5 use hyper
::client
::Client
;
6 use xdg
::BaseDirectories
;
9 use http
::{Request, Response}
;
10 use http
::header
::HeaderValue
;
13 use futures
::stream
::Stream
;
15 use serde_json
::{json, Value}
;
16 use url
::percent_encoding
::{percent_encode, DEFAULT_ENCODE_SET}
;
18 use crate::tools
::{self, BroadcastFuture, tty}
;
27 /// HTTP(S) API client
28 pub struct HttpClient
{
29 client
: Client
<hyper_tls
::HttpsConnector
<hyper
::client
::HttpConnector
>>,
31 auth
: BroadcastFuture
<AuthInfo
>,
34 fn store_ticket_info(server
: &str, username
: &str, ticket
: &str, token
: &str) -> Result
<(), Error
> {
36 let base
= BaseDirectories
::with_prefix("proxmox-backup")?
;
38 // usually /run/user/<uid>/...
39 let path
= base
.place_runtime_file("tickets")?
;
41 let mode
= nix
::sys
::stat
::Mode
::from_bits_truncate(0o0600);
43 let mut data
= tools
::file_get_json(&path
, Some(json
!({}
)))?
;
45 let now
= Utc
::now().timestamp();
47 data
[server
][username
] = json
!({ "timestamp": now, "ticket": ticket, "token": token}
);
49 let mut new_data
= json
!({}
);
51 let ticket_lifetime
= tools
::ticket
::TICKET_LIFETIME
- 60;
53 let empty
= serde_json
::map
::Map
::new();
54 for (server
, info
) in data
.as_object().unwrap_or(&empty
) {
55 for (_user
, uinfo
) in info
.as_object().unwrap_or(&empty
) {
56 if let Some(timestamp
) = uinfo
["timestamp"].as_i64() {
57 let age
= now
- timestamp
;
58 if age
< ticket_lifetime
{
59 new_data
[server
][username
] = uinfo
.clone();
65 tools
::file_set_contents(path
, new_data
.to_string().as_bytes(), Some(mode
))?
;
70 fn load_ticket_info(server
: &str, username
: &str) -> Option
<(String
, String
)> {
71 let base
= match BaseDirectories
::with_prefix("proxmox-backup") {
76 // usually /run/user/<uid>/...
77 let path
= match base
.place_runtime_file("tickets") {
82 let data
= match tools
::file_get_json(&path
, None
) {
87 let now
= Utc
::now().timestamp();
89 let ticket_lifetime
= tools
::ticket
::TICKET_LIFETIME
- 60;
91 if let Some(uinfo
) = data
[server
][username
].as_object() {
92 if let Some(timestamp
) = uinfo
["timestamp"].as_i64() {
93 let age
= now
- timestamp
;
94 if age
< ticket_lifetime
{
95 let ticket
= match uinfo
["ticket"].as_str() {
99 let token
= match uinfo
["token"].as_str() {
103 return Some((ticket
.to_owned(), token
.to_owned()));
113 pub fn new(server
: &str, username
: &str) -> Result
<Self, Error
> {
114 let client
= Self::build_client();
116 let password
= if let Some((ticket
, _token
)) = load_ticket_info(server
, username
) {
119 Self::get_password(&username
)?
122 let login
= Self::credentials(client
.clone(), server
.to_owned(), username
.to_owned(), password
);
126 server
: String
::from(server
),
127 auth
: BroadcastFuture
::new(login
),
131 fn get_password(_username
: &str) -> Result
<String
, Error
> {
132 use std
::env
::VarError
::*;
133 match std
::env
::var("PBS_PASSWORD") {
134 Ok(p
) => return Ok(p
),
135 Err(NotUnicode(_
)) => bail
!("PBS_PASSWORD contains bad characters"),
137 // Try another method
141 // If we're on a TTY, query the user for a password
142 if tty
::stdin_isatty() {
143 return Ok(String
::from_utf8(tty
::read_password("Password: ")?
)?
);
146 bail
!("no password input mechanism available");
149 fn build_client() -> Client
<hyper_tls
::HttpsConnector
<hyper
::client
::HttpConnector
>> {
150 let mut builder
= native_tls
::TlsConnector
::builder();
151 // FIXME: We need a CLI option for this!
152 builder
.danger_accept_invalid_certs(true);
153 let tlsconnector
= builder
.build().unwrap();
154 let mut httpc
= hyper
::client
::HttpConnector
::new(1);
155 httpc
.enforce_http(false); // we want https...
156 let mut https
= hyper_tls
::HttpsConnector
::from((httpc
, tlsconnector
));
157 https
.https_only(true); // force it!
158 Client
::builder().build
::<_
, Body
>(https
)
161 pub fn request(&self, mut req
: Request
<Body
>) -> impl Future
<Item
=Value
, Error
=Error
> {
163 let login
= self.auth
.listen();
165 let client
= self.client
.clone();
167 login
.and_then(move |auth
| {
169 let enc_ticket
= format
!("PBSAuthCookie={}", percent_encode(auth
.ticket
.as_bytes(), DEFAULT_ENCODE_SET
));
170 req
.headers_mut().insert("Cookie", HeaderValue
::from_str(&enc_ticket
).unwrap());
171 req
.headers_mut().insert("CSRFPreventionToken", HeaderValue
::from_str(&auth
.token
).unwrap());
173 let request
= Self::api_request(client
, req
);
179 pub fn get(&self, path
: &str, data
: Option
<Value
>) -> impl Future
<Item
=Value
, Error
=Error
> {
181 let req
= Self::request_builder(&self.server
, "GET", path
, data
).unwrap();
185 pub fn delete(&mut self, path
: &str, data
: Option
<Value
>) -> impl Future
<Item
=Value
, Error
=Error
> {
187 let req
= Self::request_builder(&self.server
, "DELETE", path
, data
).unwrap();
191 pub fn post(&mut self, path
: &str, data
: Option
<Value
>) -> impl Future
<Item
=Value
, Error
=Error
> {
193 let req
= Self::request_builder(&self.server
, "POST", path
, data
).unwrap();
197 pub fn download(&mut self, path
: &str, mut output
: Box
<dyn std
::io
::Write
+ Send
>) -> impl Future
<Item
=(), Error
=Error
> {
199 let mut req
= Self::request_builder(&self.server
, "GET", path
, None
).unwrap();
201 let login
= self.auth
.listen();
203 let client
= self.client
.clone();
205 login
.and_then(move |auth
| {
207 let enc_ticket
= format
!("PBSAuthCookie={}", percent_encode(auth
.ticket
.as_bytes(), DEFAULT_ENCODE_SET
));
208 req
.headers_mut().insert("Cookie", HeaderValue
::from_str(&enc_ticket
).unwrap());
211 .map_err(Error
::from
)
214 let _status
= resp
.status(); // fixme: ??
217 .map_err(Error
::from
)
218 .for_each(move |chunk
| {
219 output
.write_all(&chunk
)?
;
227 pub fn upload(&mut self, content_type
: &str, body
: Body
, path
: &str) -> impl Future
<Item
=Value
, Error
=Error
> {
229 let path
= path
.trim_matches('
/'
);
230 let url
: Uri
= format
!("https://{}:8007/{}", &self.server
, path
).parse().unwrap();
232 let req
= Request
::builder()
235 .header("User-Agent", "proxmox-backup-client/1.0")
236 .header("Content-Type", content_type
)
237 .body(body
).unwrap();
244 &str, param
: Option
<Value
>
245 ) -> impl Future
<Item
=H2Client
, Error
=Error
> {
247 let mut req
= Self::request_builder(&self.server
, "GET", path
, param
).unwrap();
249 let login
= self.auth
.listen();
251 let client
= self.client
.clone();
253 login
.and_then(move |auth
| {
255 let enc_ticket
= format
!("PBSAuthCookie={}", percent_encode(auth
.ticket
.as_bytes(), DEFAULT_ENCODE_SET
));
256 req
.headers_mut().insert("Cookie", HeaderValue
::from_str(&enc_ticket
).unwrap());
257 req
.headers_mut().insert("UPGRADE", HeaderValue
::from_str("proxmox-backup-protocol-h2").unwrap());
260 .map_err(Error
::from
)
263 let status
= resp
.status();
264 if status
!= http
::StatusCode
::SWITCHING_PROTOCOLS
{
265 bail
!("h2upgrade failed with status {:?}", status
);
268 Ok(resp
.into_body().on_upgrade().map_err(Error
::from
))
271 .and_then(|upgraded
| {
272 h2
::client
::handshake(upgraded
).map_err(Error
::from
)
274 .and_then(|(h2
, connection
)| {
275 let connection
= connection
276 .map_err(|_
| panic
!("HTTP/2.0 connection failed"));
278 // Spawn a new task to drive the connection state
279 hyper
::rt
::spawn(connection
);
281 // Wait until the `SendRequest` handle has available capacity.
284 .map_err(Error
::from
)
290 client
: Client
<hyper_tls
::HttpsConnector
<hyper
::client
::HttpConnector
>>,
294 ) -> Box
<Future
<Item
=AuthInfo
, Error
=Error
> + Send
> {
296 let server2
= server
.clone();
298 let create_request
= futures
::future
::lazy(move || {
299 let data
= json
!({ "username": username, "password": password }
);
300 let req
= Self::request_builder(&server
, "POST", "/api2/json/access/ticket", Some(data
)).unwrap();
301 Self::api_request(client
, req
)
304 let login_future
= create_request
305 .and_then(move |cred
| {
306 let auth
= AuthInfo
{
307 username
: cred
["data"]["username"].as_str().unwrap().to_owned(),
308 ticket
: cred
["data"]["ticket"].as_str().unwrap().to_owned(),
309 token
: cred
["data"]["CSRFPreventionToken"].as_str().unwrap().to_owned(),
312 let _
= store_ticket_info(&server2
, &auth
.username
, &auth
.ticket
, &auth
.token
);
317 Box
::new(login_future
)
321 client
: Client
<hyper_tls
::HttpsConnector
<hyper
::client
::HttpConnector
>>,
323 ) -> impl Future
<Item
=Value
, Error
=Error
> {
326 .map_err(Error
::from
)
329 let status
= resp
.status();
334 .map_err(Error
::from
)
335 .and_then(move |data
| {
337 let text
= String
::from_utf8(data
.to_vec()).unwrap();
338 if status
.is_success() {
340 let value
: Value
= serde_json
::from_str(&text
)?
;
346 bail
!("HTTP Error {}: {}", status
, text
);
352 pub fn request_builder(server
: &str, method
: &str, path
: &str, data
: Option
<Value
>) -> Result
<Request
<Body
>, Error
> {
353 let path
= path
.trim_matches('
/'
);
354 let url
: Uri
= format
!("https://{}:8007/{}", server
, path
).parse()?
;
356 if let Some(data
) = data
{
357 if method
== "POST" {
358 let request
= Request
::builder()
361 .header("User-Agent", "proxmox-backup-client/1.0")
362 .header(hyper
::header
::CONTENT_TYPE
, "application/json")
363 .body(Body
::from(data
.to_string()))?
;
366 let query
= tools
::json_object_to_query(data
)?
;
367 let url
: Uri
= format
!("https://{}:8007/{}?{}", server
, path
, query
).parse()?
;
368 let request
= Request
::builder()
371 .header("User-Agent", "proxmox-backup-client/1.0")
372 .header(hyper
::header
::CONTENT_TYPE
, "application/x-www-form-urlencoded")
373 .body(Body
::empty())?
;
378 let request
= Request
::builder()
381 .header("User-Agent", "proxmox-backup-client/1.0")
382 .header(hyper
::header
::CONTENT_TYPE
, "application/x-www-form-urlencoded")
383 .body(Body
::empty())?
;
389 pub struct H2Client
{
390 h2
: h2
::client
::SendRequest
<bytes
::Bytes
>,
395 pub fn new(h2
: h2
::client
::SendRequest
<bytes
::Bytes
>) -> Self {
399 pub fn get(&self, path
: &str, param
: Option
<Value
>) -> impl Future
<Item
=Value
, Error
=Error
> {
400 let req
= Self::request_builder("localhost", "GET", path
, param
).unwrap();
404 pub fn post(&self, path
: &str, param
: Option
<Value
>) -> impl Future
<Item
=Value
, Error
=Error
> {
405 let req
= Self::request_builder("localhost", "POST", path
, param
).unwrap();
411 request
: Request
<()>,
412 ) -> impl Future
<Item
=Value
, Error
=Error
> {
416 .map_err(Error
::from
)
417 .and_then(move |mut send_request
| {
418 // fixme: what about stream/upload?
419 let (response
, _stream
) = send_request
.send_request(request
, true).unwrap();
421 .map_err(Error
::from
)
422 .and_then(Self::h2api_response
)
426 fn h2api_response(response
: Response
<h2
::RecvStream
>) -> impl Future
<Item
=Value
, Error
=Error
> {
428 let status
= response
.status();
430 let (_head
, mut body
) = response
.into_parts();
432 // The `release_capacity` handle allows the caller to manage
435 // Whenever data is received, the caller is responsible for
436 // releasing capacity back to the server once it has freed
437 // the data from memory.
438 let mut release_capacity
= body
.release_capacity().clone();
442 // Let the server send more data.
443 let _
= release_capacity
.release_capacity(chunk
.len());
447 .map_err(Error
::from
)
448 .and_then(move |data
| {
449 let text
= String
::from_utf8(data
.to_vec()).unwrap();
450 if status
.is_success() {
452 let mut value
: Value
= serde_json
::from_str(&text
)?
;
453 if let Some(map
) = value
.as_object_mut() {
454 if let Some(data
) = map
.remove("data") {
458 bail
!("got result without data property");
463 bail
!("HTTP Error {}: {}", status
, text
);
468 pub fn request_builder(server
: &str, method
: &str, path
: &str, data
: Option
<Value
>) -> Result
<Request
<()>, Error
> {
469 let path
= path
.trim_matches('
/'
);
470 let url
: Uri
= format
!("https://{}:8007/{}", server
, path
).parse()?
;
472 if let Some(data
) = data
{
473 let query
= tools
::json_object_to_query(data
)?
;
474 let url
: Uri
= format
!("https://{}:8007/{}?{}", server
, path
, query
).parse()?
;
475 let request
= Request
::builder()
478 .header("User-Agent", "proxmox-backup-client/1.0")
479 .header(hyper
::header
::CONTENT_TYPE
, "application/x-www-form-urlencoded")
484 let request
= Request
::builder()
487 .header("User-Agent", "proxmox-backup-client/1.0")
488 .header(hyper
::header
::CONTENT_TYPE
, "application/x-www-form-urlencoded")