[Koha-devel] help: // Koha rest api error (401)

Kevin Carnes kevin.carnes at ub.lu.se
Wed Mar 8 16:42:59 CET 2023 

Hi Esharat,

I suspect that the issue is the Requests library. It will remove your authorization headers in certain cases (https://docs.python-requests.org/en/latest/user/quickstart/#custom-headers).

It's possible that you're being redirected. Try adding "print(response.url)" at the end to see the final URL. This is the URL that you should be using with your request. If it's different enough that Requests thinks it's another host, it will strip the the authorization headers.

Otherwise, if you have a .netrc file, you can create a new authorization class:
class BearerAuth(requests.auth.AuthBase):
    def __init__(self, access_token):
        self.access_token = access_token

    def __call__(self, r):
        r.headers["Authorization"] = f"Bearer {self.access_token}"
        return r

Then you can use "response = requests.get(url, auth=BearerAuth(access_token))"

Another option is to use a session and disable trust_env:
s = requests.Session()
s.trust_env = False
response = s.get(url, headers=auth2)

Best regards,
Kevin



________________________________
Från: Koha-devel <koha-devel-bounces at lists.koha-community.org> för Eric Phetteplace <ephetteplace at cca.edu>
Skickat: den 7 mars 2023 18:16
Till: Esharat Mia; koha-devel
Ämne: ***SPAM*** Re: [Koha-devel] help: // Koha rest api error (401)

Hi Esharat,

You should keep the listserv copied on replies so others can see the conversation, learn from it, or respond.

I don't know what the issue could be then. Are you performing the same requests from the RESTer extension, as in first getting a token and then using it in an authorization header? Small note, 443 isn't a subdomain, it's a port number. Your request would look like:

response = requests.get(f"https://{mydomain}:443/api/v1/quotes", headers=auth2)

but it is also more likely to be 8443 if your HTTP port is 8080. But if the RESTer client works with whatever you're doing, then the ports are not the issue.

As I said, your code works for me as written, and if another client successfully requests something from your server then it is configured correctly. If you are not sharing the exact code you're running, that might help, or if you show the actual response data (a 401 should still have some data encoded in it) or any error stack traces.

Best,

ERIC PHETTEPLACE Systems Librarian, Libraries (he/him)

ephetteplace at cca.edu<mailto:ephetteplace at cca.edu>

[https://media.cca.edu/images/cca-logotype-394.original.png]

CCA is situated on the traditional unceded lands of the Chochenyo and Ramaytush Ohlone peoples.

Black-owned bookstores in Oakland: Ashay by the Bay<https://ashaybythebay.com/>, Marcus Books<https://www.facebook.com/marcus.books/>

:(){ :|: & };:


On Tue, Mar 7, 2023 at 9:04 AM Esharat Mia <esharat at esharat.me<mailto:esharat at esharat.me>> wrote:
Dear Phetteplace,
Hope you are well. Thank you so much for your response.
 I tried with 443 with sub domain. But I faced same issues. For your kind information, I tested my api using RESTer chrome extension, it worked. I enable all api setting from koha adminstration. Need any editional configuration in server side?


---- On Tue, 07 Mar 2023 22:56:23 +0600 ephetteplace at cca.edu<mailto:ephetteplace at cca.edu> wrote ----

Hi Esharat,

Your code should work but it has a few things that don't make sense.

Are you sure you have the setting "RESTOAuth2ClientCredentials" on your Koha? That is one guess.

My other thought is that you are requesting an HTTPS resource from a URL on port 8080. This looks like you might be running Koha locally; usually, HTTP requests are to port 80 and HTTPS to 443 and when you run things locally those are often shifted up eight thousand spots to 8080 and 8443. So basically—are you sure your server sends HTTPS responses on port 8080? Are you able to load https://{mydomain}:8080<https://%7Bmydomain%7D:8080> in a browser? You said you're getting a 401 error, which means you're get a response, so this seems unlikely to be the problem (you would see a connection error and not receive a response if it was).

I was able to test successfully with your code so I don't necessarily think these are issues either, but there are a few pieces that don't make sense. The HTTPS connection that's initialized at the top is never used. As far as I know, the requests library doesn't magically pick up an existing connection and use it, nor is this necessary (requests will make a connection for you). Also, your second request uses a "content-type: application/json" HTTP header but it is a GET request, content-type is a header for the type of data you're sending but GET requests do not send anything. You probably meant to have an "accept: application/json" header instead. But again, I tried on our instance with that code and Koha did not seem to mind.

Best,

ERIC PHETTEPLACE Systems Librarian, Libraries (he/him)

ephetteplace at cca.edu<mailto:ephetteplace at cca.edu>

[https://webmail.lu.se/owa/]

CCA is situated on the traditional unceded lands of the Chochenyo and Ramaytush Ohlone peoples.

Black-owned bookstores in Oakland: Ashay by the Bay<https://ashaybythebay.com/>, Marcus Books<https://www.facebook.com/marcus.books/>

:(){ :|: & };:


On Tue, Mar 7, 2023 at 12:59 AM Esharat Mia <esharat at esharat.me<mailto:esharat at esharat.me>> wrote:
Dear All,
Hope this email finds you well. I am facing a error koha rest api , I explained below -
I use the below code base for the koha rest api . When I check the bywater koha demo site's rest api, it's working fine but When I checked my demo koha site, getting authentication error(401)
I entered the correct client id and secret ssl certificate installed correctly. My api worked properly using the chrome RESTer tool. Thanks in advance .

import requests
import json
import os
from requests.structures import CaseInsensitiveDict
import http.client
conn = http.client.HTTPSConnection("http://123.49.46.157:8080/")

#from dotenv import load_dotenv

#load_dotenv()
data = {
"client_id": "e877bce0-78bc-4d39-a0c1-2df7fccb1397",
"client_secret": "461cda1a-665d-4d24-a0e0-dace5f83a1f4",
"grant_type": "client_credentials",

}

response = requests.post<http://requests.post>("http://123.49.46.157:8080/api/v1/oauth/token", data=data)

credentials = response.json()
print(credentials)
access_token = credentials['access_token']
print("Access_token: ",access_token)
#auth2 = CaseInsensitiveDict()
auth2={"content-type":"application/json","authorization": f"Bearer {access_token}"}

print(auth2)
response = requests.request("GET", "http://123.49.46.157:8080/api/v1/patrons", headers=auth2
)

print(response)

Regrads,
Esharat Mia


_______________________________________________
Koha-devel mailing list
Koha-devel at lists.koha-community.org<mailto:Koha-devel at lists.koha-community.org>
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
website : https://www.koha-community.org/
git : https://git.koha-community.org/
bugs : https://bugs.koha-community.org/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20230308/baec973f/attachment-0001.htm>

More information about the Koha-devel mailing list