Comments (7)
Hello!
The output of get_authentication_log
when using api_version=2
contains two top level keys,authlogs
and metadata
. The next_offset
key in metadata
contains a list. If there are no subsequent pages, next_offset
should contain something falsey. If there are subsequent pages, the first element is an epoch timestamp and the second is the event id.
When retrieving a page after the initial request, you should be able to just take next_offset
contained in the first response and plug that into the next_offset
argument of the next get_authentication_log
call.
This is untested, but I think it would look something like:
...
authlogs = []
res = client.get_authentication_log(mintime=mintime, maxtime=maxtime, api_version=2)
authlogs.extend(res['authlogs'])
next_offset = res['metadata'].get('next_offset')
while next_offset:
res = client.get_authentication_log(
mintime=mintime,
maxtime=maxtime,
api_version=2,
next_offset=next_offset
)
authlogs.extend(res['authlogs'])
next_offset = res['metadata'].get('next_offset')
I hope this helps. Please let me know if this doesn't answer your question.
from duo_client_python.
I was able to use your example as a reference to get it working thanks. I didn't quite need it all for my use case but your next_offset line made it click for me.
`logs = admin_api.get_authentication_log(api_version=api_version, limit=limit, mintime=mintime, sort=sort)
next_offset = logs['metadata'].get('next_offset')
{Stuff gets done here to the logs}
logs = admin_api.get_authentication_log(api_version=api_version, limit=limit, mintime=mintime, sort=sort,next_offset=next_offset
{More Stuff}`
from duo_client_python.
@guitarhero23 @cavemanpi
I am also trying to get data from authentication API but stuck in next_offset
part.
Here is my code:-
import base64, email, hmac, hashlib, urllib
import requests
import pprint
class Raheja:
def sign(self, method, host, path, params, skey, ikey):
"""
Return HTTP Basic Authentication ("Authorization" and "Date") headers.
method, host, path: strings from request
params: dict of request parameters
skey: secret key
ikey: integration key
"""
# create canonical string
now = email.Utils.formatdate()
canon = [now, method.upper(), host.lower(), path]
args = []
for key in sorted(params.keys()):
val = params[key]
if isinstance(val, unicode):
val = val.encode("utf-8")
args.append(
'%s=%s' % (urllib.quote(key, '~'), urllib.quote(val, '~')))
canon.append('&'.join(args))
canon = '\n'.join(canon)
# sign canonical string
sig = hmac.new(skey, canon, hashlib.sha1)
auth = '%s:%s' % (ikey, sig.hexdigest())
print auth
# return headers
headers = {'Date': now, 'Authorization': 'Basic %s' % base64.b64encode(auth)}
return headers
def get_data(self, headers):
next_offset = []
while next_offset is not None:
url = "https://xxxxx.duosecurity.com/admin/v2/logs/authentication"
querystring = {'mintime': '1614067200000', 'maxtime': '1614070800000', 'limit': '1000',
'next_offset': next_offset}
headers = {
'Authorization': headers.get('Authorization'),
'Content-Type': "application/x-www-form-urlencoded",
'Date': headers.get('Date'),
}
response = requests.request("GET", url, headers=headers, params=querystring)
response_json = response.json()
print response_json
response = response_json.get('response')
metadata = response.get('metadata')
next_offset = metadata.get('next_offset')
print next_offset
r = Raheja()
headers = r.sign('GET', 'xxxxx.duosecurity.com', '/admin/v2/logs/authentication',
{'mintime': '1614067200000', 'maxtime': '1614070800000', 'limit': '1000'},
'xxx', 'xxxx')
data = r.get_data(headers)
I am able to get the response from when I did the first API call. But for the second I am trying to pass the offset from my above code but getting as :
{u'message': u'Invalid signature in request credentials', u'code': 40103, u'stat': u'FAIL'}
Please need help here. Thanks
from duo_client_python.
Hey @arahej,
There's a method in the client you should probably use instead of your hand rolled retrieval. The method name is get_authentication_log
. Is there a reason you aren't using the client module?
I'm pretty sure you need to sign every request, especially when you change the parameters. The signature is derived from secrets as well as the parameters in the request. When you change the next_offset
parameter, the signature will be different.
from duo_client_python.
@cavemanpi
Thanks for the inputs.
Can you share with me the link to the get_authentication_log
method?
Also, I need to call the sign
method again if I change my next_offset
right?
and the data type of next_offset
is a list or a string?.
Thanks
from duo_client_python.
@arahej The method you are looking for is in this repo. If your intent is to implement all the logic needed to run your requests, you will have implemented the client in this repo. I strongly suggest using this client in your project.
Here's the method in the client:
duo_client_python/duo_client/admin.py
Line 323 in 34c165c
from duo_client_python.
Yes, you will need to sign your request each time you change parameters. Ideally also every time you make a call the the api endpoint, it should be signed. If you use the client libarary, you don't have to worry about signing the request correctly; it's built into the client.
On logging endpoints next_offset
is a list.
from duo_client_python.
Related Issues (20)
- Add Support Create Integration for SSO type HOT 5
- Update Admin cannot update the status HOT 1
- Deprecated SSL protocol in CertValidatingHTTPSConnection HOT 4
- Interators not working due to not having metadata populated HOT 5
- 403 Forbidden Access on all methods of Admin API HOT 6
- Duo: no library to generate passcodes HOT 4
- get_authentication_log - api:v2 param filter failing HOT 4
- metadata parse error in add_user_phone HOT 4
- Automatic proxy configuration HOT 2
- get_authentication_log clearing out Params HOT 3
- Add Get User by Email HOT 1
- 400 Bad Request response when trying to add a token for a yubikey HOT 1
- Duo client installed via pip is missing the get_users_by_names func HOT 3
- Getting "Received 429 Too Many Requests" for auth logs even if hitting the API in 6-7 minute intervals
- Getting 40103 on making GET REST API calls HOT 5
- Tests are failing because actual requests are being made HOT 1
- How to use duo_client_python to access an integrations secret key? HOT 2
- next_offset pagination in auth logs HOT 12
- add get auth summary endpoint to the admin object
- bad link in READ.me
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from duo_client_python.