Skip to content

Authentication

Authentication can be achieved programmatically using hooks either globally or locally. This allows to use any authentication method such as OAuth 2, token, basic, SAML, etc.

Note

Using authentication by global hooks requires the use of a main file.

The function under the global or local hook @requests.hooks.pre_request, accepts a httpx_args parameter. This is a dict that should match the [email protected] arguments, such as:

async with httpx.AsyncClient() as client:
    client.request(**httpx_args)

For more information on httpx authentication see docs. It's also possible to extend using a third party library or custom authentication.

Basic

from zapy.requests import hooks, HttpxArguments

@hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['auth'] = ('foo', 'bar')
@ctx.hooks.pre_request
async def on_global(httpx_args):
    httpx_args['auth'] = ('foo', 'bar')

Digest

from zapy.requests import hooks, HttpxArguments

auth = httpx.DigestAuth("my_user", "password123")

@hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['auth'] = auth
auth = httpx.DigestAuth("my_user", "password123")

@ctx.hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['auth'] = auth

Token

from zapy.requests import hooks, HttpxArguments

@hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['headers']['X-token'] = 'token123'
    # or
    httpx_args['params']['my_token'] = 'token123'
@ctx.hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['headers']['X-token'] = 'token123'
    # or
    httpx_args['params']['my_token'] = 'token123'

Session based

from zapy.requests import hooks, HttpxArguments

r = httpx.post('https://login', data={'user': 'foo': 'password': 'var'})

@hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['cookies'] = r.cookies
r = httpx.post('https://login', data={'user': 'foo': 'password': 'var'})

@ctx.hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['cookies'] = r.cookies

JSON Web Token (JWT)

from zapy.requests import hooks, HttpxArguments

r = httpx.post('https://example.com/signin', data={'user': 'foo': 'password': 'var'})

@hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['Authentication'] = f"Bearer {r.data}"
r = httpx.post('https://example.com/signin', data={'user': 'foo': 'password': 'var'})

@ctx.hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['Authentication'] = f"Bearer {r.data}"

OAuth 2

Example using httpx_auth

from zapy.requests import hooks, HttpxArguments
from httpx_auth import OAuth2AuthorizationCode

oauth = OAuth2AuthorizationCode('https://www.authorization.url', 'https://www.token.url')

@hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['auth'] = oauth
from httpx_auth import OAuth2AuthorizationCode

oauth = OAuth2AuthorizationCode('https://www.authorization.url', 'https://www.token.url')

@ctx.hooks.pre_request
async def on_global(httpx_args: HttpxArguments):
    httpx_args['auth'] = oauth

Multiple auth using Metadata Tags

Request metadata tags is a labeling technique used for identifying the categories of a request. By passing an additional parameter of type Metadata on a hook it can access the tags.

tags

For example:

from zapy.requests import hooks, HttpxArguments
from zapy.base import Metadata

@hooks.pre_request
async def on_global(httpx_args: HttpxArguments, metadata: Metadata):
    if 'basic_auth' in metadata.tags:
        httpx_args['auth'] = ('foo', 'bar')
    elif 'digest_auth' in metadata.tags:
        httpx_args['auth'] = httpx.DigestAuth("my_user", "password123")