Skip to content

P
pve-manager
Commit 96338cef authored by Dietmar Maurer's avatar Dietmar Maurer
Browse files
Options

fix APIClient and examples

parent ce2d54c9
Show whitespace changes
Inline Side-by-side
Showing with 34 additions and 18 deletions
PVE/API2Client.pm
View file @ 96338cef
...@@ -34,6 +34,13 @@ sub delete { ...@@ -34,6 +34,13 @@ sub delete {
return $self->call('DELETE', $path, $param); return $self->call('DELETE', $path, $param);
} }
sub update_ticket {
my ($self, $ticket) = @_;
my $domain = "$self->{host}.local" unless $self->{host} =~ /\./;
$self->{cookie_jar}->set_cookie(0, 'PVEAuthCookie', $ticket, '/', $domain);
}
sub call { sub call {
my ($self, $method, $path, $param) = @_; my ($self, $method, $path, $param) = @_;
...@@ -54,7 +61,7 @@ sub call { ...@@ -54,7 +61,7 @@ sub call {
$uri->scheme($self->{protocol}); $uri->scheme($self->{protocol});
$uri->host($self->{host}); $uri->host($self->{host});
$uri->port($self->{port}); $uri->port($self->{port});
$uri->path('/api2/json/ticket'); $uri->path('/api2/json/access/ticket');
my $response = $ua->post($uri, { my $response = $ua->post($uri, {
username => $self->{username}, username => $self->{username},
...@@ -63,7 +70,11 @@ sub call { ...@@ -63,7 +70,11 @@ sub call {
if (!$response->is_success) { if (!$response->is_success) {
die $response->status_line . "\n"; die $response->status_line . "\n";
} }
# the auth cookie should be set now
my $data = from_json($response->decoded_content, {utf8 => 1, allow_nonref => 1});
$self->update_ticket($data->{data}->{ticket});
$self->{csrftoken} = $data->{data}->{CSRFPreventionToken};
} }
my $uri = URI->new(); my $uri = URI->new();
...@@ -76,6 +87,10 @@ sub call { ...@@ -76,6 +87,10 @@ sub call {
#print "CALL $method : " . $uri->as_string() . "\n"; #print "CALL $method : " . $uri->as_string() . "\n";
if ($self->{csrftoken}) {
$self->{useragent}->default_header('CSRFPreventionToken' => $self->{csrftoken});
}
my $response; my $response;
if ($method eq 'GET') { if ($method eq 'GET') {
$uri->query_form($param); $uri->query_form($param);
...@@ -111,6 +126,7 @@ sub new { ...@@ -111,6 +126,7 @@ sub new {
my $self = { my $self = {
ticket => $param{ticket}, ticket => $param{ticket},
csrftoken => $param{csrftoken},
username => $param{username}, username => $param{username},
password => $param{password}, password => $param{password},
host => $param{host} || 'localhost', host => $param{host} || 'localhost',
...@@ -128,11 +144,7 @@ sub new { ...@@ -128,11 +144,7 @@ sub new {
$self->{cookie_jar} = HTTP::Cookies->new (ignore_discard => 1); $self->{cookie_jar} = HTTP::Cookies->new (ignore_discard => 1);
if ($self->{ticket}) { $self->update_ticket($self->{ticket}) if $self->{ticket};
my $domain = "$self->{host}.local" unless $self->{host} =~ /\./;
$self->{cookie_jar}->set_cookie(0, 'PVEAuthCookie', $self->{ticket},
'/', $domain);
}
$self->{useragent} = LWP::UserAgent->new( $self->{useragent} = LWP::UserAgent->new(
cookie_jar => $self->{cookie_jar}, cookie_jar => $self->{cookie_jar},
......
bin/test/example1.pl
View file @ 96338cef
...@@ -11,13 +11,15 @@ use Data::Dumper; ...@@ -11,13 +11,15 @@ use Data::Dumper;
my $hostname = PVE::INotify::read_file("hostname"); my $hostname = PVE::INotify::read_file("hostname");
# normally you use username/password, # normally you use username/password,
# but we can simply create a ticket if we are root # but we can simply create a ticket and CRSF token if we are root
my $ticket = PVE::AccessControl::assemble_ticket('root'); my $ticket = PVE::AccessControl::assemble_ticket('root@pam');
my $csrftoken = PVE::AccessControl::assemble_csrf_prevention_token('root@pam');
my $conn = PVE::API2Client->new( my $conn = PVE::API2Client->new(
# username => 'root', #username => 'root@pam',
# password => 'yourpassword', #password => 'yourpassword',
ticket => $ticket, ticket => $ticket,
csrftoken => $csrftoken,
host => $hostname, host => $hostname,
); );
......
bin/test/example2.pl
View file @ 96338cef
...@@ -11,13 +11,15 @@ use Data::Dumper; ...@@ -11,13 +11,15 @@ use Data::Dumper;
my $hostname = PVE::INotify::read_file("hostname"); my $hostname = PVE::INotify::read_file("hostname");
# normally you use username/password, # normally you use username/password,
# but we can simply create a ticket if we are root # but we can simply create a ticket and CRSF token if we are root
my $ticket = PVE::AccessControl::assemble_ticket('root'); my $ticket = PVE::AccessControl::assemble_ticket('root@pam');
my $csrftoken = PVE::AccessControl::assemble_csrf_prevention_token('root@pam');
my $conn = PVE::API2Client->new( my $conn = PVE::API2Client->new(
#username => 'root', #username => 'root@pam',
#password => 'yourpassword', #password => 'yourpassword',
ticket => $ticket, ticket => $ticket,
csrftoken => $csrftoken,
host => $hostname, host => $hostname,
); );
......
bin/test/perftest1.pl
View file @ 96338cef
...@@ -12,7 +12,7 @@ my $hostname = PVE::INotify::read_file("hostname"); ...@@ -12,7 +12,7 @@ my $hostname = PVE::INotify::read_file("hostname");
# normally you use username/password, # normally you use username/password,
# but we can simply create a ticket if we are root # but we can simply create a ticket if we are root
my $ticket = PVE::AccessControl::assemble_ticket('root'); my $ticket = PVE::AccessControl::assemble_ticket('root@pam');
my $wcount = 4; my $wcount = 4;
my $qcount = 500; my $qcount = 500;
...@@ -21,7 +21,7 @@ sub test_rpc { ...@@ -21,7 +21,7 @@ sub test_rpc {
my ($host) = @_; my ($host) = @_;
my $conn = PVE::API2Client->new( my $conn = PVE::API2Client->new(
#username => 'root', #username => 'root@pam',
#password => 'yourpassword', #password => 'yourpassword',
ticket => $ticket, ticket => $ticket,
host => $host, host => $host,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023