InfluxDB Unauthorized 401 - with localhost access - python

When try to write the data into influxDB using influxDB client. i am getting the below error. I was able to login to the influxDB web browser using http://localhost:8086 with the same credentials provided in the code. But facing with the unauthorized message when using python code. any help would be appreciated.
Error:
raise InfluxDBClientError(err_msg, response.status_code)
influxdb.exceptions.InfluxDBClientError: 401: {"code":"unauthorized","message":"Unauthorized"}
Code:
from influxdb import InfluxDBClient
from datetime import datetime
client = InfluxDBClient('localhost', 8086, 'username', 'password', 'bucket_name')
for row in df.iterrows():
influxJson = [
{
"measurement":"testing123",
"time" : datetime.utcnow().isoformat() + "Z",
"tags": {
'ResiliencyTier':'targetResiliencyTier',
'lob' : 'abcdefgh'
},
"fields": {
columns[0][0] : str(row[1][0]),
columns[1][0] : str(row[1][1]),
}
}
]
client.write_points(influxJson)
print("InfluxDB injection DONE")
startProcess()
Thanks

Error code 401 (unauthorized) can be avoided in dev env by enabling http access in influx config file:
[http]
# Determines whether HTTP endpoint is enabled.
enabled = true
genarally config file can be found at:
/etc/influxdb/influxdb.conf

Related

Auth with flask-socketio

I want to pass authorization headers from js client to the python code during the socketio connection. I am using SocketIo-client v.4 and flask-socketio v.5.
socketio client connection:
socket = io(`${config.apiUrl}/friendship`, {
autoConnect: true,
transportOptions: {
polling: {
extraHeaders: {"Authorization": "Bearer abc"},
},
}
}),
sample server python code:
class FriendshipNamespace(Namespace):
def on_connect(self):
print(request.headers) # no Authorization key
print(request.headers.get('Authorization')) # None
# join_room(self.room)
But I don't know why my backend doesn't receive this extraHeaders. What is the correct way to send the access token to the server?
Tell me if you need some additional info. Would be grateful for any help, thank you😄.
You are passing options in a format that was used in an older version of the socket.io client.
Example from the documentation:
import { io } from "socket.io-client";
const socket = io({
extraHeaders: {
"my-custom-header": "1234"
}
});
See the current documentation for the extraHeaders option.

Elasticsearch - Authentication error when check to see if index exist

I have my elastic search with cognito authentication enabled for kibana. This is working fine as expected.
In my python script I connect to elasticsearch by providing username/password in http_auth(), while creating the connection object. But when I attempt to check if an indices exist, am getting authentication error? Can someone please help. Heres the sample piece of code for your simulation please.
from __future__ import print_function
import json
import time
import urllib
import re
import sys
import requests
import base64
import time
from elasticsearch import Elasticsearch
from datetime import datetime
esEndpoint = ""
uname
pwd
indexName = 'index_1'
mappings_rds = {
"settings": {
"number_of_shards": 2,
"number_of_replicas": 1
},
"mappings": {
"properties" : {
"tableName": {
"type": "keyword"
},
"tableRows": {
"type": "integer"
},
"updatedTime": {
"type": "date",
"format":"date_optional_time||yyyy-MM-dd'T'HH:mm:ss"
},
"created_timestamp":{
"type": "date",
"format":"date_optional_time||yyyy-MM-dd'T'HH:mm:ss"
}
}
}
}
esClient = Elasticsearch([esEndPoint],http_auth=(uname,pwd))
try:
res = esClient.indices.exists(indexName)
print(res)
if res is False:
r = esClient.indices.create(indexName, body=mapping_rds, ignore=400)
return 1
except Exception as E:
print("Unable to Create Index {0}".format(indexName))
Thank you all for your comments. I had a call with AWS Support team regarding this. The issue was found to be the username & password that I had used. I was using the user credentials created using AWS Cognito. The AWS support team confirmed that the said credentials is only meant for Kibana access, and it cannot be used for connecting to Elasticsearch from databricks / python script.
More info available here: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-request-signing.html
Once I generate the access/secret keys, and use it from my python script, am able to connect to elasticsearch to create index.
Sharing a sample code for future reference:
session=boto3.session.Session(aws_access_key_id=akey, aws_secret_access_key=skey, region_name=region)
credentials = session.get_credentials()
awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, region, service, session_token=credentials.token)
print(credentials.access_key, credentials.secret_key, credentials.token)
es = Elasticsearch(
hosts = [{'host': esEndpoint, 'port': 443}],
http_auth = awsauth,
use_ssl = True,
verify_certs = True,
connection_class = RequestsHttpConnection
)
Thanks

Microsoft Graph API: Authorization_IdentityNotFound

I'm following the Get access without a user guide to write a Python script that will call Microsoft Graph.
This script will be scheduled from cron so it cannot get admin consent (therefore authorize using Client Credentials). I am able to successfully obtain a token using this call:
request_url = "https://login.microsoftonline.com/mytenant.onmicrosoft.com/oauth2/v2.0/token"
data = {
'Host' : 'login.microsoftonline.com',
'Content-Type' : 'application/x-www-form-urlencoded',
'client_id' : 'my-client-id-1234',
'scope' : 'https://graph.microsoft.com/.default',
'client_secret' : client_secret,
'grant_type' : 'client_credentials'
}
response = requests.post(url = request_url, data = data)
I then try to get a user listing with this call, using the valid token:
request_url = "https://graph.microsoft.com/v1.0/users"
headers = {
'Authorization' : 'Bearer ' + token,
'Host' : 'graph.microsoft.com'
}
response = requests.get(url = request_url, headers = headers)
The problem is that I get an Authorization_IdentityNotFound error:
<Response [401]>
{
"error": {
"code": "Authorization_IdentityNotFound",
"message": "The identity of the calling application could not be established.",
"innerError": {
"request-id": "2257f532-abc4-4465-b19f-f33541787e76",
"date": "2018-03-27T19:11:07"
}
}
}
These are the permissions I've selected:
Any idea how to fix this error?
For others running into this issue, I was also getting this error until found out the documentation omits a very important caveat:
For client credentials, if the app belongs to a work or school (organization) context then for https://login.microsoftonline.com/common/oauth2/token replace common with a tenantId or domain name
See
Authorization_IdentityNotFound on Microsoft Graph API request
First things first, you can go ahead an remove all those Delegated Permission scopes. If you're using the Client Credentials Grant, you will only be using Application Permission scopes.
Second, you need to execute the Admin Consent flow before you can use Client Credentials. This is done by having a Global Admin from the tenant authenticate and accept your scope request:
https://login.microsoftonline.com/common/adminconsent?client_id=[APPLICATION ID]&redirect_uri=[REDIRECT URI]
You can read more about Admin Consent here: v2 Endpoint and Admin Consent

Firebase custom auth token with debug set to true not being verbose

I am trying to get the verbosity level that the Admin Console Simulator gives but using python on a server. Using the firebase_token_generator suggested in the Firebase docs I wrote some tests.
from firebase_token_generator import create_token
create_token("<secret>", { "uid": "simplelogin:test" },
{ "debug": True, "simulate": True })
Running the token with curl results in the simple "Permission denied" error with no details about which rule failed.
$ curl https://<myapp>.firebaseio.com/.json?auth=<token>
{
"error" : "Permission denied"
}
To make sure that my secret key was correct and I was setting the options in the correct place I generated a token with admin set to true and it was successful.
create_token("<secret>", { "uid": "simplelogin:test" }, { "admin": True })
Why can't I get the verbosity level that is in the simulator?
You must be using a Firebase client library in order to receive verbose security rule logging when using a token with the debug flag set - whether that client be the JS client (Web or Node.js), ObjC (iOS or OS-X), or Java (Android or JVM). Alas, the REST API is not supported.

Bad request response from Google cloud messaging server, using urllib2

I have been trying to send messages to the GCM server using python urllib2. But it has been returning Error 400 (suggesting Malformed JSON). This is a very similar question to Google Cloud Messaging HTTP Error 400: Bad Request but I have already tried the solution provided there, which did not work for me.
Please find my code below
idarr = []
for obj in objects:
idarr.append(str(obj["gcid"]))
key = "AIzaxxxxxxL9xxxxxxxxxxxxxxxxxxxWbk"
data = { "registration_ids": idarr , "data": "on" }
data = json.dumps(data)
headers = {"Content-Type":"application/json","Authorization": "key="+key}
request = urllib2.Request('https://android.googleapis.com/gcm/send',data,headers )
f=urllib2.urlopen(request)
Also I am presenting here the json I am posting in the data field
{
"data": "on",
"registration_ids": [
"APA91bEPvyQuqRndnwZ94YxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxnmFVPy6nv4mPU5UyhDEZ7Jha9HnrV9nXQf25ojs8Hc_-Bw8-ElJ320koeL0PGL6hnWj0xuyltozoND_x",
"APA91bEPvyQxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxVPy6nv4mPU5UyhDEZ7Jha9HnrV9nXQf25ojs8Hc_-Bw8-ElJ320koeL0PGL6hnWj0xuyltozoND_x"
]
}

Categories