How to make a HTTP Basic Authentication post request where password is generated by TOTP in Python?

The task is to make a HTTP post request to url sending a json string data over, url is protected by HTTP Basic Authentication, I need to provide an Authorization: field in header, and emailAdd is the userid of Basic Authentication, password is generated by TOTP, where digits is 10-digit, time step is 30s, T0 is 0, hash function uses sha512, and shared secret is emailAdd + "ABCD".

My code is like:

import requests, base64, json
from passlib.totp import TOTP
from requests.auth import HTTPBasicAuth


totp = TOTP(key = base64.b32encode(shared_secret.encode()), digits = 10, alg = "sha512")
password = totp.generate().token

r = requests.Session()
auth = base64.b64encode((''.join(userid) + ':' + ''.join(password)).encode())
r.headers.update({"Content-Type": "application/json"})      #this is task required
r.headers.update({"Authorization": "Basic " + auth.decode()})

res = r.post(url, data = json.dumps(data), auth = HTTPBasicAuth(userid, password))
print(res.status_code)
print(res.content)

But I failed authentication, I think the password should be correct, and there is something wrong with post request, can anyone please tell me what the problem is? Also, I'm in a different time zone from the server, does it make any difference on TOTP generated password? And I'm running python on windows, if that matters.

Thanks

0 Comment

NO COMMENTS

LEAVE A REPLY

Captcha image