Consuming HTTP Services in Python Transcripts
Chapter: Accessing authenticated HTTP services
Lecture: Authenticated HTTP service overview

Login or purchase this course to watch this video and the rest of the course contents.
0:01 You've seen on our service here that we've had
0:04 the basic unauthenticated http restful service,
0:06 but you probably also noticed that we have a secured version,
0:09 and that's a debatable measure, but let's say it requires authentication version,
0:14 like this one is actually not going over ssl but again,
0:17 it's not actually protecting any real data, right,
0:20 but if I do click on it, it says oh you have to enter your username and password,
0:23 and if I just say cancel, I get a basic auth username, password is required,
0:27 if I try it again, you can see down here I could type kennedy and super_lockdown
0:33 because we are all about security here, then it will actually let us in, okay.
0:38 So, we can see over here, this is postman, I've made a little request here
0:43 that is going to go get the restricted blog data here,
0:46 and it has no authentication setup right now, so I am going to hit send,
0:50 and same thing, you must authenticate with the username and a password,
0:55 so we come down here and we say basic auth
0:57 and we can put the username and the password in, kennedy and super_lockdown
1:03 and we can update the request, and save, and now, we get our data back,
1:07 beautiful, right, and you can see these are
1:10 the responses we got back from the server, and so on.
1:13 We can also go to the headers and see what we are going to send across
1:16 so I could send this authorization and we could not use postman to generate this
1:21 but we could just literally type in basic and then this,
1:24 and this is the base 64 encoded version of username:password as a byte array,
1:31 so as long as we send that across we get data back, we go to the body,
1:36 if we don't send that across, and we take away authorization as well,
1:40 none, right, nothing turn this back on, allow authorization to be sent,
1:44 we're in, okay, so that is how basic authentication works, it just sends that string,
1:49 which like I said, that is plain text, username and password
1:52 so be super careful about that.
1:55 Alright, so we are going to see that we can do this both in Requests,
1:58 and we can do this in the builtins, it's super easy in the request,
2:01 it's super non obvious and not particularly easy in the builtins,
2:04 but I'll show you how to do it for both.