search

heroku / salesforce-bulk

Python interface to the Salesforce.com Bulk API
MIT License
206 stars 157 forks source link

package requires security token even when API doesn't #97

Open ckoppelman opened 3 years ago

ckoppelman commented 3 years ago

In salesforce_bulk.py#login_to_salesforce, line 125, this package requires a security token in order to attempt authentication. Instead, this package should let the API reject the auth call.

I am currently allowlisting the IP address my requests are coming from, so I do not need to pass in my security token as far as the Salesforce API is concerned. I would prefer to not keep a security token on the server these requests are coming from.

My current workaround is this, which now works just fine, but is odd:

    passwd = SALESFORCE_PASSWORD
    token = SALESFORCE_SECURITY_TOKEN
    if not len(token):
        passwd, token = passwd[:-5], passwd[-5:]

    bulk = SalesforceBulk(
        username=SALESFORCE_USERNAME,
        password=passwd,
        security_token=token,
        sandbox=SALESFORCE_IS_SANDBOX,
        client_id=SALESFORCE_CLIENT_ID,
    )