03-19-2016 11:37 AM
Hello PSIRT API team.
any assistance, or guidance, with regards to the below "Not Authorized" response from the openVuln API REST request would be greatly appreciated.
oAuth2.0 Token request
client_id=vjjw9...p9d4bs&grant_type=client_credentials&client_secret=PhdNGK...ThNF3A
Url: https://cloudsso.cisco.com/as/token.oauth2
<Response [200]>
<<class 'requests.cookies.RequestsCookieJar'>[<Cookie PF=b7Y6PySpJjVrPP96S6HA1w for cloudsso.cisco.com/>]>
openVuln API request
URL: https://api.cisco.com/security/advisories/cvrf/all
{'Authorization': 'Bearer b7Y6PySpJjVrPP96S6HA1w'}
[Request: Return Headers]{'Content-Length': '23', 'X-Mashery-Error-Code': 'ERR_403_NOT_AUTHORIZED', 'Server': 'Mashery Proxy', 'X-Error-Detail-Header': 'Not Authorized', 'X-Mashery-Message-ID': '6e4f0ecd-e8ad-47dd-8425-fe4aff058f6f', 'Connection': 'close', 'Date': 'Sat, 19 Mar 2016 18:22:30 GMT', 'Content-Type': 'text/xml'}
[Request: Return Content] <h1>Not Authorized</h1>
Also tried with Postman...
Solved! Go to Solution.
04-14-2016 05:17 AM
Dave,
Sorry it took so long, docker issues.
Here's the code:
#!/usr/local/bin/python
import oauth2 as oauth
import json
import urllib.request
print('OAuth example into Cisco.com')
consumer = oauth.Consumer(key="yourclientidhere",secret="yourclientsecrethere")
request_token_url = "https://cloudsso.cisco.com/as/token.oauth2?grant_type=client_credentials&client_id=yourclientidhere&client_secret=yourclientsecrethere"
client = oauth.Client(consumer)
resp, content = client.request(request_token_url, "POST")
print(content)
j = json.loads(content.decode('utf-8'))
print(j['access_token'])
req = urllib.request.Request('https://api.cisco.com/security/advisories/cvrf/all')
req.add_header('Accept','application/json')
req.add_header('Authorization','Bearer '+j['access_token'])
resp = urllib.request.urlopen(req)
adv = resp.read()
advdata = json.loads(adv.decode('utf-8'))
for advisory in advdata['advisories']:
print(advisory)