Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unable to login with no clear error message. #38

Closed
kevinhuy opened this issue Jan 3, 2021 · 8 comments · Fixed by #39
Closed

unable to login with no clear error message. #38

kevinhuy opened this issue Jan 3, 2021 · 8 comments · Fixed by #39
Assignees
@cmeissner
Labels
bug Something isn't working documentation Improvements or additions to documentation

Comments

@kevinhuy
Copy link

kevinhuy commented Jan 3, 2021

Hello,

I m trying to test phpypam with the sample provide.

pi = phpypam.api(
url='http://myipam.com',
app_id='xx',
token='xxxxx',
username='xxx',
password='xxx',
ssl_verify=False
)
pi.get_entity(controller='sections')

And i got the following error

Traceback (most recent call last):
File "test_ipam.py", line 10, in
ssl_verify=False
File "/lib/python3.6/site-packages/phpypam/core/api.py", line 66, in init
self._login()
File "/lib/python3.6/site-packages/phpypam/core/api.py", line 131, in _login
resp = self._query(method=POST, auth=_auth)
File "/lib/python3.6/site-packages/phpypam/core/api.py", line 121, in _query
raise PHPyPAMException(code=result['code'], message=result['message'])
phpypam.core.exceptions.PHPyPAMException

Versions:

  • python 3.6.0
  • phpypam
@kevinhuy kevinhuy added the bug Something isn't working label Jan 3, 2021
@cmeissner
Copy link
Member

Thank you @kevinhuy for reporting this bug. I try to understand and reproduce the error. So I have some questions:

  1. which version of phpypam did you use for your tests?
  2. did you really try to connect to a unsecure 'http' end point?

Best regards

Christian

cmeissner added a commit to cmeissner/phpypam that referenced this issue Jan 3, 2021
@cmeissner
Fix codeaffen#38 - http vs. https connections
3437a10 
As phpIPAM only supports api interactions via an encrypted connection
without encryption set to `False` we also only supports `https` for
connecting to a phpIPAM API instance.
If we finally implement the `encryption` feature in not clear now. As
`https` connections are industry standard we don't invest much effort in
this feature. If anybody needs this feature feel free to contribute or
file a feature request where interested can vote on.
@cmeissner cmeissner added the documentation Improvements or additions to documentation label Jan 3, 2021
@cmeissner cmeissner self-assigned this Jan 3, 2021
@kevinhuy
Copy link
Author

kevinhuy commented Jan 3, 2021
edited

Hi Christian,

  1. my using phpypam==1.0.0
  2. i can use both , but in my ipam setting url is specify with http.

@cmeissner
Copy link
Member

Ok, the root cause is the unencrypted api endpoint. PhpIPAM does not support 'user token' without SSL nor encryption by default. If you don't have set $api_allow_unsafe to true in your config.php you can't connect via http to phpIPAM.

$ curl -X POST --user username:password http://ipam.example.com/api/app_id/user/ -i
HTTP/1.1 503 Service Unavailable
Date: Mon, 04 Jan 2021 00:08:26 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1g
X-Powered-By: PHP/7.2.24
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: phpipam=7e06m16vdrdqi73mbqt2teu0mi; expires=Tue, 05-Jan-2021 00:08:26 GMT; Max-Age=86400; path=/; HttpOnly
Connection: close
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

{"code":503,"success":false,"message":"SSL connection is required for API","time":0}

The bug is that we don't catch the exception correctly. We will fix this asap.

If you set $api_allow_unsafe to true you can use our library too. But be aware this is not recommended because of security risk.

cmeissner added a commit to cmeissner/phpypam that referenced this issue Jan 4, 2021
@cmeissner
Fix codeaffen#38 - http vs. https connections
9added6 
As the try to connect to an unsecure api endpoint with user token leads
to an exception we need to adapt our exception handling to print out the
full and correct information.
As `https` connections are industry standard we don't invest much effort
in implementation of the `encryption` feature.
If anybody needs this feature feel free to contribute or file a feature
request where interested can vote on.
cmeissner added a commit to cmeissner/phpypam that referenced this issue Jan 4, 2021
@cmeissner
Fix codeaffen#38 - Update documentations
ddc897b 
As phpIPAM does not support `User token` via `http` by default we need
to adapt our documentation to reflect these fact.
@kevinhuy
Copy link
Author

kevinhuy commented Jan 4, 2021

@cmeissner thanks for your feedback , i will wait on your fix then.

@cmeissner cmeissner mentioned this issue Jan 4, 2021
Merged
@cmeissner
Copy link
Member

@kevinhuy finally I pushed the changes that are needed for that bug. It would be great if you can test it and gave us feedback in form of a review.

@kevinhuy
Copy link
Author

kevinhuy commented Jan 4, 2021

@cmeissner did you push the change on pip or i need to clone the repo ?

@cmeissner
Copy link
Member

I only pushed it to develop here. After getting required reviews a new version will be created and published on you.

@kevinhuy
Copy link
Author

kevinhuy commented Jan 4, 2021

ok i just test it works, i m able to pull the info . :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cmeissner cmeissner

Labels
bug Something isn't working documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

increase error handling cmeissner/phpypam
2 participants
@cmeissner @kevinhuy