search

DOI-BLM / requests-arcgis-auth

Authentication handler for using Esri ArcGIS for Server and Portal (ArcGIS Online) Token Authentication with Python Requests
22 stars 1 forks source link

Establish integration to Esri ArcGIS API for Python #23

Open pfoppe opened 6 years ago

pfoppe commented 6 years ago

Possibly just pass access_token and refresh_token to 'private' attributes of Esri ArcGIS API for Python

https://developers.arcgis.com/python/

pfoppe commented 6 years ago

Need to upgrade code base to python v3. see - https://github.com/DOI-BLM/requests-arcgis-auth/tree/20180516-ENH_Pythonv3_Support

This was discussed on a private geonet community and here were some key take aways.

we were able to tie in the SAML authentication with esri's Python API.

Here is a code snip: 

url = r'https://<org>.maps.arcgis.com/'
client_id = r'<app_client_id>'

# Create requests auth
import requests
from requests_arcgis_auth import ArcGISPortalSAMLAuth
s = requests.session()
s.auth = ArcGISPortalSAMLAuth(client_id)
req_url = "{}/sharing/rest/portals/self?f=json".format(url)
print ("Making a request to {}".format(req_url))
r = s.get(req_url)
print ("Authenticated User: {}".format(r.json().get('user').get('username')))

# Create Esri Python API instance and plug in properties from auth handlers
from arcgis.gis import GIS

my_obj = GIS(url)
my_obj._portal.con._token = s.auth._token_data.get('access_token')
my_obj._portal.con._refresh_token = s.auth._token_data.get('refresh_token')
my_obj._portal.con._auth = "OAuth"
my_obj._portal._properties = r.json()

# Create a folder to see if it works
my_obj.content.create_folder('bubba')

This code was quickly thrown together to get it to work and has not been completely upgraded to python v3 (or regression tested).

There is a known issue with this though.... the 'access_token' generated by the requests_arcgis_auth handlers is only good for 30 minutes. If the code executing takes longer than 30 minutes (or you are working in an interactive session longer than 30 minutes), then the access_token will expire and the Esri Python API will not generate a new one. There is a 'refresh_token' that can generate a new access token (and the requests_arcgis_auth handles that - reference). To get around this, you would have to check the responses and look for the expired token, then execute line 11 and 18-21 again to get the new access_token available to the Esri Python API.

Should also complete issue #28 so that the 'private' attributes/properties are not relied upon.

pfoppe commented 10 months ago

Esri adjusted where the embedded token is - 


gis = GIS("pro")
from arcgis.gis import GIS
gis = GIS("pro")
response = requests.get('https://FQDN/context/admin/services/folder/service_name.MapServer/iteminfo/manifest/manifest.json?f=json&token={}'.format(gis._portal.con._session._session.auth.__dict__.get('authentication_modes')[1].token))
response.json()