API authorization in python

anon65155295 · 5 May 2020 14:04

Hello! I’m trying to get some boards information from a asana project and I need to run (update) the script all day long. However I’m trying to authorize wiith OAuth2 (with client ID and client secret) but the authorization returns failed. When I try to authorize with bearer code the script can authorize and access the information needed. But the bearer code need to be refreshed once a hour, and I need to run this code all day long. Is there other way to authorize the script?

Python code:

#OAuth2 credentials
client = asana.Client.oauth(
client_id= ‘ID’,
client_secret=’ SECRET’,
redirect_uri=‘urn:ietf:wg:oauth:2.0:oob’
)

#Try to authorize
(url, state) = client.session.authorization_url()

#here returns unauthorized
print(“authorized=”, client.session.authorized)

#Getting and trying bearer code
try:
# in a web app you’d redirect the user to this URL when they take action to
# login with Asana or connect their account to Asana
import webbrowser
webbrowser.open(url)
except Exception as e:
print(“Open the following URL in a browser to authorize:”)
print(url)
#enter with bearer coded
code = input(“Copy and paste the returned code from the browser and press enter:”)
print(code)
token = client.session.fetch_token(code=code)

exchange the code for a bearer token

os.environ[‘ASANA_TOKEN’] = json.dumps(token)

#here returns authorized
print(“authorized=”, client.session.authorized)

Phil_Seeman · 5 May 2020 15:10

Hi @anon65155295 and welcome to the forum!

There is not another way using OAuth. But if you’re just accessing your one account, you should be able to use a Personal Access Token instead - much simpler.

Peter_Bowmar · 6 May 2020 15:06

Hi @anon65155295 I have exactly the same issue (see OAuth avoid user interaction?)

After much reading it appears the Refresh token is the way to go. I can’t use a Personal since this is an end-user tool so each user needs to access on their own merits.

Sadly I can’t find examples of dealing with the Refresh token via the Python API.

There is this: Get refresh token - #12 by Matt_Bramlage

which is exactly what I (and likely you) are hoping to do

Cheers,

Peter B

Peter_Bowmar · 6 May 2020 15:08

This is useful too: OAuth 2 Workflow — Requests-OAuthlib 1.3.1 documentation

The pieces are there… it’s just putting them together and I don’t have the background in OAuth to intuitively come up with the code…

anon65155295 · 6 May 2020 17:48

Thanks, Peter!
I will see it

Peter_Bowmar · 6 May 2020 21:59

Unfortunately it turns out the Asana Python library doesn’t natively handle Refresh tokens yet SEe Python API: check if authentication is still valid - #2 by Ross_Grambo

@anon65155295 if you happen to figure it out using raw oauthlib please let us know

Topic		Replies	Views
OAuth avoid user interaction? Developers & API	1	1537	6 May 2020
Trying to get started with the Developer App + Python API Developers & API api , authorization	1	1468	17 May 2022
Issue with getting authorization code Developers & API	5	690	10 May 2023
Having issues connecting to Asana using Oauth2 in python Developers & API	5	1094	31 March 2022
Token refresh in Python API definitive solution Developers & API tasks , api , accesstoken	0	1537	12 November 2021

API authorization in python

exchange the code for a bearer token

Related Topics