Security

 View Only
  • 1.  How to access CP API via OAuth2

    Posted Jul 15, 2016 03:18 PM

    Another question:

    I'm trying to access the CP API to manage guest devices.

     

    Here is the code I'm trying to use (I'm just trying to get a simple list of devices to start):

    #!/local/web/.local/bin/python3.5
    
    import urllib.parse
    import httplib2
    import json
    
    http = httplib2.Http()
    
    url = 'https://server.example/api/oauth'
    body = { "grant_type": "client_credentials", "client_id" : "clrpassiowa", "client_secret" : "<SECRET>", "username" : "itsneg", "password" : "<PASSWDL>" }
    headers = { "Content-Type": "application/x-www-form-urlencoded" }
    
    response, content = http.request(url, 'POST', headers=headers, body=urllib.parse.urlencode(body))
    
    content_hash = json.loads((content.decode('utf-8')))
    
    headers = {"Authorization": 'Bearer ' + content_hash['access_token']}
    
    url = 'https://server.example/api/device?filter={}&sort=-id&offset=0&limit=25&calculate_count=false'
    
    response, content = http.request(url, 'GET', headers=headers)
    
    content_hash = json.loads((content.decode('utf-8')))
    
    print(response)
    print(content_hash)

    I createad an Operator Profile with "Full Access" to the API and assigned to the API Client, it appears I'm getting the access token, but when I make the second call I get the following response:

    {'date': 'Fri, 15 Jul 2016 19:11:57 GMT', 'content-length': '149', 'content-type': 'application/problem+json', 'server': 'Apache', 'status': '406', 'x-powered-by': 'PHP/5.6.19'}
    {'status': 406, 'type': 'http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html', 'title': 'Not Acceptable', 'detail': 'Cannot honor Accept type specified'}

    Any idea what I'm doing wrong ?

     

    Thanks

    -Neil

     



  • 2.  RE: How to access CP API via OAuth2
    Best Answer

    Posted Jul 17, 2016 10:54 AM

    I found out it wasn't a permissions issue after all. I simply was not sending an appropriate "Accept:" header.

    I had to modify 2nd headers assignment variable to read: 

    headers = {"Authorization": 'Bearer ' + content_hash['access_token'],"Accept": 'application/json'}
    
    

    And now I get my list of Devices.

     

    -Neil