# Web

This page explores the concepts behind various Python packages related to the web.

## Requests

The [Requests](https://requests.readthedocs.io/en/latest/) package provides a more convenient interfaces for `urllib3`. This package hides a lot of ConnectionPool management inside it, which makes it easier to understand, but reduces the flexibility.

Check more detailed explanation in the [Requests](web/requests.ipynb) page.

---

The following cell shows how to make a GET request to google.com in just two lines of code, including the import.

In [2]:
import requests
requests.get("https://google.com")

<Response [200]>


## urllib3

The `urllib3` is a package for implementing network communication.

For more information:

- Check the official [website](https://urllib3.readthedocs.io/en/stable/index.html).
- Chekc [special page](web/urllib3.ipynb).

---

The following cell shows how to make a request to the `http://google.com` using `urllib3`.

In [1]:
import urllib3
pool_manager = urllib3.PoolManager()
resp = pool_manager.request("GET", "http://google.com")
resp.status

200

## Authlib

[Authlib](https://docs.authlib.org/en/stable/index.html) is the package that implement OAuth and OpenID protocols in python.

---

The following cell show how to obtain the Bearer token with OAuth2.

**Note.** You must run the keycloak, which plays the role of OAuth2 provider.

In [16]:
from authlib.integrations.requests_client import OAuth2Session
client = OAuth2Session(client_id="admin-cli")
token = client.fetch_token(
    "http://localhost:8080/realms/master/protocol/openid-connect/token",
    username="admin",
    password="admin",
    grant_type="password",
)
token

{'access_token': 'eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJscV9OdmVDaUFpanByYTU4YXR2QklCZzM5NVgtb0MyMFo1aW5kN2Z4ZUtVIn0.eyJleHAiOjE3NzE2MDMzMDAsImlhdCI6MTc3MTYwMzI0MCwianRpIjoib25sdHJvOjQzNjIyY2I3LTc2MjktZTZkZC03ZTA4LTM3MjJiMTdiZDdlZCIsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9yZWFsbXMvbWFzdGVyIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiYWRtaW4tY2xpIiwic2lkIjoiZmI1Yzk5NDMtY2EyMS0wMmE0LWEyMzUtZmExZDExZWUzZjc0Iiwic2NvcGUiOiJlbWFpbCBwcm9maWxlIn0.ACADi6KR_i8wnG2ChVwIWQ64Y5G_6gGF3jrNEV-yI43BeUhF-4MDXwgAiNi6uX3a5ctlQ0q-vczsJvbboSPBQlaa0CuJt_i75ZM2HztzKWjLG3asabPeSUXV3cvONv7ci8JsSjwOS53XneRXIg159qZIv47aKYfR94qp9MmKXb03DJiRXOkIcpsSA9qdgbCiz7e-5UcoA6BbrafyW80WJFGM97UqVuERg4RrprC5QDh9dmFljZKNbCunuglN5l5IsXS3AYw2whJob_ymKvJUJEtKNQEt251GfX18X7MgovWYVp-u6bisKxk7_SWhKsc5RLusU2XM8Kj_6EKIluxJnw',
 'expires_in': 60,
 'refresh_expires_in': 30,
 'refresh_token': 'eyJhbGciOiJIUzUxMiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5YjBjODRkOC0zM2JmLTQwNjMtOTRkNS05Y2IyZTk2MjhmYzQifQ.eyJleHAiOjE3NzE2MDMyNzAsImlhdCI6MTc3MTYwMzI0M

### Removed session

Consider what happens when a session is removed and the application attempts to refresh the token. Typicallyk, OAuth returns the 400 error.

---

The following cell requests the token that creates a new Keycloak sesion.

In [35]:
from authlib.integrations.requests_client import OAuth2Session
client = OAuth2Session(client_id="admin-cli")
token = client.fetch_token(
    "http://localhost:8080/realms/master/protocol/openid-connect/token",
    username="admin",
    password="admin",
    grant_type="password",
)

The text code removes the session, emitating that session was accidentally dropped.

In [36]:
access_token = token["access_token"]
session_state = token["session_state"]

!curl -X DELETE  \
     -H "Authorization: Bearer $access_token" \
     "http://localhost:8080/admin/realms/master/sessions/$session_state"

Requesting a token refresh results in `OAuthError` with the relevant description.

In [39]:
try:
    client.fetch_token(
        "http://localhost:8080/realms/master/protocol/openid-connect/token",
        grant_type="refresh_token",
        refresh_token=token["refresh_token"]
    )
except Exception as e:
    print(type(e))
    print(e)

<class 'authlib.integrations.base_client.errors.OAuthError'>
invalid_grant: Session not active
