I'm trying to get all project list from bit bucket, using username and app password. But getting 401 error.
I'm using atlasian python library for client connection, and below is the code.
bitbucket = Bitbucket(url='https://api.bitbucket.org',username="",password="")
data = bitbucket.project_list()
for data in data:
print(data)
Even tried with bitbucket user name and password still same.
Is there any way to generate key or something which can be used all the time not like oauth as it has expiration time.
You need to use App passwords as mentioned here
Using an app password
An app password is a substitute password for your user account, when authenticating with Bitbucket:
your Bitbucket username (not email) which can be found in the settings
the app password
Related
I am attempting to create a login tool for my work which will log me in to various sites that log me out after 3 minutes of inactivity. I have gotten it to work on a number of sites, but none have required an MFA token. I currently use Google Authenticator but can also use an email, or a couple different options. How would I go about getting that code programmatically to make my login process much faster? I am using Selenium as I need to use the webpage after I log into it. Here is my code thus far:
def loginsys():
driver = webdriver.Chrome('C:/path/to/chromedriver.exe')
driver.get('https://www.specifiedurl.com/login')
username = driver.find_element_by_id('txtUsername')
password = driver.find_element_by_id('txtPassword')
username.send_keys("myusername")
password.send_keys("mypassword")
driver.find_element_by_name('btnLogin').click()
### This is where I need to do MFA as it will not pull the next page without it
driver.get('https://www.specifiedurl.com/page/after/login')
Thoughts? (Obviously, this is not the url, nor is that my actual username or password)
Check the pyotp library. You can get the MFA key associated with google authentication as shown below.
from pyotp import *
# get the token from google authentication
totp = TOTP("your 16 character security token goes here")
token = totp.now()
print (token)
# now you can use token in your script
I'm using the Python requests library to make a call to an API that requires Windows Authentication. In C# I have always used the Directory Services, which has allowed me to avoid putting passwords in any of my code or configurations. From what I have found online, it seems that my only option in Python is to have a password somewhere. I have a service account that I will use, but I need to store the password securely. What is the best way to securely store and retrieve a service account password in Python without hard coding plain text?
The code that I am currently using is below. I have the username and password stored in plain text in my configuration:
auth = HttpNtlmAuth(
config.ServiceAccount["Username"],
config.ServiceAccount["Password"]
)
content = requests.post(call_string, json=parameters, auth=auth)
Edit: I should mention that this will not be a user-facing application. It will run as a batch job. So there will not be any way for a user to enter the username/password while running the application.
You could just not store the password at all and require the user to provide the password at runtime
import getpass
user = getpass.getuser()
password = getpass.getpass()
Otherwise, you could do something similar to git and just have the user store their password in plaintext in a config file in their home directory that you then read at runtime.
I know I asked this question a while ago, but I found a better solution to the NTLM/Windows authentication. I used the requests_negotiate_sspi library to avoid any passwords:
from requests_negotiate_sspi import HttpNegotiateAuth
auth = HttpNegotiateAuth()
content = requests.post(call_string, json=parameters, auth=auth)
Recently I started to get
requests.exceptions.HTTPError: 401 Client Error: Unauthorized for url: https://api.soundcloud.com/oauth2/token
using soundcloud (0.5.0) Python library.
It happens in
client = soundcloud.Client(client_id='id',
client_secret='secret',
username='user#mail.com',
password='passwd')
I double checked my credentials to make sure they are not the cause. I tried to get a Client instance from different IPs and different machines. At some random times during a day I can get a Client instance, but 99.99% of the day I get the error.
Does the error mean I was banned for some reason?
It may be helpful, I solved a similar problem by reading the username and password from the configuration file.
Try:
# config.ini
[my_app]
CLIENT_ID = enter_your_id
CLIENT_SECRET = enter_your_secret
USERNAME = enter_username
PASSWORD = enter_password
Install configparser from Python 3.8 for Python 2.6+: pip install configparser.
See the great documentation for more details.
import configparser
config = configparser.RawConfigParser()
config.read('config.ini')
my_id = config.get('my_app', 'CLIENT_ID')
my_secret = config.get('my_app', 'CLIENT_SECRET')
my_user = config.get('my_app', 'USERNAME')
my_pass = config.get('my_app', 'PASSWORD')
client = soundcloud.Client(client_id=my_id,
client_secret=my_secret,
username=my_user,
password=my_pass)
Probably you are using a third-party app to access your account,
in case you are using Gmail service for your purpose, consider allowing third-party apps to have access to your Gmail account, how are you going to do that:
Go to https://myaccount.google.com/security
Use Two-Step-Authentication and enable it.
Create an App Password, Select App > Mail | Select Device > Windows Computer.
And use the password given
And that should solve your issue.
I am trying to write a script on Python that fetches my friend list from facebook. To fetch data, I need to get the access token. I am using requests_oauthlib package to achieve the same. Since I am not writing a web application, I have not used local webserver(no redirect url). I choose to use Resource owner password credentials grant type. I am getting error.
This is my code:
from requests_oauthlib import OAuth2Session
from oauthlib.oauth2 import LegacyApplicationClient
FACEBOOK_APP_ID = '**********'
FACEBOOK_APP_SECRET = '*********'
username = 'Aman Mittal'
password = '****'
token_url = "https://graph.facebook.com/oauth/access_token"
oauth = OAuth2Session(client=LegacyApplicationClient(client_id=FACEBOOK_APP_ID))
oauth_access_token = oauth.fetch_token(token_url, client_secret=FACEBOOK_APP_SECRET,username=username, password=password, client_id=FACEBOOK_APP_ID)
When I run the script, it shows error - 'Missing access token parameter'
I went through traceback and realized that access token received is this:
{"error":{"message":"Missing redirect_uri parameter.","type":"OAuthException","code":191,"fbtrace_id":"CUSmQKT8YGb"}}
First of all, I don't understand while using Legacy Application client(Resource Owner password credentials grant type ), why do I need redirect uri?
If I do choose to start a webserver alongside using web.py or something else. How do I register it on Facebook? or Do I even need to?
PS. I am new to both Python and posting on Stack Overflow. Please try to explain with details and forgive me if I have committed any stupid mistake.
Facebook does not support the OAuth 2.0 Resource Owner Password Credentials grant type.
Toying around with Soundclouds SDK for Python with an impact of TKinter as GUI. Now I want to generate a access token for each user so that I could access more API-endpoints.
I have created an applicaton in Soundclouds Developer portal with a link to my callback.
There is nothing corresponding to generating a access token for an desktop application. Only for server-side application. I tried this code below:
import soundcloud
# create client object with app credentials
client = soundcloud.Client(client_id='YOUR_CLIENT_ID',
client_secret='YOUR_CLIENT_SECRET',
redirect_uri='REDIRECT_URL')
# redirect user to authorize URL
redirect client.authorize_url()
I have set my keys, and redirect_uri as the callback on my webserver. When I run my python file from the terminal, I get this:
File "token.py", line 9
redirect client.authorize_url()
^
SyntaxError: invalid syntax
Using Python 2.7.5+
What is causing this? I want to generete my access token and print in later on.
The solution might be that I need to create an instance of an web browser window, make the user accept the app using Soundcloud connect. The I grab the url and sort out the "code" in the url. Exchanges the code against an access-token and stores it inside a text-file. So that I could grab it later on.
A simple way of obtaining an access token is by first authenticating via the User Credentials flow, which exchanges your username and password for an access token:
client = soundcloud.Client(client_id = 'CLIENT_ID',
client_secret = 'CLIENT_SECRET',
username = 'USERNAME',
password = 'PASSWORD')
print client.access_token
try:
redirect(client.authorize_url())