secret_enc),
}
data = {
'grant_type': 'password',
'username': username,
'password': password
}
response = requests.post('https://somedomain.test.com/token', headers=headersAuth, data=data, verify=True)
j = response.json()
{
"access_token": "zz8d62zz-56zz-34zz-9zzf-azze1b8057f8",
"refresh_token": "zzazz4c3-zz2e-zz25-zz97-ezz6e219cbf6",
"scope": "default",
"token_type": "Bearer",
"expires_in": 3600
}
headersAPI = {
'accept': 'application/json',
'Authorization': 'Bearer '+j['access_token'],
}
params = (
('offset', '0'),
('limit', '20'),
)
response = requests.get('https://somedomain.test.com/api/Users/Year/2020/Workers', headers=headersAPI, params=params, verify=True)
api_response = response.json()
Traceback (most recent call last): File "bearerreturn.py", line 6, in <module> print requests.post(endpoint,data=data,headers=headers).json() TypeError: 'dict' object is not callable
下面是代码:`import requests endpoint = "https://xforce-api.mybluemix.net:443/api/ip" data = {"ip":"1.1.2.3"} headers = {"Bearer token":"TOKEN WAS INSERTED HERE"}print requests.post(endpoint,data=data,headers=headers).json()`有什么想法吗? - user4657json
是一个字典而不是函数requests.post(...).json
... 不要这样调用 - Joran Beasley{u'error': u'Not authorized. Access is only allowed via https://exchange.xforce.ibmcloud.com/#/'}
这与我在浏览器中直接访问URL的情况相同。我是否遗漏了令牌或端点配置的方式?代码:import requests endpoint = "https://xforce-api.mybluemix.net:443/ipr/" data = {"ip":"1.1.2.3"} headers = {"Bearer token":"TOKEN_HERE"} print requests.post(endpoint,data=data,headers=headers).json()
- user4657{u'error': u'Not found.'}
代码:`import requests endpoint = "https://xforce-api.mybluemix.net:443/ipr/" data = {"ip":"8.8.8.8"} headers = {"Authorization":"Bearer REALLY_LONG_TOKEN_HERE"}print requests.post(endpoint,data=data,headers=headers).json()`API文档在这里:https://xforce-api.mybluemix.net/doc/#!/Authentication/auth_anonymousToken_get非常感谢您迄今为止的帮助!Joran,真的非常感激。 - user4657