Hi,
So I'm trying to integrate Python into River to do some testing. The only thing that makes it a bit tricky is that we have to handle XSRF/CSRF within Python and so I use the requests framework to make this easier for me.
I successfully get the X-CSRF-TOKEN and save it into local variable token. The guide then says that you pass it back in the headers. I tried it as a parameter too, and either mechanism works using Postman in Chrome.
Request execution failed due to missing or invalid XSRF token
Presumably I'm doing something wrong!
John
#! /usr/bin/python
import requests
import json
# First, get the X-CSRF-TOKEN
csrfurl='http://localhost:8000/sap/hana/rdl/odata/v1/project/subproject'
params= { 'X-CSRF-TOKEN': 'Fetch' }
auth= 'User','Password'
headers = {'Connection': 'keep-alive'}
r=requests.get(csrfurl,params=params, auth=auth, headers=headers)
params = { 'X-CSRF-TOKEN': r.headers['x-csrf-token'] }
token = r.headers['x-csrf-token']
print token
url='http://localhost:8000/sap/hana/rdl/odata/v1/project/subproject/entitu'
payload='{"customerId": 1, "firstName": "John", "lastName": "Appleby"}'
headers= {'Content-type': 'application/json;charset=utf-8', 'X-CSRF-TOKEN': token, 'Referer': csrfurl, 'Connection': 'keep-alive'}
r=requests.post(url, data=json.dumps(payload), headers=headers, auth=auth, params=params)
print headers
print r.url
print r.headers
print r.text