# Team Members:
1. Devam Shah
2. Nishank Eshwar
3. Rithika M

Topic 1: Making a Simple GET Request ~ **NishankEshwar**  
<br> <ki br>
 Basic Explanation<br>
A GET request is the most basic type of HTTP request.
When you type a URL in your browser and press Enter, your browser is secretly sending a GET request to that server to fetch a resource ‚Äî usually an HTML page, JSON data, or an image.

In Python, we use the requests library to make this process effortless. Instead of manually handling sockets or headers, requests abstracts everything into one line of code.

In [None]:
import requests

# Step 1: Define the URL we want to access
url = "https://jsonplaceholder.typicode.com/posts/1"

# Step 2: Make a simple GET request
response = requests.get(url)

# Step 3: Print the status and response data
print("‚úÖ Status Code:", response.status_code)     # 200 means success
print("üìÑ Response Body:", response.text)         # Full response as text

# Step 4: JSON convenience
try:
    data = response.json()                        # Convert response to JSON dictionary
    print("\nüîë Title from JSON:", data['title'])
except ValueError:
    print("Response is not in JSON format.")


‚úÖ Status Code: 200
üìÑ Response Body: {
  "userId": 1,
  "id": 1,
  "title": "sunt aut facere repellat provident occaecati excepturi optio reprehenderit",
  "body": "quia et suscipit\nsuscipit recusandae consequuntur expedita et cum\nreprehenderit molestiae ut ut quas totam\nnostrum rerum est autem sunt rem eveniet architecto"
}

üîë Title from JSON: sunt aut facere repellat provident occaecati excepturi optio reprehenderit


Explanation of output:

status_code shows whether the request succeeded (200 = OK, 404 = Not Found, etc.).

response.text gives the raw data returned.

.json() automatically parses JSON into a Python dictionary (super handy when working with APIs).

Topic 2: Sending GET Requests with Parameters ~ **NishankEshwar**<br><br>
üîπ Basic Explanation

Sometimes, we don‚Äôt just fetch a resource ‚Äî we want to ask a question by attaching parameters (query strings).
Example: https://example.com/search?q=python&limit=10

The requests library lets us pass these parameters as a dictionary instead of manually adding ? and &. This makes the code more readable and less error-prone.

In [None]:
import requests

# Base URL for API
url = "https://jsonplaceholder.typicode.com/posts"

# Define query parameters (instead of typing ?userId=1&limit=5 in URL)
params = {
    "userId": 1   # Filter posts by user with ID 1
}

# Send GET request with parameters
response = requests.get(url, params=params)

print("üì° Final URL Sent:", response.url)     # Requests automatically attaches parameters
print("‚úÖ Status Code:", response.status_code)

# Parse JSON Response
posts = response.json()

print("\nüìù First Post:")
print("ID:", posts[0]["id"])
print("Title:", posts[0]["title"])


üì° Final URL Sent: https://jsonplaceholder.typicode.com/posts?userId=1
‚úÖ Status Code: 200

üìù First Post:
ID: 1
Title: sunt aut facere repellat provident occaecati excepturi optio reprehenderit


Explanation of output:

params is a dictionary that requests automatically converts to ?userId=1.

response.url shows the full URL that was actually sent (great for debugging).

The JSON response is a list of posts ‚Äî we extract the first one to demonstrate.

# Topic 3: HTTP Request Methods ~ Rithika

HTTP defines several request methods, each serving a specific purpose in web communication. Here are the most commonly used ones:

GET Request:

Used to retrieve data from a server.
Example: Fetching a webpage or API data.
No body is sent with the request.


In [None]:
import requests

response = requests.get('https://api.example.com/data')
print(response.status_code)  # HTTP status code
print(response.json())       # JSON response (if applicable)


POST Request:

Used to send data to a server to create or update resources.
Example: Submitting a form or uploading a file.
Data is sent in the body of the request.

In [None]:
data = {'key': 'value'}
response = requests.post('https://api.example.com/data', json=data)
print(response.status_code)
print(response.text)  # Response body as text


PUT Request:

Used to update or create a resource on the server.
Example: Updating user details in a database.


In [None]:
data = {'name': 'Updated Name'}
response = requests.put('https://api.example.com/resource/1', json=data)
print(response.status_code)


DELETE Request:

Used to delete a resource on the server.
Example: Removing a user account.


In [None]:
response = requests.delete('https://api.example.com/resource/1')
print(response.status_code)


HEAD Request:

Similar to GET but only retrieves the headers, not the body.
Useful for checking if a resource exists.


In [None]:
headers = {'Authorization': 'Bearer YOUR_TOKEN'}
response = requests.get('https://api.example.com/secure-data', headers=headers)
print(response.status_code)



# Topic 4: Response Objects ~ Rithika

The Response object contains all the information returned by the server, such as status codes, headers, and the response body. It is created when you make a request using methods like requests.get(), requests.post(), etc.

Example:

In [None]:
import requests

response = requests.get('https://api.example.com/data')
print(response)  # <Response [200]>


# Topic 5: Response Methods ~Rithika

Commonly Used Response Methods:

a. response.status_code

Returns the HTTP status code of the response.

Example

In [None]:
if response.status_code == 200:
    print("Request was successful!")


b. response.ok

Returns True if the status code is less than 400, indicating success.

Example

In [None]:
if response.ok:
    print("The request was processed successfully.")


c. response.text

Returns the response content as a string (decoded from bytes).

Example

In [None]:
print(response.text)


d. response.json()

Parses the response body as JSON and returns a Python dictionary.

Example:

In [None]:
data = response.json()
print(data['key'])


e. response.content

Returns the raw response content as bytes.

Example

In [None]:
with open('image.jpg', 'wb') as file:
    file.write(response.content)


f. response.headers

Returns the response headers as a dictionary.

Example

In [None]:
print(response.headers['Content-Type'])


g. response.url

Returns the final URL after any redirections.

Example

In [None]:
print(response.url)


h. response.raise_for_status()

Raises an exception if the HTTP request returned an unsuccessful status code.

Example

In [None]:
try:
    response.raise_for_status()
except requests.exceptions.HTTPError as e:
    print(f"HTTP error occurred: {e}")


Topic 6: POST Request ~ **NishankEshwar**<br><br>
üîπ Basic Explanation

While GET requests ask a server for information, POST requests send data to the server.

Common examples of POST:

Submitting a form on a website.

Sending login details (username + password).

Uploading a file or JSON payload.

With requests, we can send form data or JSON seamlessly.

In [None]:
import requests

# URL for fake API testing (accepts POST)
url = "https://jsonplaceholder.typicode.com/posts"

# Example data we want to send (like form data or JSON)
new_post = {
    "userId": 101,
    "title": "Next-Level Learning",
    "body": "This is a demo POST request created in Python."
}

# Send POST request with JSON data
response = requests.post(url, json=new_post)

print("‚úÖ Status Code:", response.status_code)   # 201 = Created
print("üì° Sent Data:", new_post)
print("üìÑ Response:", response.json())


Explanation of output:

json=new_post automatically converts the dictionary into JSON.

A successful POST often returns 201 Created.

The response usually contains the new object that was created, sometimes with a server-generated ID.

# Topic 7: Authentication ~Devam

Authentication is how a client (you) proves its identity to a server. Many APIs and websites are not public, so you need to authenticate. There are several types of authentication:

  1. Basic Authentication:
  
      a. The simplest method. You provide a username and password.

      b. Credentials are encoded (base64) and sent with each request.

      c. Suitable for quick testing or internal APIs.




In [None]:
#All Imports
import os
import requests
from requests.auth import HTTPBasicAuth, HTTPDigestAuth
from requests.exceptions import RequestException, SSLError, HTTPError, ConnectionError, Timeout, RequestException
import certifi
import urllib3
from requests.adapters import HTTPAdapter
from urllib3.util.retry import Retry
import time

In [None]:
print("=== Basic Authentication ===")
basic_url = "https://httpbin.org/basic-auth/devam/1234"
response = requests.get(basic_url, auth=HTTPBasicAuth("devam", "1234"))
print("Status Code:", response.status_code)
print("Response JSON:", response.json() if response.ok else response.text)

2. Digest Authentication:

      More secure than Basic. Password is never sent directly; instead, a hashed challenge-response mechanism is used.


In [None]:
print("\n=== Digest Authentication ===")
digest_url = "https://httpbin.org/digest-auth/auth/devam/1234"
try:
    response = requests.get(digest_url, auth=HTTPDigestAuth("devam", "1234"))
    print("Status Code:", response.status_code)
    print("Response JSON:", response.json())
except RequestException as e:
    print("Digest Auth Error:", e)

3. Token / Bearer Authentication:

      a. Instead of sending username/password repeatedly, you send a token in the HTTP header (Authorization: Bearer <token>).
      
      b. Common for API access keys.

In [None]:
import requests
print("\n=== Bearer Token Authentication ===")
token = "my-demo-token"
headers = {"Authorization": f"Bearer {token}"}
bearer_url = "https://httpbin.org/bearer"
response = requests.get(bearer_url, headers=headers)
print("Status Code:", response.status_code)
print("Response JSON:", response.json())

4. OAuth 1.0 / 2.0:

    a.  Used when you want a third-party app to access a resource on your behalf (like Google/Facebook login).

    b. OAuth 2.0 is widely used for web/mobile applications.


In [None]:
print("\n=== OAuth1 Skeleton ===")
try:
    from requests_oauthlib import OAuth1
    import os
    # Set default environment variables with random placeholder values ####################remember to set environmental variables#############################
    CONSUMER_KEY = os.environ.get("OAUTH_CONSUMER_KEY")
    CONSUMER_SECRET = os.environ.get("OAUTH_CONSUMER_SECRET")
    TOKEN = os.environ.get("OAUTH_TOKEN")
    TOKEN_SECRET = os.environ.get("OAUTH_TOKEN_SECRET")

    if all([CONSUMER_KEY, CONSUMER_SECRET, TOKEN, TOKEN_SECRET]):
        auth = OAuth1(CONSUMER_KEY, CONSUMER_SECRET, TOKEN, TOKEN_SECRET)
        url = "https://httpbin.org/get"  # Use httpbin instead
        try:
            r = requests.get(url, auth=auth, timeout=10)
            print("OAuth1 request status:", r.status_code)
            print("Note: Using placeholder credentials")
            if r.status_code == 200:
                try:
                    print("Response:", r.json())
                except requests.exceptions.JSONDecodeError:
                    print("Response (text):", r.text[:200])
        except Exception as e:
            print(f"OAuth1 request failed: {e}")
    else:
        print("OAuth credentials not set in environment variables")
except ImportError:
    print("Install requests-oauthlib to try OAuth1: pip install requests-oauthlib")


**Best Practices:**

1. Never hardcode credentials in code; use environment variables.

2. Sessions can store authentication info to avoid sending credentials repeatedly.

3. Use HTTPS for all authenticated requests.

# Topic 8: SSL Verification ~ Devam

SSL (Secure Sockets Layer) ensures secure communication over the internet (HTTPS). SSL certificates:
1. Verify that a server is who it claims to be.

2. Encrypt data in transit so attackers cannot read it.


SSL verification in Python requests:

1. Default behavior: verify=True checks the server certificate against trusted CAs.


In [None]:
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
try:
    response = requests.get("https://httpbin.org/get", timeout=5)
    print("Verified request status:", response.status_code)
except SSLError as e:
    print("SSL verification failed:", e)

2. Skip verification: verify=False disables certificate validation (unsafe, for testing only).

In [None]:
response_insecure = requests.get("https://expired.badssl.com/", verify=False)
print("Skipped SSL verification status:", response_insecure.status_code)

3. Custom CA: verify='/path/to/ca.pem' allows using your organization‚Äôs trusted CA.


In [None]:
response_ca = requests.get("https://httpbin.org/get", verify=certifi.where())
print("Custom CA bundle request status:", response_ca.status_code)

4. Client certificates: Some servers require client certificates (cert=(cert_file, key_file)) for mutual TLS authentication.

In [None]:
############################################################need to set evironment variables######################################
client_cert = os.environ.get("CLIENT_CERTI")
client_key = os.environ.get("CLIENT_KEY1")
if client_cert and client_key:
    try:
        r = requests.get("https://example-secure-server.local/", cert=(client_cert, client_key))
        print("Client cert request status:", r.status_code)
    except RequestException as e:
        print("Client cert request failed:", e)
else:
    print("Client cert/key not set; skipping mutual TLS demo")

Best Practices:

1. Always use verify=True in production.

2. Never skip SSL in production code.

3. Use custom CA only if working in internal networks.

4. Handle SSL errors using try/except.

# Topic 9: Session Objects ~ Devam

A Session in requests lets you persist certain parameters across multiple requests:

1. Cookies (stay logged in).

In [None]:
# 1) Cookie persistence
with requests.Session() as s:
    s.get("https://httpbin.org/cookies/set/sessioncookie/abc123")
    r = s.get("https://httpbin.org/cookies")
    print("Cookies:", r.json())

# 2) Default headers, params, auth


# 3) Retry strategy


# 4) Performance comparison


2. Headers, auth credentials, default query params.

In [None]:
s = requests.Session()
s.headers.update({"User-Agent": "MySessionAgent/2.0"})
s.params.update({"default_param": "demo"})
s.auth = ("devam", "1234")
r = s.get("https://httpbin.org/get", params={"extra": "value"})
print("Headers:", r.json()["headers"].get("User-Agent"))
print("Params merged:", r.json()["args"])

3. Retry strategies using HTTPAdapter.

In [None]:
retry_strategy = Retry(total=3, backoff_factor=0.5,
                       status_forcelist=[429,500,502,503,504],
                       allowed_methods=["HEAD","GET","OPTIONS"])
adapter = HTTPAdapter(max_retries=retry_strategy)
s.mount("https://", adapter)
s.mount("http://", adapter)

Performace Comparison





In [None]:
def measure_requests(sessioned=False, n=5):
    t0 = time.perf_counter()
    if sessioned:
        with requests.Session() as ss:
            for _ in range(n):
                ss.get("https://httpbin.org/get")
    else:
        for _ in range(n):
            requests.get("https://httpbin.org/get")
    return time.perf_counter()-t0

print("Time without session:", measure_requests(False))
print("Time with session:", measure_requests(True))

s.close()

Benefits:

1. Reduces repetitive code (headers, auth, params).

2. Improves performance with connection reuse.

3. Supports advanced features (adapters, retries).
<br>

Best Practices:

1. Use with requests.Session() to auto-close.

2. Mount adapters for retries/backoff.

3. Avoid sharing sessions across threads unless properly managed.

# Topic 10: Error Handling ~Devam

Network requests can fail. Common errors:

1. HTTPError: 4xx/5xx response from server.

2. ConnectionError: Server unreachable.

3. Timeout: Server takes too long.

4. SSLError: SSL certificate issues.

5. RequestException: Catch-all for other problems.

**Error handling Methods: **

1. Basic try/except:

    a. Makes a single HTTP GET request with a 5-second timeout.

    b. r.raise_for_status() raises an HTTPError if the status code is 4xx or 5xx.

    c. Handles different exceptions individually:

        i. HTTPError ‚Üí server/client returned error response.

        ii. ConnectionError ‚Üí network issues.

        iii. Timeout ‚Üí request took too long.

        iv. RequestException ‚Üí any other requests-related exception.

        v. Prints a message based on what happened.

In [None]:
# 1) Basic try/except
try:
    r = requests.get("https://httpbin.org/status/200", timeout=5)
    r.raise_for_status()
    print("Request OK:", r.status_code)
except HTTPError as he:
    print("HTTP error:", he)
except ConnectionError as ce:
    print("Connection error:", ce)
except Timeout as te:
    print("Timeout:", te)
except RequestException as e:
    print("Other request exception:", e)

2. Manual retry with backoff

In [None]:
def get_with_retry(url, retries=3, backoff_factor=0.5):
    attempt = 0
    while attempt <= retries:
        try:
            r = requests.get(url, timeout=5)
            r.raise_for_status()
            return r
        except (ConnectionError, Timeout) as e:
            wait = backoff_factor * (2**attempt)
            print(f"Attempt {attempt} failed ({e}). Backing off {wait:.1f}s")
            time.sleep(wait)
            attempt += 1
        except HTTPError as he:
            print("HTTP error (won‚Äôt retry):", he)
            raise
    raise RequestException("Failed after retries")

try:
    r = get_with_retry("https://httpbin.org/status/503", retries=2)
    print("Final response:", r.status_code)
except RequestException as e:
    print("Final failure:", e)

3. Using HTTPAdapter + Retry in requests.Session

In [None]:
s = requests.Session()
retry_strategy = Retry(total=3, backoff_factor=0.5,
                       status_forcelist=[429,500,502,503,504],
                       allowed_methods=["GET","POST","OPTIONS"])
s.mount("https://", HTTPAdapter(max_retries=retry_strategy))
try:
    r = s.get("https://httpbin.org/status/503")
    print("Adapter retry status:", r.status_code)
except RequestException as e:
    print("Adapter retry failed:", e)
finally:
    s.close()


Best Practices:

1. Use response.raise_for_status() to detect HTTP errors.

2. Use try/except for specific exceptions.

3. Combine with retry strategies for transient errors.