simple python oAuth 1.0 example with consumer key and secret

As roman already said, this is an old question, but there still are some APIs out there which are OAuth 1.0a (One Leg) - protected and today I spent a couple of hours finding a working solution for accessing such an API.

I hope, the solution might come handy for next one to face similar task.

My solution is based on roman's answer. Many thanks @roman!!

The default-response of the API that I wanted to access was in XML, therefore I needed a way to set request headers. It's pretty simple to do actually, if you know how.

from requests_oauthlib import OAuth1Session

CONSUMER_KEY = ""
CONSUMER_SECRET = ""

host = "rest.host.de"
uri = "/restapi/api/search/v1.0/statistic?geocode=1276001039"

oauthRequest = OAuth1Session(CONSUMER_KEY,
                    client_secret=CONSUMER_SECRET)

url = 'https://' + host + uri

headers = {
        'Accept': "application/json",
        'Accept-Encoding': "gzip, deflate",
    }

response = oauthRequest.get(url, headers=headers)

print(response.status_code)
print(response.content)

If you're looking for a client with which to connect to your server with I can recommend rauth. There's a number of examples demonstrating both OAuth 1.0/a and 2.0.


This is a working example using requests_oauthlib

from requests_oauthlib import OAuth1Session
test = OAuth1Session('consumer_key',
                    client_secret='XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX')
url = 'https://one-legged-ouath.example.com/username/test'
r = test.get(url)
print r.content

I know this is an old question, but the accepted answer really doesn't address his question, since as the OP notes, none of the examples pertain to just using the key and secret, sans token.

It sounds as if you're using what I understand is referred to as OAuth 1.0a (One Leg), although some refer to it as OAuth 1.0a Two-legged.

I haven't tested this but there appears to be a pretty good example here:

https://github.com/CarmaSys/CarmaLinkAPI/wiki/Authentication-&-Permissions

There is another good example here:

https://stackoverflow.com/a/12710408/2599534


I'm adding this OAuth 1.0a (one-legged) example with a POX post body. This is a simple example using a request/post/response with a "Plain Old XML" (POX) body:

from requests_oauthlib import OAuth1Session
   
CONSUMER_KEY = "xxxxxxx"
CONSUMER_SECRET = "xxxxxxx"

ourSession = OAuth1Session(CONSUMER_KEY, client_secret=CONSUMER_SECRET, force_include_body=True)

body= '<?xml version="1.0" encoding="UTF-8"?>' \
   '<POXEnvelopeRequest xmlns="http://whateve">' \
   '<POXHeader>' \
   ' <RequestHeaderInfo>' \
      .   .   .   .
   ' </RequestHeaderInfo>' \
   '</POXHeader>'   \
   '</POXEnvelopeRequest>'

clen = str(len(body))

headers = {
 'Accept': '*/*',
 'Accept-Encoding': 'gzip, deflate, br',
 'Host': 'X.Y.com',
 'Content-Type': 'application/xml',
 'Connection': 'keep-alive',
 'Content-Length': clen
}

r = ourSession.post(url, headers=headers, data=body, verify=False)

# DEBUG: Comment out in and out as needed... 
print("===================== B E G I N    R E S P O N S E =======================\n")
print(r)
print(r.text)
print("===================== E N D    of  R E S P O N S E =======================\n")

[python][oAuth1.0a][one-legged][two-legged]

Tags:

Python

Oauth