# Minimal example to access protected resources

This sample shows how to access a protected resource using the *lazy*
``get_accesstoken()`` method, which takes care of everything, i.e.:

- Starting initial login flow (give first access token and refresh token)
- Holding the token information in memory, only running OAuth requests when
  really needed, otherwise you will get a cached token. This enables you to
  carelessly use this method for every request.
- Renewing access_token when close to expiration or already expired using
  refresh token if possible. If this fails it will even start a new session


said simple: *it will take care of everything possible to give you the access token*

## Import and Setup of OASH

In [1]:
# imports
import os
import oauthlib_sessionhandler

In [2]:
# create the OASH object
oash = oauthlib_sessionhandler.OAuthLibSessionHandler(
    wellknown_url=os.getenv('OASH_OIDCCONFIG_URL'),
    client_id='oash-testclient',
    username=os.getenv('OASH_USERNAME'),
    password=os.getenv('OASH_PASSWORD'),
)

## Using get_accesstoken()

Use the OASH ``get_accesstoken()`` method to get a valid access token for your
subsequent requests to protected resources. This method will take care of
initial auth, in memory caching as well as token refresh when needed. You can
simply be lazy and call ``get_accesstoken()`` every time you are requesting some
protected stuff.


In [3]:
import requests
import json

# send a sample request to httpbin.org
with requests.get("https://httpbin.org/get", headers={
    'Authorization': f"Bearer {oash.get_accesstoken()}" ,
    "Accept": "application/json",
}) as response:
    data = response.json()
    print (f"got http resonse {response.status_code}")
    # hide my IP ;-)
    data["origin"] = "you.will.never.know"
    print (json.dumps(data, indent=2))


got http resonse 200
{
  "args": {},
  "headers": {
    "Accept": "application/json",
    "Accept-Encoding": "gzip, deflate",
    "Authorization": "Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJDWDg4NXNwTS16VW1IT2JGR1NfTkNYMzFBTXJmS2I0VkRZQXdtSVJTU3BrIn0.eyJleHAiOjE2ODEzMTQ1NjQsImlhdCI6MTY4MTMxNDI2NCwianRpIjoiZTFjODE4YmQtYTgyMC00NWU2LWE0NjMtYTBhNGM0ZDJlZGM0IiwiaXNzIjoiaHR0cHM6Ly9hdXRoLXRlc3QubWh4LmF0L2F1dGgvcmVhbG1zL21oeCIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiIwYzk3NGEwYy1kMTE1LTQwNzktYWI4MS0wOGZiYWRmZjRlZjkiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJvYXNoLXRlc3RjbGllbnQiLCJzZXNzaW9uX3N0YXRlIjoiNGRhNzNjYTAtNjI1Yi00ZjhhLTliNmMtNzIwMjI3MjdhMDU2IiwiYWNyIjoiMSIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJwcm9maWxlIGVtYWlsIiwic2lkIjoiNGRhNzNjYTAtNjI1Yi00ZjhhLTliNmMtNzIwMjI3MjdhMDU2IiwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJwc

Beeing a good boy and logout after doing all request would be nice

In [4]:
oash.logout()

True