Page MenuHomePhabricator
Paste P82669

oauth1-rsa.py
ActivePublic
Actions

Authored by Tgr on Sep 6 2025, 4:39 PM.
Tags
None
Referenced Files
F65974572: oauth1-rsa.py
Sep 6 2025, 4:39 PM
Subscribers
None
#!/usr/bin/env python
import requests, logging, jwt
from requests_oauthlib import OAuth1, OAuth1Session
#logging.basicConfig(level=logging.DEBUG)
consumer_key = '...'
redirect_uri = 'https://example.org/oauth' # or 'oob' if "use callback as prefix" option is not checked
# openssl genrsa -out oauth1-rsa.pem 2048
# openssl rsa -in oauth1-rsa.pem -outform PEM -pubout
rsa_key = open('oauth1-rsa.pem').read()
request_token_url = 'https://test.wikipedia.org/w/index.php?title=Special:OAuth/initiate'
authorize_url = 'https://test.wikipedia.org/wiki/Special:OAuth/authorize'
access_token_url = 'https://test.wikipedia.org/w/index.php?title=Special:OAuth/token'
api_url = 'https://en.wikipedia.org/w/api.php'
data = {'action': 'query', 'format': 'json', 'meta': 'userinfo', 'assert': 'user'}
callback = {'oauth_callback': redirect_uri}
headers = {'User-Agent': 'OAuth testing (T403487)'}
headers['X-Wikimedia-Debug'] = 'backend=k8s-mwdebug-next'
session = OAuth1Session(consumer_key, signature_method='RSA-SHA1', rsa_key=rsa_key, signature_type='auth_header')
session.fetch_request_token(request_token_url, headers=headers, params=callback)
print(session.authorization_url(authorize_url))
redirect_response = input('Paste the full redirect URL here.\n')
session.parse_authorization_response(redirect_response)
session.fetch_access_token(access_token_url, headers=headers)
r = session.post(url=api_url, data=data, headers=headers)
print(r.text)
print(r.headers['X-Powered-By'])
r = session.post(url=identify_url, headers=headers)
print(jwt.decode(r.content, options={"verify_signature": False}))
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits