community Alteryx IO Alteryx.com
alteryx Community
Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Close
Free Trial

Dev Space

Customize and extend the power of Alteryx with SDKs, APIs, custom tools, and more.

Connecting to Alteryx ADMIN API behind OAUTH Invalid Signature

GrantZukel
5 - Atom
‎10-27-2020 01:49 PM 
import time
import collections
import random
import math
import requests
import string
import json
import urllib
import hmac
import binascii
import hashlib
from requests.utils import quote
import base64

class Gallery(object):
    def __init__(self, apiLocation, apiKey, apiSecret):
        self.apiLocation = apiLocation
        self.apiKey = apiKey
        self.apiSecret = apiSecret

    def buildOauthParams(self, page, pageSize):
        return {"page": page,
                "pageSize": pageSize,
                'oauth_timestamp': str(int(math.floor(time.time()))),
                'oauth_signature_method': 'HMAC-SHA1',
                'oauth_consumer_key': self.apiKey,
                'oauth_version': '1.0',
                'oauth_nonce': self.generate_nonce(5)}

    '''Returns the questions for the given Alteryx Analytics App'''
    def getUsers(self, page, pageSize):
        method = 'GET'
        url = self.apiLocation + '/users/'
        params = self.buildOauthParams(page, pageSize)
        headers = {}
        signature = self.generateSignature(method, url, params)
        #signature = base64.b64encode(signature)
        params.update({'oauth_signature': signature.decode("utf-8")})
        normalized_params = urllib.parse.urlencode(params)
        url = url + "?" + normalized_params
        output = requests.get(url,headers=headers, verify=False)
        return output, output.content

    def generate_nonce(self, length=5):
        """
        :return: Generate pseudorandom number
        """
        nonce = "000001"
        return nonce

    def generateSignature(self, http_method, url, params):
        """
        :return: returns HMAC-SHA1 signature
        """
        quote = lambda x: requests.utils.quote(x, safe="~")
        normalized_params = urllib.parse.urlencode(params)
        base_string = "&".join((http_method.upper(), quote(url), quote(normalized_params)))
        base_bytes = base_string.encode("ascii")
        api_secret = self.apiSecret + "&"
        api_secret = api_secret.encode("ascii")
        sig = hmac.new(api_secret, base_bytes, hashlib.sha1)
        sig = sig.hexdigest()
        signature = base64.urlsafe_b64encode(bytes.fromhex(sig))
        return signature


client_key = 'removed_security'
client_secret = 'removed_security'
gallery_url = 'https://ourendpoint:443/gallery/api/admin/v1'

con = Gallery(gallery_url, client_key, client_secret)
users,usersContent = con.getUsers("1", "100")
print(users)
print(usersContent)

 Hello,

 

I'm trying to list users from the admin api. Our setup is the oauth setup with oauth1. I had our Alteryx SME setup an alteryx flow that does an authentication against the api and I am mimicing what his R implementation does but in python. The issue is I'm getting invalid HMAC signature. 

 

I was also able to find a python example online parsing through someone else's project and put it together. 

 

b'{"data":null,"exceptionName":"UnauthorizedException","innerExceptionMessage":"","message":"The provided signature(oauth_signature) is invalid."}'

 

I am using the admin keys from the setting page with api access enabled. That changed the message from invalid client secret and key to invalid signature. I've tried sending the signature as requests params and now as a combined url nothing seems to fix it.

 

Appreciate any help you can give here.

Labels:
Reply
0 REPLIES 0