(Problem) authenticate in python script with openstack X-Auth-Token

Question

I try to create a script to monitor openstack, for this I create a token with the example of the documentation :

https://docs.openstack.org/api-quick-start/api-quick-start.html#openstack-api-quick-guide

$ curl -v -s -X POST $OS_AUTH_URL/auth/tokens?nocatalog   -H "Content-Type: application/json"   -d '{ "auth": { "identity": { "methods": ["password"],"password": {"user": {"domain": {"name": "'"$OS_USER_DOMAIN_NAME"'"},"name": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"} } }, "scope": { "project": { "domain": { "name": "'"$OS_PROJECT_DOMAIN_NAME"'" }, "name":  "'"$OS_PROJECT_NAME"'" } } }}' \
| python -m json.tool

it creates it for me without problems and if I make calls with curl it returns the data through terminal

for example with:
$ curl -s -H "X-Auth-Token: $OS_TOKEN" \
  $OS_COMPUTE_API/flavors \
  | python -m json.tool

what I want is to put the token that I have generated by arguments and return me the data, the problem seems to be that I do not detect the token, because it does not give me connection problems in the request, just does not authenticate me and does not load the correct json, so I have the code

parser = argparse.ArgumentParser(description= info, formatter_class=argparse.RawTextHelpFormatter)
parser.add_argument('-t', '--token', help='openstack api token', required=True)
args = parser.parse_args()

user_token = args.token
headers = {
    'Content-Type': 'application/json',
    'Authorization':'X-Auth-Token ' +  user_token
}

# request url
req = {
    "flavors": "http://myip/v2.1/flavors",
    "images": "http://myip/v2.1/7d8fed2119e04ee79e15b5a2fac2f5da/images "
}
# get account data
try:
    result = requests.get(req["images"], headers=headers)
    result_data = json.loads(result.content)
except Exception as e :
    print('0')
    sys.exit("\nError requesting %s, please check conectivity" %(req["images"],))

if 'errors' in result_data :
    print('0')
    sys.exit(F'Error token, please check token: {result_data}')

clean_agent()
agent.update(
    agent_name = "Openstack_images_%s" ,
    agent_alias = "Openstack_images %s" ,
    description = "ID " 
)

clean_module()
modulo.update(
    name = "Openstack_image disk:",
    desc = "Openstack image is  %s " %str(result_data['images']['minDisk'] ),
    value = str(result_data['images']['minDisk']),
)

returns to me :

Traceback (most recent call last): File "openstack.py", line 243, in desc = "Openstack image is %s " %str(result_data['images']['minDisk'] ), KeyError: 'images'

I know it is authentication because if you go into the endpoint without authenticating you get this json: {"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}

and I have tried changing "images" in modules to "error" and I get this Traceback (most recent call last): File "openstack.py", line 243, in desc = "Openstack image is %s " %str(result_data['error']['minDisk'] ), KeyError: 'minDisk'

so the error must be when authenticating, I run the script with: python3 openstack.py -t

I don't know if someone can help me, I don't know if I have the header wrong or if it could be something else.

Answer 1

Please make sure you are generating token with same user for which you are specifying the other resources. Following is a Sample Code for generating Token,

url = [Your Cloud Machine IP Goes here]

def gettokenForUser(username,password):

    payload1 = {
    "auth": {
        "identity": {
            "methods": [
                "password"
            ],
            "password": {
                "user": {
                    "name": username,
                    "domain": {
                        "name": "Default"
                    },
                    "password": password
                }
            }
        }
    }
    }

    response = requests.post('http://'+url+':5000/v3/auth/tokens',
                    headers={'content-type': 'application/json'},
                    data=json.dumps(payload1))

    return response.headers['X-Subject-Token']