I want to invoke PowerBI rest api calls to upload pbix files from local/specific repository.
How should I generate bearer token for authorization from Postman?
Will this rest api call work to generateToken?
What needs to passed as authorization token for this rest call?
Does myorg is the PowerBI account name? from where can I fetch the myorg value?
POST https://api.powerbi.com/v1.0/myorg/GenerateToken
Below are few more calls that I want to invoke through postman:
GET https://api.powerbi.com/v1.0/myorg/imports
GET https://api.powerbi.com/v1.0/myorg/reports/{reportId}
and few post calls also.
What will be a quick solution for generating token?
You can use this function to request access
it is necessary to create the Client ID in azure
https://learn.microsoft.com/en-us/power-bi/developer/embedded/register-app?tabs=customers%2CAzure
application_id= 'None'
application_secret= 'None'
user_id= 'None'
user_password= 'None'
accessToken = None
requestHeaders = None
tokenExpiry = None
accessToken_AD = None
requestHeaders_AD = None
tokenExpiry_AD = None
def pbi_auth(application_id,application_secret,user_id,user_password):
global accessToken
global requestHeaders
global tokenExpiry
data = {
'grant_type': 'password',
'scope': 'openid',
'resource': "https://analysis.windows.net/powerbi/api",
'client_id': application_id,
'client_secret': application_secret,
'username': user_id,
'password': user_password
}
token = requests.post("https://login.microsoftonline.com/common/oauth2/token", data=data)
assert token.status_code == 200, "Fail to retrieve token: {}".format(token.text)
#print("Got access token: ")
#print(token.json())
accessToken = token.json()['access_token']
requestHeaders= {
'Content-Type': 'application/json; charset=utf-8',
'Authorization': "Bearer {}".format(accessToken)
}
pbi_auth(application_id,application_secret,user_id,user_password)
reportId= ""
URI = "https://api.powerbi.com/v1.0/myorg/reports/{}".format(reportId)
queryResults = requests.get(URI, headers=requestHeaders)
Related
Okay, so after a user logs in, I want to get their profile data. So the way I tried doing that was via boto3.client('cognito-idp').get_user but it keeps returning:
NotAuthorizedException: An error occurred (NotAuthorizedException) when calling the GetUser operation: Access Token does not have required scopes
To my knowledge, I have put every single built in Cognito scope and I am unsure why it is not working. Any help would be appreciated!
My Auth Script
scope = request.args.get(
'scope',
'email phone profile openid')
sumukey = make_session(scope=scope.split(' '))
authorization_url, state = sumukey.authorization_url(AUTHORIZATION_BASE_URL)
session['oauth2_state'] = state
return redirect(authorization_url)
My Return
sumukey = make_session(state=session.get('oauth2_state'))
token = sumukey.fetch_token(
TOKEN_URL,
client_secret=OAUTH2_CLIENT_SECRET,
authorization_response=request.url)
session['oauth2_token'] = token
return redirect(url_for('.index'))
Current Attempt to get data
client = boto3.client('cognito-idp')
response = client.get_user(
AccessToken=session['oauth2_token']['access_token']
)
return str(jsonify(response))
make_session
return OAuth2Session(
scope=scope,
client_id=OAUTH2_CLIENT_ID,
token=token,
state=state,
redirect_uri=OAUTH2_REDIRECT_URI,
auto_refresh_kwargs={
'client_id': OAUTH2_CLIENT_ID,
'client_secret': OAUTH2_CLIENT_SECRET,
},
auto_refresh_url=TOKEN_URL,
token_updater=token_updater)
I read the documentation yesterday and done some coding with python to fetch data in the following way. It's working fine.
import logging as log
import adal
import requests
import json
import datetime
from pprint import pprint
# Details of workspace. Fill in details for your workspace.
resource_group = 'Test'
workspace = 'FirstMyWorkspace'
# Details of query. Modify these to your requirements.
query = "Type=*"
end_time = datetime.datetime.utcnow()
start_time = end_time - datetime.timedelta(hours=24)
num_results = 2 # If not provided, a default of 10 results will be used.
# IDs for authentication. Fill in values for your service principal.
subscription_id = '{subscription_id}'
tenant_id = '{tenant_id}'
application_id = '{application_id}'
application_key = '{application_key}'
# URLs for authentication
authentication_endpoint = 'https://login.microsoftonline.com/'
resource = 'https://management.core.windows.net/'
# Get access token
context = adal.AuthenticationContext('https://login.microsoftonline.com/' + tenant_id)
token_response = context.acquire_token_with_client_credentials('https://management.core.windows.net/', application_id, application_key)
access_token = token_response.get('accessToken')
# Add token to header
headers = {
"Authorization": 'Bearer ' + access_token,
"Content-Type": 'application/json'
}
# URLs for retrieving data
uri_base = 'https://management.azure.com'
uri_api = 'api-version=2015-11-01-preview'
uri_subscription = 'https://management.azure.com/subscriptions/' + subscription_id
uri_resourcegroup = uri_subscription + '/resourcegroups/'+ resource_group
uri_workspace = uri_resourcegroup + '/providers/Microsoft.OperationalInsights/workspaces/' + workspace
uri_search = uri_workspace + '/search'
# Build search parameters from query details
search_params = {
"query": query,
"top": num_results
}
# Build URL and send post request
uri = uri_search + '?' + uri_api
response = requests.post(uri, json=search_params,headers=headers)
# Response of 200 if successful
if response.status_code == 200:
# Parse the response to get the ID and status
data = response.json()
if data.get("__metadata", {}).get("resultType", "") == "error":
log.warn("oms_fetcher;fetch_job;error: " + ''.join('{}={}, '.format(key, val) for key, val in
data.get("error", {}).items()))
else:
print data["value"]
search_id = data["id"].split("/")
id = search_id[len(search_id)-1]
status = data["__metadata"]["Status"]
print status
# If status is pending, then keep checking until complete
while status == "Pending":
# Build URL to get search from ID and send request
uri_search = uri_search + '/' + id
uri = uri_search + '?' + uri_api
response = requests.get(uri, headers=headers)
# Parse the response to get the status
data = response.json()
status = data["__metadata"]["Status"]
print id
else:
# Request failed
print (response.status_code)
response.raise_for_status()
Today I went to the same webpage that I have followed yesterday but there is a different documentation today. So do I need to follow the new documentation? I tried new documentation too but got into an issue
url = "https://api.loganalytics.io/v1/workspaces/{workspace_id}/query"
headers = {
"X-Api-Key": "{api_key}",
"Content-Type": 'application/json'
}
search_param = {
}
res = requests.post(url=url, json=search_param, headers=headers)
print res.status_code
print res.json()
{u'error': {u'innererror': {u'message': u'The given API Key is not
valid for the request', u'code': u'UnsupportedKeyError'}, u'message':
u'Valid authentication was not provided', u'code':
u'AuthorizationRequiredError'}}
Here is the link to documentation
The api_key is not oms primary key on Portal. You could check example in this link. The token should like below:
Authorization: Bearer <access token>
So, you need modify X-Api-Key": "{api_key} to Authorization: Bearer <access token>.
You need create a service principal firstly, please check this link.
Then, you could use the sp to get token, please check this link.
Note: You could your code to get token, but you need modify the resource to https://api.loganalytics.io. Like below:
# Get access token
context = adal.AuthenticationContext('https://login.microsoftonline.com/' + tenant_id)
token_response = context.acquire_token_with_client_credentials('https://api.loganalytics.io', application_id, application_key)
access_token = token_response.get('accessToken')
# Add token to header
headers = {
"Authorization": 'Bearer ' + access_token,
"Content-Type": 'application/json'
}
Working Prototype to Query OMS or Log Analytic workspace.
import adal
import requests
import json
import datetime
from pprint import pprint
# Details of workspace. Fill in details for your workspace.
resource_group = 'xxx'
workspace = 'xxx'
workspaceid = 'xxxx'
# Details of query. Modify these to your requirements.
query = "AzureActivity | limit 10"
# IDs for authentication. Fill in values for your service principal.
subscription_id = 'xxxx'
# subscription_id = 'xxxx'
tenant_id = 'xxxx'
application_id = 'xxxx'
application_key = 'xxxxx'
# Get access token
context = adal.AuthenticationContext('https://login.microsoftonline.com/' + tenant_id)
token_response = context.acquire_token_with_client_credentials('https://api.loganalytics.io', application_id, application_key)
access_token = token_response.get('accessToken')
# Add token to header
headers = {
"Authorization": 'Bearer ' + access_token,
"Content-Type": 'application/json'
}
search_params = {
"query": query
}
url = "https://api.loganalytics.io/v1/workspaces/{workspaceID}/query"
res = requests.post(url=url, json=search_params, headers=headers)
print (res.status_code)
print (res.json())
I'm using requests session with oauth2 authentication.
Everything works perfectly when I upload small files, but for 4GB file I get token expired error, it looks like the file was uploaded but at the closing session part token was once more validated.
Is there any chance to handle this situation?
Upload large file with token refreshed before the session was closed or something?
a sample of the code is below, Thank You very much for any help. Cheers!
import requests
from io import StringIO
from requests_toolbelt.multipart.encoder import MultipartEncoder
TOKEN_PAYLOAD = {
'grant_type': 'password',
'client_id': '###',
'client_secret': '###',
'username': '###',
'password': '####'
}
def get_token():
response = requests.post(
'https://oauth/token',
params=TOKEN_PAYLOAD)
response_data = response.json()
token = response_data.get('access_token')
return token
# Create test file
MB = 1024 ** 2
GB = MB * 1024
encoded_string = 'x' * 4 * GB
file_test = StringIO()
file_test.write(encoded_string)
# Get token
token = get_token()
# Create form
multipart_data = MultipartEncoder(
fields={
'--': ('4GB_test.txt', file_test, 'text/plain'),
'id': '2217',
'fileFieldDefId': '4258',
}
)
# Create headers
headers = {
"Authorization": "Bearer {}".format(token),
'Content-Type': multipart_data.content_type
}
session = requests.Session()
response = session.post(
'https://oauth2/rest/external/item/multipartUpdate/byId',
headers=headers,
data=multipart_data,
)
print(response)
# <Response [401]>
print(response.content)
# b'{"error":"invalid_token","error_description":"Access token expired: 0f7f6bd9-4e21-407f-4a78347711a9"}'
# response.close() ? with refreshed token
# session.close() ? with refreshed token
If you want to have valid access tokens for more time you can also request for refresh tokens and use them to generate new access tokens whenever the old one expires. Generally access tokens are valid for 1 hour, you can maintain a timer and generate a new access token every time your timer reaches 60 minutes. That way you can have a valid access token for longer sessions.
You have to use grant_type=refresh_token https://www.rfc-editor.org/rfc/rfc6749#section-6
I'm trying to send a request with django to get an access_token from my api using OAuth2. I'm executing this code :
data = {'username': 'admin', 'password': '123123', 'grant_type':
'password','client_id': 'xxx','client_secret': 'xxx'}
headers = {'content-type': 'application/x-www-form-urlencoded'}
r = requests.post(url, data=data, headers=headers)
When I send this request I get this error :
{'error': 'unsupported_grant_type'}
Thanks for your help !
If anyone is interested the correct request was :
payload = "grant_type=password&client_secret=xxx&client_id=xxx&username=username&password=password"
headers = {
'content-type': "application/x-www-form-urlencoded",
'cache-control': "no-cache",
}
response = requests.request("POST", url, data=payload, headers=headers)
If you don't want to encode data in url, you can put this in your settings.
OAUTH2_PROVIDER = {
'OAUTH2_BACKEND_CLASS': 'oauth2_provider.oauth2_backends.JSONOAuthLibCore',
}
I had the same problem and later I found that the grant type should be a string.
payload = {'grant_type': 'refresh_token', 'refresh_token': refresh_token}
I am trying to take some working code and change from urlib2 to requests.
The original code provides basic login information of username, password and posts the KEY and SECRET in the header of the urllib2 request. The following code is my attempt to change to using the requests module and gain some functionality for making additional API calls. I have tried dozens of combinations and all return a code 400. Apparently, my requests code does not successfully furnish the needed information to return a 200 response and provide the needed authorization token.
## Import needed modules
import urllib2, urllib, base64
import httplib
import requests
import json
## initialize variables
KEY = "7f1xxxx-3xxx-4xxx-9a7f-8be66839dede"
SECRET = "45xxxxxx-45xxx-469a-9ae9-a7927a76cfeb"
userName = "my-email#xxx.com"
passWord = "mypassword"
URL = "https://company.com/auth/token"
token = None
sessionid = None
DATA = urllib.urlencode({"grant_type":"password",
"username":userName,
"password":passWord})
base64string = base64.encodestring('%s:%s' % (KEY, SECRET)).replace('\n', '')
request = urllib2.Request(URL, DATA)
request.add_header("Authorization", "Basic %s" % base64string)
result = urllib2.urlopen(request)
token = result.read()
print token
This returns my authorization token and all is well. I can pass the token to the authorization server and have full access to the api for interacting with the database. Below is the attempt to use requests and have the added functions it provides.
client = requests.session()
payload = {"grant_type":"password",
"username":userName,
"password":passWord,
"applicationId": KEY
}
headers = {'content-type':'application/json',
"grant_type":"password",
"username":userName,
"password":passWord,
'applicationsId': KEY,
'Authorization': base64string,
'token': token,
'sessionid': sessionid
}
response = client.post(URL, params = payload, headers=headers)
token = response.content
print token
{"error":"invalid_request"}
print response
<Response [400]>
If you want to use basic auth you should use the method from requests..
Your post should look like
response = client.post(
URL,
params = payload,
headers=headers,
auth=HTTPBasicAuth(
KEY,
SECRET
))
Somewhere in a post a contributor to another question mentioned some items actually needed to be in the body of the request not in the header. I tried various combos and the following solved the 400 response and accomplished my goals.
data = {"grant_type":"password",
"username":userName,
"password":passWord,
"applicationId": KEY
}
headers = {'Authorization': "Basic %s" % base64string,
'token': token
}
response = client.post(URL, data = data, headers=headers)
token = response.text
print token