I need to connect to an API which is secured with MTLS and OAuth2. Testing the API in Postman, it is very easy to configure the certificates and to make the request. It works.
I want now to do it in make. I have the following data:
-a public key in a PEM file
-a private key in a KEY file
-a CRT public Key
-a client ID
-a client secret
I have tried the basic authentication and the oAuth2 in the http module, but with no success.
My workaround is the following: I’m using Pipedream to do the transactions with MTLS (i only have a few), and I call their webhook from Make.
I’m using basic Python code. If you’re using the free version of Pipedream, you can’t use directly the certificates because you don’t have access to files, so here is my code to use certificates as string (check if it is compatible with your level of security).
Marc
import requests
from requests.auth import HTTPBasicAuth
import tempfile
import os
# Configurable Constants
#Note it is important to have you certificate in one line with \n
PUBLIC_KEY_CERT ="-----BEGIN CERTIFICATE-----\n\n-----END CERTIFICATE-----"
CA_PUBLIC_KEY ="-----BEGIN CERTIFICATE-----\n\n-----END CERTIFICATE-----"
PRIVATE_KEY ="-----BEGIN CERTIFICATE-----\n\n-----END CERTIFICATE-----"
BASE_URL = "Your URL"
ENDPOINT = "/api/v2/transactions"
TOKEN_URL = "/oauth/token"
CLIENT_ID = ""
CLIENT_SECRET = ""
def create_temp_files():
"""
Crée des fichiers temporaires pour stocker les certificats et les clés.
Retourne les chemins des fichiers temporaires.
"""
with tempfile.NamedTemporaryFile(mode="w", delete=False) as public_key_file, \
tempfile.NamedTemporaryFile(mode="w", delete=False) as private_key_file, \
tempfile.NamedTemporaryFile(mode="w", delete=False) as ca_cert_file:
public_key_file.write(PUBLIC_KEY_CERT)
private_key_file.write(PRIVATE_KEY)
ca_cert_file.write(CA_PUBLIC_KEY)
public_key_file.close()
private_key_file.close()
ca_cert_file.close()
return public_key_file.name, private_key_file.name, ca_cert_file.name
def delete_temp_files(file_paths):
"""
Supprime les fichiers temporaires à partir de leurs chemins.
"""
for file_path in file_paths:
try:
os.remove(file_path)
except:
pass
def get_access_token():
try:
# Créer des fichiers temporaires pour stocker les certificats
public_key_file_path, private_key_file_path, ca_cert_file_path = create_temp_files()
auth = HTTPBasicAuth(CLIENT_ID, CLIENT_SECRET)
response = requests.post(
f"{BASE_URL}{TOKEN_URL}",
auth=auth,
cert=(public_key_file_path, private_key_file_path),
verify=ca_cert_file_path
)
response.raise_for_status() # Raises an HTTPError for bad responses
token = response.json().get('access_token')
print(token)
return token
except Exception as e:
print(f"Error fetching access token: {e}")
return None
finally:
# Supprimer les fichiers temporaires
delete_temp_files([public_key_file_path, private_key_file_path, ca_cert_file_path])
def get_api_data(access_token):
try:
# Créer des fichiers temporaires pour stocker les certificats
public_key_file_path, private_key_file_path, ca_cert_file_path = create_temp_files()
headers = {'Authorization': f'Bearer {access_token}'}
parameters={'operationDateRangeStart':'2024-03-01','operationDateRangeEnd':'2024-04-10'}
response = requests.get(
f"{BASE_URL}{ENDPOINT}",
headers=headers,
cert=(public_key_file_path, private_key_file_path),
verify=ca_cert_file_path
)
response.raise_for_status() # Raises an HTTPError for bad responses
if response.status_code == 200:
data = response.json()
print("API Response:", data)
else:
print("Failed to fetch data. Status code:", response.status_code)
except requests.exceptions.RequestException as e:
print(f"Error fetching API data: {e}")
# Utilisation de la fonction get_access_token()
access_token = get_access_token()
get_api_data(access_token)