import urllib.request
import json
# This is the full URL of the API's login endpoint using HTTPS.
url = "https://app01.testnet.com/PentanaUAT/API/auth/login"                    
headers = {
 "Content-Type": "application/json",
 "Accept": "application/json",
 "X-IdeagenDataAPIKey": "xyz",         # If hosted by Ideagen, your ApiAccessKey must be suppled with each request
}
# Here are our login details. Don't store real passwords in source code!
login = {
 "Username": "user@domain.com",                                                    # Include your Pentana Audit FBA username
 "Password": "password"                                                               # and password
 }
data = json.dumps( login ).encode( "utf-8" )
# Hit the token URL with our headers and data. This should yield us a token.
try:
    req = urllib.request.Request( url, data, headers )
    with urllib.request.urlopen( req ) as f:
        res = f.read()
        token = res.decode()
except Exception as e:
    print(e)
 

# Find all Findings for Head Office Accounts Payable AND that are called something like "Karl's Test"
url = "https://app01.testnet.com/PentanaUAT/API/query/finding?select=title,parentaudit.title,parentrisk.title,parentcontrol.title&where=parentaudit.title=\"Head%20Office%20Accounts%20Payable\"%20AND%20title%20like%20\"Karl's%20Test\""   


headers = {
 "Authorization": "Bearer " + token.strip('"'),
 "X-IdeagenDataAPIKey": "xyz",          # If hosted by Ideagen, your ApiAccessKey must be suppled with each request
}
try:
    req = urllib.request.Request( url, headers = headers )
    with urllib.request.urlopen( req ) as f:
        res = f.read()
        auditIDs = json.loads(res)
except Exception as e:
    print(e)
print( auditIDs )