]>
git.proxmox.com Git - pve-http-server.git/blob - simple-demo.pl
886c6362b2d5095cadc710d35a67a18a984ceab2
7 use HTTP
::Status
qw(:constants);
10 use PVE
::APIServer
::AnyEvent
;
11 use PVE
::Exception
qw(raise_param_exc);
13 use base
('PVE::APIServer::AnyEvent');
17 my $secret = Digest
::MD5
::md5_base64
($$ . time());
22 my $salt = sprintf("%08x", time());
23 my $data = "$username:$salt";
24 my $sig = Digest
::MD5
::md5_base64
("$data:$secret");
25 return "$username:$salt:$sig";
31 die "no ticket" if !defined($ticket);
32 my ($userid, $salt, $rest) = split(/:/, $ticket, 3);
34 die "invalid ticket" if !defined($salt) || !defined($rest);
36 die "invalid unsername" if $userid ne 'demo';
38 my $sig = Digest
::MD5
::md5_base64
("$userid:$salt:$secret");
40 die "invalid ticket" if $rest ne $sig;
46 my ($self, $method, $rel_uri, $ticket, $token, $peer_host) = @_;
48 # explicitly allow some calls without authentication
49 if ($rel_uri eq '/access/ticket' &&
50 ($method eq 'POST' || $method eq 'GET')) {
51 return; # allow call to create ticket
54 my $userid = verify_ticket
($ticket);
63 my ($self, $clientip, $method, $rel_uri, $auth, $params) = @_;
66 status
=> HTTP_NOT_IMPLEMENTED
,
67 message
=> "Method '$method $rel_uri' not implemented",
69 if ($rel_uri eq '/access/ticket') {
70 if ($method eq 'POST') {
71 if ($params->{username
} && $params->{username
} eq 'demo' &&
72 $params->{password
} && $params->{password
} eq 'demo') {
76 ticket
=> create_ticket
($params->{username
}),
81 } elsif ($method eq 'GET') {
82 # this is allowed to display the login form
83 return { status
=> HTTP_OK
, data
=> {} };
92 clientip
=> $clientip,
97 info
=> { description
=> "You called API method '$method $rel_uri'" },
110 use Socket
qw(IPPROTO_TCP TCP_NODELAY SOMAXCONN);
115 use PVE
::Tools
qw(run_command);
117 use PVE
::APIServer
::Formatter
::Standard
;
118 use PVE
::APIServer
::Formatter
::HTML
;
120 my $nodename = PVE
::INotify
::nodename
();
123 my $cert_file = "simple-demo.pem";
125 if (! -f
$cert_file) {
126 print "generating demo server certificate\n";
127 my $cmd = ['openssl', 'req', '-batch', '-x509', '-newkey', 'rsa:4096',
128 '-nodes', '-keyout', $cert_file, '-out', $cert_file,
129 '-subj', "/CN=$nodename/",
134 my $socket = IO
::Socket
::IP-
>new(
135 LocalAddr
=> $nodename,
139 GetAddrInfoFlags
=> 0,
141 die "unable to create socket - $@\n";
143 # we often observe delays when using Nagle algorithm,
144 # so we disable that to maximize performance
145 setsockopt($socket, IPPROTO_TCP
, TCP_NODELAY
, 1);
147 my $accept_lock_fn = "simple-demo.lck";
148 my $lockfh = IO
::File-
>new(">>${accept_lock_fn}") ||
149 die "unable to open lock file '${accept_lock_fn}' - $!\n";
151 my $server = DemoServer-
>new(
153 lockfile
=> $accept_lock_fn,
155 title
=> 'Simple Demo API',
157 tls_ctx
=> { verify
=> 0, cert_file
=> $cert_file },
159 '/' => sub { get_index
($nodename, @_) },
163 # NOTE: Requests to non-API pages are not authenticated
164 # so you must be very careful here
166 my $root_page = <<__EOD__;
170 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
171 <meta http-equiv="X-UA-Compatible" content="IE=edge">
172 <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
173 <title>Simple Demo Server</title>
176 <h1>Simple Demo Server ($nodename)</h1>
178 You can browse the API <a href='/api2/html' >here</a>. Please sign
179 in with usrename <b>demo</b> and passwort <b>demo</b>.
186 my ($nodename, $server, $r, $args) = @_;
188 my $headers = HTTP
::Headers-
>new(Content_Type
=> "text/html; charset=utf-8");
189 my $resp = HTTP
::Response-
>new(200, "OK", $headers, $root_page);
193 print "demo server listens at: https://$nodename:$port/\n";