Consuming HTTP Services in Python Transcripts
Chapter: Accessing authenticated HTTP services
Lecture: Authenticated HTTP service overview
Login or
purchase this course
to watch this video and the rest of the course contents.
0:01
You've seen on our service here that we've had the basic unauthenticated http restful service,
0:07
but you probably also noticed that we have a secured version, and that's a debatable measure, but let's say it requires authentication version,
0:15
like this one is actually not going over ssl but again, it's not actually protecting any real data, right,
0:21
but if I do click on it, it says oh you have to enter your username and password,
0:24
and if I just say cancel, I get a basic auth username, password is required,
0:28
if I try it again, you can see down here I could type kennedy and super_lockdown
0:34
because we are all about security here, then it will actually let us in, okay.
0:39
So, we can see over here, this is postman, I've made a little request here that is going to go get the restricted blog data here,
0:47
and it has no authentication setup right now, so I am going to hit send, and same thing, you must authenticate with the username and a password,
0:56
so we come down here and we say basic auth and we can put the username and the password in, kennedy and super_lockdown
1:04
and we can update the request, and save, and now, we get our data back, beautiful, right, and you can see these are
1:11
the responses we got back from the server, and so on. We can also go to the headers and see what we are going to send across
1:17
so I could send this authorization and we could not use postman to generate this but we could just literally type in basic and then this,
1:25
and this is the base 64 encoded version of username:password as a byte array, so as long as we send that across we get data back, we go to the body,
1:37
if we don't send that across, and we take away authorization as well, none, right, nothing turn this back on, allow authorization to be sent,
1:45
we're in, okay, so that is how basic authentication works, it just sends that string, which like I said, that is plain text, username and password
1:53
so be super careful about that. Alright, so we are going to see that we can do this both in Requests,
1:59
and we can do this in the builtins, it's super easy in the request, it's super non obvious and not particularly easy in the builtins,
2:05
but I'll show you how to do it for both.