search

woocommerce / wc-api-python

A Python wrapper for the WooCommerce API.
https://pypi.org/project/WooCommerce/
MIT License
211 stars 113 forks source link

wcapi.get('orders') returns 403 #42

Closed LucSpan closed 3 years ago

LucSpan commented 5 years ago

I connect to my WooCommerce webshop through the WooCommerce REST API Python wrapper,

I.e,

from woocommerce import API

wcapi = API(
    url="https://mywebshop.whatever",
    consumer_key="ck_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    consumer_secret="cs_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    wp_api=True,
    version="wc/v1"
)

API has read/write access.

All worked fine for months up to yesterday.

Problem

Since yesterday latest_order = wcapi.get('orders').json() returns a JSONDecodeError: Expecting value. Also, wcapi.get('orders') returns a <Response [403]>.

I don't know what's causing this all of a sudden and I'm not sure how to solve it either.

asaleem772 commented 5 years ago

I am also getting the same issue on it. without any change in code or change in secret key etc.

claudiosanches commented 5 years ago

Doesn't sound like a problem in this library, since is just the response for your website, need to check your site.

imansdn commented 4 years ago

I have the same problem. I can connect to API with Postman and android but it's not work in python. this is my code in python:

wcapi = API(
    url="http://mywebshop.whatever",  
    consumer_key=woo.get_key(),
    consumer_secret=woo.get_secret(),
    wp_api=True,  
    version="wc/v3",  

)
print(wcapi.get("products"))

and the response is : <Response [403]>

and

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
</body></html>

what kind of problem can happen on the website to show this error?

claudiosanches commented 4 years ago

@imansdn the message it's clear, your user don't have permission to access.

imansdn commented 4 years ago

but as I mentioned, I can receive a true response with the same consumer_key and consumer_secret in postman and mobile side. and these authenticate keys are for the admin user. so I can't understand why I get this error when I call API with this python repository?

Evert-Arends commented 3 years ago

Same here, curl request with the same credentials will work, python lib will not.

giacomobartoli commented 3 years ago

Same issue. What could be possibly wrong? I tried with two different woocommerce websites: the first one is working, the second one (with its own credentials) return 403.

giacomobartoli commented 3 years ago

@claudiosanches please provide us some support. Many users are incurring into this problem. I tried to re-generate the consumer key and secret, but still 403 error.

Evert-Arends commented 3 years ago

@claudiosanches please provide us some support. Many users are incurring into this problem. I tried to re-generate the consumer key and secret, but still 403 error.

I made a pr which works: https://github.com/woocommerce/wc-api-python/pull/57

giacomobartoli commented 3 years ago

Thank you @Evert-Arends. I am using Visual Studio Code and PIP for managing the dependencies. So, how can I edit the original library (wc-api-python) to include your code? Then, will it still work within a CI system? It would be easy just to merge the PR you opened.

Evert-Arends commented 3 years ago

It would be, but they would lose compatibility, which they don't like. What you can do is include the api file locally in ur filesystem and call the import from there. The CI should have no issues with that I assume?

giacomobartoli commented 3 years ago

@Evert-Arends Sorry but it is still not clear to me. Which compatibility would be lost by merging your PR? This might me meaningful to me, since I am downloading data from different woocommerce store and the python wc-api-python library works fine for everyone except for one store. So, make this store work should not broke the others.

Evert-Arends commented 3 years ago

I strictly write python 3.8, for my own use case I did not need any lower python versions to work. By doing that I accidentally removed support for lower versions of python. Everything below 3.6 won't work I assume. (python 2.7 is officially still supported by the woocommerce api, but it absolutely should not be! One of the reasons my pr removes support for it.)

giacomobartoli commented 3 years ago

@Evert-Arends is there a specific python version to make it work? I am not referring to your PR, just the basic library. I am using python 3.6 right now.

claudiosanches commented 3 years ago

I'll check next week how to make it compatible with older versions of Python. But I still can use this library without any issue about authentication.

claudiosanches commented 3 years ago

This got fixed by https://github.com/woocommerce/wc-api-python/pull/57, thanks @Evert-Arends for your help. Note that I'll release 3.0 soon, we'll drop support to unsupported Python releases. The older releases of this lib seems to be still working with Python 2.7 in my tests.

fnellen commented 2 years ago

Still having the same 403 error mentioned above while using wcapi.get("orders"). I tried using requests manually but got the same error:

import requests
from base64 import b64encode

url = 'https://XXX.org/wp-json/wc/v3/orders'
clientKey = config("WOOCOMMERCE_KEY")
clientSecret = config("WOOCOMMERCE_SECRET")
authString = b64encode(bytes(clientKey + ':' + clientSecret, 'utf-8')).decode('ascii')
headers = {'Accept': '*/*',
           'Cache-Control': 'no-cache',
           'Accept-Encoding': 'gzip, deflate, br',
           'Host': 'XXX.org',
           'Connection': 'keep-alive',
           'Authorization': 'Basic %s' % authString,
           }
response = requests.get(url, headers=headers)

Changing from requests to http.client

import http.client
from base64 import b64encode

conn = http.client.HTTPSConnection("XXX.org")
payload = ''
clientKey = config("WOOCOMMERCE_KEY")
clientSecret = config("WOOCOMMERCE_SECRET")
authString = b64encode(
    bytes(clientKey + ':' + clientSecret, 'utf-8')).decode('ascii')
headers = {
    'Authorization': 'Basic %s' % authString,
}
conn.request("GET", "/wp-json/wc/v3/orders", payload, headers)
res = conn.getresponse()
data = res.read()

solved the issue, and I got the expected response.

Versions: requests==2.27.1, WooCommerce==3.0.0, python 3.9.12

Evert-Arends commented 2 years ago

@fnellen

Can you try something for me with the request code? Add the following headers:

"user-agent": 'random thing', "accept": "application/json"

On phone right now, formatting could be off.

fnellen commented 2 years ago

now it works :) This is the working code:

import requests
from decouple import config
from base64 import b64encode

url = 'https://XXX.org/wp-json/wc/v3/orders'
clientKey = config("WOOCOMMERCE_KEY")
clientSecret = config("WOOCOMMERCE_SECRET")
authString = b64encode(
bytes(clientKey + ':' + clientSecret, 'utf-8')).decode('ascii')
headers = {
  'user-agent': 'random thing',
  'accept': 'application/json',
  'Cache-Control': 'no-cache',
  'Accept-Encoding': 'gzip, deflate, br',
  'Host': 'XXX.org',
  'Connection': 'keep-alive',
  'Authorization': 'Basic %s' % authString,
}

response = requests.get(url, headers=headers)
print(response.json())

Thanks for the quick reply!

fnellen commented 2 years ago

When specifying the user_agent, the request goes through:

def testWCAPI():
    wcApi = API(
        url="https://www.XXX.org/",
        consumer_key=config("WOOCOMMERCE_KEY"),
        consumer_secret=config("WOOCOMMERCE_SECRET"),
        wp_api=True,
        version="wc/v3",
        user_agent="XXX.org"
    )
    orders = wcApi.get("orders").json()
    print(orders)