0

I have a curl command that works perfectly fine and gives me a HTTP 200. 

curl -i -H "Authorization: Basic jadkfhjkafDSKJ12DD=" http://<ip>/LoadTest/rest/authentication-point/authenticate

The above API needs the authorization in base64 format and the details have to be passed as Headers. This is a GET request.

When I try to run the same in Python 2.7, I get Response [403]. Code below. 

import requests
headers = {'Authorization': 'Basic jadkfhjkafDSKJ12DD='}
authurl = "http://<ip>/LoadTest/rest/authentication-point/authenticate"
r = requests.get(authurl, headers=headers)
print r.status_code

What am I missing here? How should i pass the authorization values exactly like I passed in the curl command? I've tried multiple ways but still end up getting HTTP 403 always. Kindly guide.

sdgd
  • 723
  • 1
  • 17
  • 38
  • Wouldn't the easiest way to solve this to be capturing the network traffic and seeing what's different in your calls? – James Z Oct 22 '17 at 07:24
  • sure, How can I do that ? please suggest – sdgd Oct 22 '17 at 07:26
  • Did you try using google? – James Z Oct 22 '17 at 07:27
  • 1
    May be one of these pitfalls (from http://docs.python-requests.org/en/master/user/quickstart/): 1. Authorization headers set with headers= will be overridden if credentials are specified in .netrc, which in turn will be overridden by the auth= parameter. 2. Authorization headers will be removed if you get redirected off-host. – Timofey Chernousov Oct 22 '17 at 08:13
  • Thanks for the inputs Tim. After i made a few changes and add `session = requests.Session()` `session.trust_env = False`, i get HTTP 500 now – sdgd Oct 22 '17 at 08:31
  • Finally it worked, added the solution. Thanks all for your inputs – sdgd Oct 22 '17 at 08:35

1 Answers1

0

Thanks all for your inputs. This is the final solution. I found that there is proxy that is stopping the payload. So added the session to the request. 

import requests
session = requests.Session()
session.trust_env = False
headers = {'Authorization': 'Basic jadkfhjkafDSKJ12DD='}
authurl = "http://<ip>/LoadTest/rest/authentication-point/authenticate"
r = session.get(authurl, headers=headers)
print r.status_code

Setting the trust_env=False ignores the following:

  • Authentication information from .netrc (code)
  • CA bundles defined in REQUESTS_CA_BUNDLE or CURL_CA_BUNDLE (code)
sdgd
  • 723
  • 1
  • 17
  • 38