Example of getting mastodon access token with authorization_code

Introduction

This is an article about getting the access token required to use the mastodon API.

There are various ways to get an access token with oauth2 depending on grant_type, but I often see articles. Is an example in Python to get with grant_type =" authorization_code " because there were many things with grant_type =" password ".

environment

Execution result

$ python mastodon_auth_example.py 
client id:     XXXXXXXXXX...
client secret: YYYYYYYYYY...
open browser  https://mstdn.jp/oauth/authorize?scope=read+write+follow&client_id=XXXXXXXXXXXXXXXXX&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&response_type=code
input code > ZZZZZZZZZ....
access token : ****************************************************************

Commentary

Get client ID

Get a client ID to register as an authenticated app. On Twitter, operations like those registered with MyApps on dev.twitter.com. Since mastodon does not have a web interface, it is acquired by REST API.

You will get the client_id and client_secret.

res = requests.post('https://mstdn.jp/api/v1/apps',
                    dict(client_name=CLIENT_NAME,
                         redirect_uris="urn:ietf:wg:oauth:2.0:oob",
                         scopes="read write follow")).json()

return res["client_id"], res["client_secret"]

redirect_uris should actually use this uri to display on the console without redirecting. scope is the permission that this app requires from the user. You should request only the permissions that your app requires.

Since the client ID is issued for each application, in the example, it is saved in a file and reused.

Create URL for authorization approval

Generate a URL for authorization approval using the client ID. The user opens it in a browser, confirms and approves the permissions required by the app (after logging in if necessary).

After approval, it is a flow to redirect to the URL requested by the application and receive the authentication code on the application side, but in order to accept the redirect ** It must be accessible via https with the server program ** (Web service is like that) Should be made to Here, the authentication code is displayed on the browser and the user can copy and paste it. Desktop clients that are not browsers take this format.

An authentication code can be obtained by the user approving it on the browser.

params = urlencode(dict(
    client_id=client_id,
    response_type="code",
    redirect_uri="urn:ietf:wg:oauth:2.0:oob",   #Code display on the browser
    scope=SCOPE
))
return 'https://mstdn.jp/oauth/authorize?'+params

Obtaining an access token

Issue an access token using the authentication code, client_id, and client_secret.

res = requests.post('https://mstdn.jp/oauth/token', dict(
    grant_type="authorization_code",
    redirect_uri="urn:ietf:wg:oauth:2.0:oob",
    client_id=client_id,
    client_secret=client_secret,
    code=code
)).json()
return res["access_token"]

Since the access token is obtained, use it in the Authorization header of the API.

Source code

https://github.com/civic/mastodon-auth-example

reference

Recommended Posts

Example of getting mastodon access token with authorization_code
Getting Started with Python Basics of Python
Example of efficient data processing with PANDAS
Example of reading and writing CSV with Python
Example of pytest environment to fix database with Docker