asjohnston-asf
commented
5 months ago I observed a similar error after upgrading to requests v2.32.0, released yesterday. Downgrading to requests v2.31.0 resolved the issue in the short term.
Closed ihemnta closed 5 months ago
asjohnston-asf
commented
5 months ago I observed a similar error after upgrading to requests v2.32.0, released yesterday. Downgrading to requests v2.31.0 resolved the issue in the short term.
pieeri
commented
5 months ago Issue summary:
When upgrading from requests v2.31.0 to v2.32.*, standard connection (GET) throws authentification error (401) when using the requests_pkcs12.Pkcs12Adapter.
Short-term fix:
Pin temporarily requests to lower than v2.32.0.
Would it be possible to have some background of the potential root cause of the error, as no deprecation warning nor further available information is accessible via the Python stack trace? Many thanks!
vog
commented
5 months ago Since downgrading the requests library helps, it is very likely that this is an issue with the "requests" library and not "requests_pkcs12".
To further verify this assumption, I recommend that you create a pure-requests test case that doesn't involve requests_pkcs12 at all. This should be possible by simply converting your PKCS#12 certificates to PEM (using your PKCS#12 password), then providing this via the normal "cert=..." parameters the requests library.
If that code shows the same error, you have a good minimal test case to report an issue at the "requests" library. In that case, please drop us a note with a link to your issue opened at the "requests" project, as a comment here in this issue, because it might be helpful to others.)
ihemnta
commented
5 months ago Thanks @vog, Downgrading to requests v2.31.0 resolved my issue.
Issue Summary: I am encountering a 403 Forbidden error when attempting to send a POST request using the "requests_pkcs12" library, despite having a valid certificate and successfully receiving a 200 response when using curl request.
I am using 'requests_pkcs12' Version:-1.24
`import requests_pkcs12 cert_path = "./SSLRequests/carefi_tu_uat_p12_cert.p12" cert_password = "hello.*@101" url = "https://****.com/acquire/credit-assessment/v1/consumer-cir-cv" header = {} payload={}
response = requests_pkcs12.post( url, headers=header, data=payload, pkcs12_filename=cert_path, pkcs12_password=cert_password )
The response.__dict__ is as following:-{'_content': b'{"message":"Forbidden. You don\'t have permission to view this. Please contact your system administrator.","status_code":403,"aud":"d4a*e1f449b5968gjk68995vhj688d9d2d**0","ray_id":"8876**4a7","ip_address":"12.*.14.*","is_warp":false,"is_gateway":false,"mtls_status":"NONE"}', '_content_consumed': True, '_next': None, 'status_code': 403, 'headers': {'Date': 'Tue, 21 May 2024 18:30:17 GMT', 'Content-Type': 'application/json; charset=utf-8', 'Transfer-Encoding': 'chunked', 'Connection': 'keep-alive', 'CF-Access-Aud': 'd4a5bbbbb9d9ee1f44757*****f8d9d2dc1f68946b0', 'CF-Access-Domain': '', 'CF-RAY': '8876-BOM', 'cf-version': '1701-77418d4', 'Referrer-Policy': 'strict-origin-when-cross-origin', 'Server': 'cloudflare', 'Vary': 'Accept-Encoding', 'Content-Encoding': 'gzip'}, 'raw': <urllib3.response.HTTPResponse at 0x7f88eb53d480>, 'url': 'https://************.com/acquire/credit-assessment/v1/consumer-cir-cv', 'encoding': 'utf-8', 'history': [], 'reason': 'Forbidden', 'cookies': <RequestsCookieJar[]>, 'elapsed': datetime.timedelta(microseconds=115372), 'request': <PreparedRequest [POST]>, 'connection': <requests_pkcs12.Pkcs12Adapter at 0x7f88f06ba540>}`