You can use headers to do authentication :
import urllib2, base64 request = urllib2.Request(URL) base64string = base64.encodestring('%s:%s' % (KEY, PASSWORD)).replace('\n', '') request.add_header("Authorization", "Basic %s" % base64string) result = urllib2.urlopen(request)
Hope that will help you :)
The Python Libraries urllib2 and httplib2 both first send an unauthenticated request and if this is answered with a 401 response the libs retry with the correct credentials. I’m not sure why this design was chosen, but it may make sense if you use the same “HTTP-Object” to connect to many different hosts/realms/URLs.
The Problem is it seems to me, that Shopify doesn’t really “use totally standard HTTP Authentication”. The HTTP-Standard RfC 2616 reads:
10.4.2 401 Unauthorized
The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.47) containing a challenge applicable to the requested resource.
My debugging indicates that Shopify doesn’t send a “WWW-Authenticate” Header in it’s response. Therefore the libs don’t try further authentication – which is at least according to the spec reasonable.