DevOpsCow/python_rest_kerberos.py Secret

## python_rest_kerberos.py
import json
import requests
import kerberos

# To generate the kerberos ticket to attach it to the headers
class KerberosTicket:
	def __init__(self, service):
		__, krb_context = kerberos.authGSSClientInit(service)
		kerberos.authGSSClientStep(krb_context, "")
		self._krb_context = krb_context
		self.auth_header = ("Negotiate "+kerberos.authGSSClientResponse(krb_context))
	def verify_response(self, auth_header):
		# Handle comma-separated lists of authentication fields
		for field in auth_header.split(","):
			kind, __, details = field.strip().partition(" ")
			if kind.lower() == "negotiate":
				auth_details = details.strip()
				break
		else:
			raise ValueError("Negotiate not found in %s" % auth_header)
		# Finish the Kerberos handshake
		krb_context = self._krb_context
		if krb_context is None:
			raise RuntimeError("Ticket already used for verification")
		self._krb_context = None
		kerberos.authGSSClientStep(krb_context, auth_details)
		kerberos.authGSSClientClean(krb_context)

# Build the kerberos ticket and build the headers
krbTicket = KerberosTicket("HTTP@MY_REST_API.COM")
dictHeaders = {"Authorization": krbTicket.auth_header, 'Accept': 'application/json', 'Content-Type': 'application/json'}
# make the request
strResourceBody = json.dumps({'test':'yes','beer':'always'})
strResourceURL = 'http://my_rest_api.com/endpoint'
responseResourcePost = requests.post(url=strResourceURL, verify=False, headers=dictHeaders, data=strResourceBody)
	import json
	import requests
	import kerberos

	# To generate the kerberos ticket to attach it to the headers
	class KerberosTicket:
	def __init__(self, service):
	__, krb_context = kerberos.authGSSClientInit(service)
	kerberos.authGSSClientStep(krb_context, "")
	self._krb_context = krb_context
	self.auth_header = ("Negotiate "+kerberos.authGSSClientResponse(krb_context))
	def verify_response(self, auth_header):
	# Handle comma-separated lists of authentication fields
	for field in auth_header.split(","):
	kind, __, details = field.strip().partition(" ")
	if kind.lower() == "negotiate":
	auth_details = details.strip()
	break
	else:
	raise ValueError("Negotiate not found in %s" % auth_header)
	# Finish the Kerberos handshake
	krb_context = self._krb_context
	if krb_context is None:
	raise RuntimeError("Ticket already used for verification")
	self._krb_context = None
	kerberos.authGSSClientStep(krb_context, auth_details)
	kerberos.authGSSClientClean(krb_context)

	# Build the kerberos ticket and build the headers
	krbTicket = KerberosTicket("HTTP@MY_REST_API.COM")
	dictHeaders = {"Authorization": krbTicket.auth_header, 'Accept': 'application/json', 'Content-Type': 'application/json'}
	# make the request
	strResourceBody = json.dumps({'test':'yes','beer':'always'})
	strResourceURL = 'http://my_rest_api.com/endpoint'
	responseResourcePost = requests.post(url=strResourceURL, verify=False, headers=dictHeaders, data=strResourceBody)