search

Colin-b / httpx_auth

Authentication classes to be used with httpx
MIT License
114 stars 26 forks source link

Add `Accept` headers to grant retrieval #57

Closed Kludex closed 1 year ago

Kludex commented 1 year ago

The code is already assuming the response will be a json, but that's necessarily true.

I have a case, that by default they don't send a JSON... :sweat_smile:

The case is for WakaTime.

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

Kludex commented 1 year ago

If not I'll do it when I find some time.

You can do it when you find some time. Thanks! :pray:

I'm already using this branch.

Could you please also tell me what kind of data was sent? As it would be even better to handle this specific case as well instead of requiring JSON.

You mean to support multiple formats?

Anyway, the code you can use:

import hashlib
import os

import httpx
from httpx_auth import OAuth2AuthorizationCode
from pydantic import BaseSettings

class Settings(BaseSettings):
    wakatime_client_id: str
    wakatime_client_secret: str

settings = Settings()

auth = OAuth2AuthorizationCode(
    authorization_url="https://wakatime.com/oauth/authorize",
    token_url="https://wakatime.com/oauth/token",
    client_id=settings.wakatime_client_id,
    client_secret=settings.wakatime_client_secret,
    redirect_uri_endpoint="oauth2callback",
    redirect_uri_port=8000,
    scope="email,read_stats,read_logged_time",
    state=hashlib.sha1(os.urandom(40)).hexdigest(),
)
client = httpx.Client(base_url="https://wakatime.com/api/v1/", auth=auth)
res = client.get("/users/current")
print(res.json())
Kludex commented 1 year ago

You can verify the Content-Type instead of restricting the Accept. :+1:

Colin-b commented 1 year ago

You can verify the Content-Type instead of restricting the Accept. 👍

Yes that's exactly my point, I'll see if I can add a WakaTimeAuth as well

Colin-b commented 1 year ago

I just created an app on WakaTime and I'm able to make it work without requesting JSON, I pushed it to bugfix/html_content_type in the meantime, it is still in draft as I need to make sure we can handle error responses properly as well and add some more coverage on this new feature. I'll also add WakaTimeAuth (and documentation on how to set it up) at some point to ease up the setup. Even if the solution to your problem is different, I'll make sure to include you in the changelog :) Thanks

Kludex commented 1 year ago

Why adding the class itself instead of just verifying the content type, and reading the content properly? 🧐

Colin-b commented 1 year ago

Both will be done, the class is to ease the setup for wakatime users (no more auth url required and handling of the comma separated scopes when providing a list of scopes). This will prevent the need to read the authentication part of the setup, only focusing on actually accessing data :)

Colin-b commented 1 year ago

Hello @Kludex ,

Version 0.16.0 is now available on pypi with this feature. I advise you to use the new WakaTimeAuthorizationCode authentication class to ease the readability of your code.

Best Regards