Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Box Status

Looking for Python SDK Webhook (v2) Sample Code or Tutorial

Follow
New post
j12y

Goal: Create a webhook that allows me to process an uploaded file with an AWS Lambda function

 

I have been struggling with this project that feels like a basic use case and wondering if anybody can point me to a tutorial or sample code that explains how to set something like this up in an enterprise environment.

 

Every time I solve one problem I end up blocked with something else trying to find a workaround.

 

Progress:

 

  • SUCCESS: Created a Custom App with Python SDK to Authenticate
  • PROBLEM: Trying to search for files / folders that need webhook added
  • Create webhook on specific files / folders
  • Receive webhook on AWS Lambda

Custom App Authenticated

 

  • OAuth 2.0 with JWT
  • Application Access = Enterprise
  • Application Scopes = Read all Files and folders stored in Box, Read and write all files and folders stored in Box, Manage users, Manage webhooks, Manage enterprise properties, Enable integrations
  • Advanced Features = Perform Actions as Users
  • Approved = True
# Settings downloaded from box console
settings = "application_settings.json"
auth = boxsdk.JWTAuth.from_settings_file(settings)
client = boxsdk.Client(auth)

 

Current Issues:

I worked with my company's IT department and I have an authorized application that can generate tokens that don't expire after an hour.  I wrote a script previously that could find files/folders in order to create the webhook, but now that doesn't work because the app seems to run as a different user.  I've tried to then constrain my search to a shared link folder, or figure out how to find user id to run as them, changing various settings in the box console, etc. without success.

 

Example:

 

# Looking for folders that contain a webhook-config.json but finds no results
results = list(client.search().query('webhook-config.json'))

# Started inspecting from root, but nothing returned
root = client.folder('0').get()
for item in root.get_items():
  print(item)

# Oh, apparently I now run as "AutomationUser...@box" and not myself, that 
# must be why
user = client.user().get()  

# PATH 1
# Hmm, ok, can I use as_user to find files
# user = client.user(user_id=??   
# um, how do i get my user_id?  tried my email address and a lookup
user_client = client.as_user(user)

# PATH 2
# Ok, can't figure that out, let's try a shared link instead
link = 'http....'   # grabbed url from Box folder
root = client.get_shared_item(link)
results = list(client.search().query('webhook-config.json', ancestor_folders=root)
# ok, not the root object, not root.id, what is it to get this to work?

# now what should I try?  is there a door 3?

 

 

0

Comments

3 comments

Date Votes
  • j12y

    From another thread, it looks like I'm running into a similar issue:

     

     wrote:

    when you use JWT you don't authenticate as you, the managed user. Instead you are authenticate as a service account, which obviously does not have access to your files and folders.

     

    You can use the as-user header to access your own files and folders.

     

    https://developer.box.com/guides/authentication/jwt/as-user/

    I was confused by this as well.  Is the as-user header the only approach?  If Application Scopes include "Read and write all files and folders stored in Box" how can it query as the service account to find files / folders across the entire instance?

    0
    Comment actions Permalink
  • j12y

    I did figure out how to get user id for a specific user as mentioned in my problem description but that approach gets a 403 "The request requires higher privileges than provided by the access token."

     

     

     

        def get_user_id(self, login):
        """
        Looks up the user_id for a given user's login.  This
        can often be found in the user's account and can
        be useful for other methods that require a user_id as
        input.
        """
        users = self.client.users(filter_term=login)
        for user in users:
            if login == user.login:
                return user.id

        logging.warn("User with login {} not found".format(login))

user_id = self.get_user_id('***email address removed for privacy***')
user = self.client.user(user_id=user_id)
user_client = self.client.as_user(user)
results = user_client.search().query('foo')
print(results)
# FAILS: 403

     

     

    I should note, I do have "Perform Actions as Users" enabled for this custom app.

     

    0
    Comment actions Permalink
  • j12y

    I've found a workaround by sharing the folder with the ***email address removed for privacy*** which allows the custom app to read files in that folder hierarchy.  Is that the only way to search for files across an enterprise?

     

    I'm also trying to chase down the enterprise_scope variable to the search() function, not sure how to enable that and my ticket to support hasn't been looked at yet.

    0
    Comment actions Permalink

Please sign in to leave a comment.