We first need an auth and a communication library in our virtualenv:

$pip install Authlib requests


The example below uses the shared demo environment running the latest beta version of the DeepHub® to fetch all zones:


from authlib.integrations.requests_client import OAuth2Session

# auth service variables
token_endpoint = 'https://dev.deephub.io/auth/realms/omlox/protocol/openid-connect/token'

# deephub service variables
deephub_base_url = 'https://dev.deephub.io/deephub'

# auth client application variables
client_id = 'deephub-xxx-client'
client_secret = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'

def get_from_hub_using_client_grant(api_endpoint: str) -> dict:
    #for client grant we need just client_id and client_secret, there is no explicit user context
    client = OAuth2Session(client_id, client_secret, scope='openid')
    token = client.fetch_token(url=token_endpoint, client_id=client_id, client_secret=client_secret)
    # debug here to see access_token, refresh_token, token expiry info etc. for auto-refreshing, which is missing here
    response = client.get(url=deephub_base_url+api_endpoint)
    if response.status_code == 200:
        return response.json()
    else:
        print("Response code: "+str(response.status_code))
        return {}

# get zones from deephub
print(get_from_hub_using_client_grant('/v1/zones'))


This then returns the simple list in stdout:


$ python get_zones.py

['b06e0ee9-6118-4005-88a7-2449694c35a0', 'c60284e0-bb95-408f-b8d8-258566197a9b', '35160b1d-d3ab-4652-82b8-d69aa5346a20', '024da0ce-1b7b-4cb1-91a1-46a32c26321c', '928d74a3-5030-4d64-a242-400a5f0761b2', '94f0b15d-a35c-447a-9ad5-cdef48420af3', '57de5db6-73fb-4fa5-a7e1-6d87421b45f0', '5258133d-30f8-4a32-aa2d-13deedc1dd89', 'eb938966-3fcf-462d-a000-9aa3ac5b8cc2', 'b6378dd2-5a5d-4694-b08e-dadc683daf96', '4e9233f3-0fca-4757-9d33-785a1619078a', 'b93c2e67-b21b-45a4-b5eb-ff21e23321e7', '3c0fbb84-9cf5-4fbb-810d-075967873eb7', '87ebd7cb-22d1-42e5-9112-a3dea1a6a801', '33f70e8b-c5a7-4505-b34e-3b2c098fdb55', '8dbbfef8-c34f-40d0-8a2e-5162ba0a2745', '62837326-86ba-4be1-be40-b3b2d077f008', '4a203bd7-fa05-4378-a884-c71470f2b0d4']


By default, an access_token is valid for 15 minutes. After that, you should use the refresh_token to fetch new, fresh access_tokens (both are packed in the token above). In this example, we open a new session with every script start, which is not so optimal and should be handled in the PROD version on the OAuth2Session.