python请求POST基本身份验证返回200与空体

时间:2016-03-08 18:56:23

标签: python http curl https python-requests

import requests
s = requests.Session()
r = requests.Request('POST', 'https://'+url+'?name=value')
prep = r.prepare()
prep.headers = {'User-Agent': 'curl/7.38.0', 'Accept': '*/*', 'Authorization': 'Basic <load of hex>==', 'Content-Type': 'application/json'}
response = s.send(prep)

输出:

DEBUG:requests.packages.urllib3.connectionpool:"POST /url?name=value HTTP/1.1" 200 None

为什么我得到200表示身份验证成功但没有json返回给我必要的凭据? (如果我篡改Authorization标头,它会按预期返回403)。

我已将请求标头直接从成功的curl请求中提取到同一服务。为什么请求没有返回任何内容?

成功的cURL日志:

$ curl -v https://url?name=value -X POST -H "Content-Type: application/json" -u <user:secret>
* Hostname was NOT found in DNS cache
*   Trying <ip>...
* Connected to url port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*        <cert detail>
*        SSL certificate verify ok.
* Server auth using Basic with user '<user>'
> POST url?name=value HTTP/1.1
> Authorization: Basic <hex encoded string>==
> User-Agent: curl/7.38.0
> Host: <host>
> Accept: */*
> Content-Type: application/json
>
< HTTP/1.1 200 OK
* Server openresty/1.7.4.1 is not blacklisted
< Server: openresty/1.7.4.1
< Date: Tue, 08 Mar 2016 15:47:08 GMT
< Content-Type: application/json; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Correlation-Id: <id>
< Strict-Transport-Security: max-age=31536000
< Cache-Control: private, no-cache, no-store, no-transform, max-age=0
< X-XSS-Protection: 1; mode=block
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< X-Content-Type-Options: nosniff
< X-Frame-Options: deny
<
{"access_token": "<hex value>", "token_type": "bearer", "expires_in": "3599", "scope": "<bunch of authorisations>", "jti": "<string>"}
* Connection #0 to host <host> left intact

2 个答案:

答案 0 :(得分:1)

当我使用请求时,服务器返回空响应(即使身份验证成功且http代码为200)。

我不确定如何使用请求避免这种情况,所以我在普通的旧urllib中执行了以下操作:

import urliblib.request
headers = {'User-Agent': 'blah', 'Authorization': 'Basic <hex>==', 'Accept': '*/*', 'Content-Type': 'application/json'}
req = urllib.request.Request(url, headers=headers, method='POST')
print(urllib.request.urlopen(req).readlines())

现在,响应返回正确的数据。我假设服务器存在一些缓存问题,因为当我使用所有额外的头部请求时,通过urllib添加了类似的成功响应。

答案 1 :(得分:0)

我会以不同的方式使用请求。我会做类似的事情:

from requests import Session

s = Session()

url = 'abc.com'

headers = {'User-Agent': 'blah', 'Authorization': 'Basic <hex>==', 'Accept': '*/*', 'Content-Type': 'application/json'}

# Add headers
s.headers.update(headers)

res = s.post(url)

data = res.json()

您可以将data = {'key':'value'}传递为帖子加载,但不知道您的网址,我只能猜测。