I built a rest api using flask restplus and I tested it using the swagger documentation, and it seems to be fully functional and working just fine. I now want to test the API using the python requests library, but I’m getting the following error:
Invalid IAP credentials: empty token
I imagine this is because I did not authorize using the credentials. I do have access to the service account credentials json file, but just wondering how I pass this into requests?
Code Example:
url = 'https://crosssellapi-project-id.appspot.com/auth/login'
r = requests.get(url, headers={'accept': 'application/json'})
Thanks in advance.
Advertisement
Answer
I think the best way to accomplish this is using the google-auth library for python.
$ pip install google-auth
I suggest to create a service account, give it the role IAP-secured Web App User and then download the JSON key for that service account.
Go to API’s & Services > Credentials and copy the Client ID of the OAuth 2.0 client you want to use for your API.
Finally use this code snippet to make a request:
from google.oauth2 import service_account
from google.auth.transport.requests import AuthorizedSession
SERVICE_FILENAME = '/path/to/your/service_account_key.json'
API_URL = 'https://YOUR_API_URL'
AUDIENCE = 'YOUR_OAUTH_CLIENT_ID'
credentials = service_account.IDTokenCredentials.from_service_account_file(SERVICE_FILENAME, target_audience=AUDIENCE)
session = AuthorizedSession(credentials)
r = session.get(API_URL, headers={'accept': 'application/json'})
print(r.text)
If you want to know more about google-auth check this.