Hitachi Content Platform​

 View Only

 HCP Anywhere API - Get Access Token Using Python

  • Object Storage
  • Hitachi Content Platform HCP
  • Hitachi Content Platform HCP Anywhere
John Devoy's profile image
John Devoy posted 01-04-2019 02:04

I am trying to use Python to generate an Access Token for HCP Anywhere.  I have created the following curl command and can successfully generate a token

curl https://hcp-aw-e.devmac.local/fss/public/login/oauth -ku "user:passwork" \

    -H "Content-Type: application/x-www-form-urlencoded" \

    -H "Accept: application/json" \

    -H "X-HCPAW-FSS-API-VERSION: 4.0.0" \

    -d "grant_type=urn:hds:oauth:negotiate-client"

I created the following Python 3 script to accomplish the same thing using the pycurl library and I am getting a 400 error.

import json

import pycurl

import urllib

USER = "user"

PASSWD = "password"

data = urllib.parse.urlencode({

    'grant_type': ['urn', 'hds', 'oauth', 'negotiate-client']

})

c = pycurl.Curl()

c.setopt(c.URL, https://hcp-aw-e.devmac.local/fss/public/login/oauth )

c.setopt(c.USERPWD, USER + ':' + PASSWD)

c.setopt(c.HTTPHEADER, ["Accept: application/json"])

c.setopt(c.HTTPHEADER, ["X-HCPAW-FSS-API-VERSION: 4.0.0"])

c.setopt(c.HTTPHEADER, ["Content-Type: application/x-www-form-urlencoded"])

c.setopt(pycurl.POSTFIELDS, data)

c.setopt(pycurl.SSL_VERIFYPEER, 0)

c.setopt(pycurl.SSL_VERIFYHOST, 0)

c.perform()

print (c.getinfo(c.RESPONSE_CODE))

c.close()

I think the issue is with the way am sending the oauth grant type data.  I have tried several different syntax options but can not get it to work.  

Any advice is greatly appreciated.


#HitachiContentPlatformHCP
#HitachiContentPlatformHCPAnywhere
Thorsten Simons's profile image
Thorsten Simons posted 01-07-2019 15:03

Hey John,

I'd suggest to stay away from pyCurl - I think it's a really over-complicated mess (mapping C semantics to Python isn't a really clever approach ;-)

Use the Requests package instead - it's a much better fit...

It's more or less like this:

import requests

from collections import OrderedDict

from json import dumps

session = requests.Session()

session.verify = False

session.headers.update({'Accept': 'application/json', 'Content-Type': 'application/json'})

session.headers.update({'X-HCPAW-FSS-API-VERSION': 'whateverAPIversion'})

auth = OrderedDict([('username', 'myuser),

                                   ('password', 'mypassword'),

                                   ('grant_type', 'urn:hds:oauth:negotiate-client')])

r = self.session.post('https://aw.domain.com/fss/public/login/oauth',

                                   data=dumps(auth))

if r.status_code == 200:

          rr = r.json()

          api = sorted(r.headers['X-HCPAW-SUPPORTED-FSS-API-VERSIONS'].split(','), reverse=True)[0]

          session.headers.update({'X-HCPAW-FSS-API-VERSION': api,

                                        'Authorization': '{} {}'.format(rr['token_type'], rr['access_token'])})

Now you have the required auth token in the session header and you can continue with other calls using that session without thinking about it at all ;-)

For more details have a look at the awftp code...

(Forget about the SAML auth code in there, it doesn't work with actual AW versions.)

/Thorsten

Related Content