return $self->call('DELETE', $path, $param);
}
+sub update_ticket {
+ my ($self, $ticket) = @_;
+
+ my $domain = "$self->{host}.local" unless $self->{host} =~ /\./;
+ $self->{cookie_jar}->set_cookie(0, 'PVEAuthCookie', $ticket, '/', $domain);
+}
+
sub call {
my ($self, $method, $path, $param) = @_;
$uri->scheme($self->{protocol});
$uri->host($self->{host});
$uri->port($self->{port});
- $uri->path('/api2/json/ticket');
+ $uri->path('/api2/json/access/ticket');
my $response = $ua->post($uri, {
username => $self->{username},
if (!$response->is_success) {
die $response->status_line . "\n";
}
- # the auth cookie should be set now
+
+ my $data = from_json($response->decoded_content, {utf8 => 1, allow_nonref => 1});
+
+ $self->update_ticket($data->{data}->{ticket});
+ $self->{csrftoken} = $data->{data}->{CSRFPreventionToken};
}
my $uri = URI->new();
# print $ua->{cookie_jar}->as_string;
#print "CALL $method : " . $uri->as_string() . "\n";
-
+
+ if ($self->{csrftoken}) {
+ $self->{useragent}->default_header('CSRFPreventionToken' => $self->{csrftoken});
+ }
+
my $response;
if ($method eq 'GET') {
$uri->query_form($param);
my $self = {
ticket => $param{ticket},
+ csrftoken => $param{csrftoken},
username => $param{username},
password => $param{password},
host => $param{host} || 'localhost',
$self->{cookie_jar} = HTTP::Cookies->new (ignore_discard => 1);
- if ($self->{ticket}) {
- my $domain = "$self->{host}.local" unless $self->{host} =~ /\./;
- $self->{cookie_jar}->set_cookie(0, 'PVEAuthCookie', $self->{ticket},
- '/', $domain);
- }
+ $self->update_ticket($self->{ticket}) if $self->{ticket};
$self->{useragent} = LWP::UserAgent->new(
cookie_jar => $self->{cookie_jar},
timeout => $self->{timeout},
);
- $self->{useragent}->default_header('Accept-Encoding' => 'gzip'); # allow gzip
+ $self->{useragent}->default_header('Accept-Encoding' => 'gzip'); # allow gzip
return $self;
}
my $hostname = PVE::INotify::read_file("hostname");
# normally you use username/password,
-# but we can simply create a ticket if we are root
-my $ticket = PVE::AccessControl::assemble_ticket('root');
+# but we can simply create a ticket and CRSF token if we are root
+my $ticket = PVE::AccessControl::assemble_ticket('root@pam');
+my $csrftoken = PVE::AccessControl::assemble_csrf_prevention_token('root@pam');
my $conn = PVE::API2Client->new(
-# username => 'root',
-# password => 'yourpassword',
+ #username => 'root@pam',
+ #password => 'yourpassword',
ticket => $ticket,
+ csrftoken => $csrftoken,
host => $hostname,
);
my $hostname = PVE::INotify::read_file("hostname");
# normally you use username/password,
-# but we can simply create a ticket if we are root
-my $ticket = PVE::AccessControl::assemble_ticket('root');
+# but we can simply create a ticket and CRSF token if we are root
+my $ticket = PVE::AccessControl::assemble_ticket('root@pam');
+my $csrftoken = PVE::AccessControl::assemble_csrf_prevention_token('root@pam');
my $conn = PVE::API2Client->new(
- #username => 'root',
+ #username => 'root@pam',
#password => 'yourpassword',
ticket => $ticket,
+ csrftoken => $csrftoken,
host => $hostname,
);
projects / pve-manager-legacy.git / commitdiff