Ayuda para Iniciar Sesión con Usuario Vía API.

[Urick]

Estoy tratando de iniciar sesión como se muestra en https://fwcloud.net/documentacion/api/ con:
curl --insecure -X POST https://localhost:3131/user/login -H 'Content-Type: application/json' -H 'Origin: https://x.x.x.x:3030' -d '{ "customer": 1, "username": "fwcadmin", "password": "fwcadmin" }'

Y como primer error sale: {"_original":{"customer":1,"username":"fwcadmin","password":"fwcadmin"},"details":[{"message":"\"authCode\" is required","path":["authCode"],"type":"any.required","context":{"label":"authCode","key":"authCode"}}]}

Para corregir esto, añado la linea "authCode": "" como se muestra a continuación: curl --insecure -X POST https://localhost:3131/user/login -H 'Content-Type: application/json' -H 'Origin: https://x.x.x.x:3030' -d '{ "customer": 1, "username": "fwcadmin", "password": "fwcadmin", "authCode": "" }'

Arrojando un nuevo error: {"_original":{"customer":1,"username":"fwcadmin","password":"fwcadmin","authCode":""},"details":[{"message":"\"publicKey\" is required","path":["publicKey"],"type":"any.required","context":{"label":"publicKey","key":"publicKey"}}]}

El bloque a continuación supongo que debería quedar algo como: curl --insecure -X POST https://localhost:3131/user/login \ -H 'Content-Type: application/json' \ -H 'Origin: https://x.x.x.x:3030' \ -d '{ "customer": 1, "username": "fwcadmin", "password": "fwcadmin", "authCode": "", "publicKey": "<llave_pública_aquí>" }'

Aclaro que no tengo habilitado autenticación de doble factor, deshabilité dicha opción para realizar esta prueba de inicio de sesión API. ¿Cuál es el código authCode? ¿Cuál es la clave pública, dónde está ubicada? ¿Cuál es la manera correcta de iniciar sesión por la API ya que se han actualizado los módulos incluyendo el FWCloud-API y no sé si esto esté afectando?

 

[Carles Munyoz]

Haciendo uso de las `Herramientas para desarrolladores` del navegador puedes inspeccionar las llamadas que se envían a `FWCloud-API` desde la interfaz web `FWCloud-UI`.



Verás que para la llamada al API para el login se precisa también que generes un par de claves PGP y envíes la clave pública en la petición. Como respuesta el API te enviará una clave pública de un par de claves PGP que generará a su vez. Son claves PGP de sesión que se utilizan para transmitir de forma segura entre el API y la UI datos como son el usuario y contraseña SSH de un firewall o el API Key de `FWCloud-Agent`.

 

[Urick]

He tenido en cuenta lo que sugirió, quedando de la siguiente manera:
curl --insecure -i -X POST https://localhost:3131/user/login -H 'Content-Type: application/json' -H 'Origin: https://10.20.6.119:3030' -d '{
"customer": 1,
"username": "fwcadmin",
"password": "fwcadmin",
"authCode": "",
"publicKey": "-----BEGIN PGP PUBLIC KEY BLOCK-----\nmQGNBGcJROMBDADIPSDBZSr6Tq09X1YbvnvMqK4FNPv3ShElnnKmWy/yYTj+6Fnd\nDvaTUxxq2MI6Rx0Sz3RXPK/xV6lDAIXDcXl1iOxYH8XrSD2aYCM3LZs2+MxRHQRN\nUEgo2RQDikildSSBRJXfrzA02IxlZCtSLn7IzwIJKHZ/EMiy74vOYnIlkFjXN3Sb\ndVAKfA006lGPhSXzzyd8IryulWkpSfd5KvnWY5+A1R7RVdBi+sJ2pzgf7diwGmNk\nTFdqmRPLQgXWEF42qfT6PMARwWDWCupXgDUIDX8RDHuq7omAjy2BO+ZSZ/xiIAvK\n7jT/tbsmI6ztetyZ6OCnMBlxQXq4b6ub4C9QQZgTCGh669vUw65FZiajtIffMJny\nnTaIaH6BAEVBhbH/AqJj6cOrBrzYdiaX6lAynwh1cmEA0tAWBXlMlZG+lU1Gc4H4\n0mnz+oFW4dQVTU8Z9CV06D7NB7h+qzWUy9bwyIHqxX9YELZz0TOx1Pz+s8cTXMoq\nuaWxbrY/2q2hQesAEQEAAbQoZndjbG91ZGtleTEgPGZlZ29uemFsZXpAdW5pY2F1\nY2EuZWR1LmNvPokB1AQTAQoAPhYhBEJqicKzqPoqD6B/ktSCb6lStNpgBQJnCUTj\nAhsDBQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJENSCb6lStNpgnJkM\nAJQVnt3DmPnK6MZDG/lulYrGG+EkrSlGzIzSeHhvvHXNxQPyd6BKSjcqHpTYe/3w\nXcZtHSSu5htn63XbPoQuuScbV3jPokr1vB0bIk2ssLkd2nPrQuiZVO2rBZSeb975\nbJHTZo8reRgBRhKj+PLKgH66YzOe7nNH/CqKzER/zWaOpGKpJCi4fPHLj4sAaC9u\nkwlILsKA5345hlGCReYxYQxH35kidmF2dx5TjZOES88p3wdOD1sqodkKGdbtb7Lw\nQTy2tJ3+HbRU3N8Nfjubu9XcT1vA8XGyNuwpK2JPgQxm8BJFUqyDvCH5BS3zy4CE\nPjPVZuP0TH16nqJgWDmtiGkUtPUtRohntufxhBLhm0m1FCj/IQQC+/UMajwCEKja\nVwCvGCGm+ySYyUJyS5tN9UofITYzm1KPljj22GAugFdR0Z6pNklTG7BdWn2dhQZG\n6AtMMZQeqpxS2etl10ABkkpxERz3IINf68Z7MyJiw5ejjIgeBPrcVjxJjjnM6Ib6\nqLkBjQRnCUTjAQwAz9eYbalIEsu/Tu5KsbiWrhPw6ysxr1JFBNdBIrebiHRglc8q\n98S09aeSUd1mvsLbzRaH5DW/30mYBZwl5hcM9XDThkt8SVp3qb1ihy8t5G2EDnk1\nglAoy/RdHHeqrH954d7EtfiA8+WyXheLltaq3/i/N7gzAQYP3+sXQodclaTuEaG7\nn8UfrIgDfKF4m29/3zMHHOGAweOrmTDjbB0HTqphtVfBwKrOmJLSg+sKDXNieX3k\nUa8w48ahF26CEA2sbzYDg2EB3WV9EXnaM/cOg1aq4AjzOmNMpLjkAjTCSDXIwGN2\nyAv0693kCeOORUIPGa+7EehLePJeXszET/eFRz3NX/e5P885y8km/HdSI2r+8GSG\ndG1j6GBXMC6H2r/88QTzlGsHtadH+OGK0x2q++SVgAyRBj+UBoMMnzN5H/6+FTZB\nbXk4ZWifPIOb0hKq5pfgnU33naE8dfItgpPmzNA0aV2iQLx5t9M6P9X+KzVBuM3D\ng0GTs19dstQPhHPJABEBAAGJAbwEGAEKACYWIQRCaonCs6j6Kg+gf5LUgm+pUrTa\nYAUCZwlE4wIbDAUJA8JnAAAKCRDUgm+pUrTaYGHZC/9aTfWgf2pqzXgguZyWrFEp\nIcTwiblRzTgjC3izGIo2lP9QCuvX0DEuwFdmd1wTBEjiORkI2V0Dejpr+agHzqDq\nPcrhB0+7fFN4qim1vPQyC6XCZEk8mhn3hYk/AUUgjsjMMx5hSwKtF/UsYj3nr64N\nhR5k9m1faVrUaVPKqKFZ0Wjd9PoK4NPW7jNXxtJzFcGHYnX0sHXjtvTwCFlHJShX\nJ+dYgtB4hugDujTTtbOMTB9AdSMrg13CqpSapViVUt14ccQg89OhYP8l015bWSbn\nODJainvIwMnoq9g80NfcTCKrjQue+ZYmhop+8h4LvogLxyJpfxyfVYCrzFwk8xuY\nDoaUoiYPnQqGumVxULORYB2Tlq0ggE9bqqJry59eU77P8ts5tWBVkverWXTssdml\nlr0feGAxCT6fmcTfeo5NwnJHB+U33N4db6B+fPCEbMewGI9YoVoC6r7+PxMdRHgo\n45xa8DI1RjlGPcBvqsDGyvlt76evjxI8LTID3wUXJXo=\n=6DqG\n-----END PGP PUBLIC KEY BLOCK-----"
}'


Obtengo lo siguiente:
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: https://10.20.6.119:3030
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 1805
Set-Cookie: FWCloud.net-cookie=s%3AVrlcHXVquHe2F6eLF75NP7MfN6JqFMeP.4zRvu7lWlr4Sjtlx03fjSGcAZiTfShaymhTfvnGcSyo; Path=/; Secure
Date: Tue, 15 Oct 2024 13:52:46 GMT
Connection: keep-alive
Keep-Alive: timeout=5

{"user":1,"role":1,"publicKey":"-----BEGIN PGP PUBLIC KEY BLOCK-----\n\nxsBNBGcOc64BCACs4KVlpbOdP104raBjlH6so2ocPd6/5zpy4LlukJF3TCUl\n13+Kd28j1Al1KFzbAVLsUuNXAdDGXBjnMaywY0yVR2aexdvft3SA5kJF6KPm\nkhYQZDxqyAWDb/rBqGTnjf8rIabINdTMDGQPriWHuIHdLlfED5VD+SgQW8Sl\nY/IifXeZpJ2PYYwmi3qm29vJiJfX0ZXATTYZzP4ZhBamjICiqxsiADv6RfmW\ntnNKh9FxpTA76MgRtOGEnQM4O1myK4jQq6iO/wfPzXGkbYs65ngzjMR6G2qK\nkGZxjuMbMzjlpp6QdwBgkStZHmzbRdnpHdFqUu/61dlpjap2Do8hmbpXABEB\nAAHNHkZXQ2xvdWQubmV0IDxpbmZvQGZ3Y2xvdWQubmV0PsLAigQQAQgAPgWC\nZw5zrgQLCQcICZB4/z/t3WPFGAMVCAoEFgACAQIZAQKbAwIeARYhBNjX2xqy\nS64d8abQZnj/P+3dY8UYAACKYQf/c/Di6Rjh6WiizBSdwQQ92801zVaupFHM\nxIgaIwKeZbJ4D50AebEi92XQPvL/W40/qbHjGRRIS0B6y2RLJGlk9Z4gKsXF\nLoN1bnPpkcilHXO4NiM0NiZYoSs2TlFQA2jD1IUaNF05sK15W6Kjbl3hPYve\nRqCkZizewViIgAdQQCId76ofx6IzeaBKrnGzf3V9hJ7NLfzaYQHILbCDRHwk\nYBCVV9DvPQXt/J8AFELSqwBGAJ3BZqz6Y5JrPX9E6gHSj9RG3x1SsMkMStDd\nQVsdEsyepHHMwgQFFx1KQltkOAwh4zZG9uio+k3dgYy+gJrOqPhXsZU9+uip\nB6hJjwOkU87ATQRnDnOuAQgAvMCyVIxapnQWBup/SAMegeRvkHs8My2nc6QX\ndFqtHPUKySzXQ89XnIpr2LcJRl5/kC24ICj/hRDW8zS80FiAWifFOISBe600\nUAilHfQlEpLhqn16uo165PKYOvesNmH587alKcfZqeULKHKtsdiK0NWbGrxg\n6aGCbLSpaVTDNWGcO0f3QH+3lVSQqcPgAj+RXleAaNN1MgeL6ZcShySiJe5P\nMB0FNmk52HeUmhH0Cl3FwS8Z+qscX25egmPuFUQz3kXXaFQj80BuRiU80FW4\nT/8mnhGQM/rft+kLp7KUhB8bvub1kp9p3hCU8gDqqhhjKuqcvvT0Cr22UYSj\nhrn72QARAQABwsB2BBgBCAAqBYJnDnOuCZB4/z/t3WPFGAKbDBYhBNjX2xqy\nS64d8abQZnj/P+3dY8UYAAB2Qwf9HV+NURvXtAIxDep0ARO7kPl+ArA9FhvA\ntNTDR+YL2gvJCueRR/f9E8iuz/cFZbN1BIMUEKa89kFVhgzmZmNISn8UU6hY\nN3H4w6MYhoQdU9Tg7iEkPb6KtHvPn0dv5Xp/BZrgKzcSP7eNkIuWn/A7fpOY\nGhnwcLf71LtggMgHg7alNQTo01Y909GDaUgRbkY+PgT2ZGdsOpd1Kp+zoOAh\nE2xwmWS3ArFWGDGiAHSJgNb1uAmW8OgLyO+NxcYAtllwXbGffaZ1kHG3S1Bj\nW4/ABgm7G9MQDMpCxN91pZ0X8z/YeMCu4oAoE7A6fx3C7zvMTb5r8ONxzWeA\nMbKMg6yqmA==\n=CgOq\n-----END PGP PUBLIC KEY BLOCK-----\n"}

Luego intento crear un FWCloud de prueba de la siguiente manera:
curl --insecure -i -X POST https://localhost:3131/fwcloud -H 'Content-Type: application/json' -H 'Origin: https://10.20.6.119:3030' -H 'cookie: FWCloud.net-cookie=s%3AVrlcHXVquHe2F6eLF75NP7MfN6JqFMeP.4zRvu7lWlr4Sjtlx03fjSGcAZiTfShaymhTfvnGcSyo' -b FWCloud.net-cookie=s%3AVrlcHXVquHe2F6eLF75NP7MfN6JqFMeP.4zRvu7lWlr4Sjtlx03fjSGcAZiTfShaymhTfvnGcSyo -d '{
"name": "FWCloud Test1",
"image": "",
"comment": ""
}'

Obtengo:
HTTP/1.1 403 Forbidden
X-Powered-By: Express
Access-Control-Allow-Origin: https://10.20.6.119:3030
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 77
Date: Tue, 15 Oct 2024 13:54:24 GMT
Connection: keep-alive
Keep-Alive: timeout=5

{"fwc_confirm_token":"ggoU9HH06Pe4-7jtWSUY5tk8KsQaSXIe_oCvdd66NclVEFSXGNKx1"}

Luego adjunto el token de confirmación:
curl --insecure -i -X POST https://localhost:3131/fwcloud -H 'Content-Type: application/json' -H 'Origin: https://10.20.6.119:3030' -H 'X-FWC-Confirm-Token: ggoU9HH06Pe4-7jtWSUY5tk8KsQaSXIe_oCvdd66NclVEFSXGNKx1' -H 'cookie: FWCloud.net-cookie=s%3AVrlcHXVquHe2F6eLF75NP7MfN6JqFMeP.4zRvu7lWlr4Sjtlx03fjSGcAZiTfShaymhTfvnGcSyo' -b FWCloud.net-cookie=s%3AVrlcHXVquHe2F6eLF75NP7MfN6JqFMeP.4zRvu7lWlr4Sjtlx03fjSGcAZiTfShaymhTfvnGcSyo -d '{
"name": "FWCloud Test1",
"image": "",
"comment": ""
}'

Y obtengo:
HTTP/1.1 404 Not Found
X-Powered-By: Express
Access-Control-Allow-Origin: https://10.20.6.119:3030
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 75
Date: Tue, 15 Oct 2024 14:08:10 GMT
Connection: keep-alive
Keep-Alive: timeout=5

{"status":404,"response":"Not Found","message":"[POST]/fwcloud not found."}

En los logs /opt/fwcloud/api/logs/app.log sale:
2024-10-15 09:26:24|DEBUG|USER AUTHORIZED (customer_id: 1, user_id: 1, username: fwcadmin)
2024-10-15 09:27:28|DEBUG|USER AUTHORIZED (customer_id: 1, user_id: 1, username: fwcadmin)
2024-10-15 09:27:28|ERROR|NotFoundException: [POST]/fwcloud not found.
2024-10-15 09:27:28|ERROR| at Throws404.handle (/opt/fwcloud/api/dist/src/middleware/Throws404.js:29:14)
2024-10-15 09:27:28|ERROR| at Throws404.safeHandler (/opt/fwcloud/api/dist/src/fonaments/http/middleware/Middleware.js:28:24)
2024-10-15 09:27:28|ERROR| at /opt/fwcloud/api/dist/src/fonaments/http/middleware/Middleware.js:38:24
2024-10-15 09:27:28|ERROR| at Layer.handle [as handle_request] (/opt/fwcloud/api/node_modules/express/lib/router/layer.js:95:5)
2024-10-15 09:27:28|ERROR| at trim_prefix (/opt/fwcloud/api/node_modules/express/lib/router/index.js:328:13)
2024-10-15 09:27:28|ERROR| at /opt/fwcloud/api/node_modules/express/lib/router/index.js:286:9
2024-10-15 09:27:28|ERROR| at Function.process_params (/opt/fwcloud/api/node_modules/express/lib/router/index.js:346:12)
2024-10-15 09:27:28|ERROR| at next (/opt/fwcloud/api/node_modules/express/lib/router/index.js:280:10)
2024-10-15 09:27:28|ERROR| at /opt/fwcloud/api/node_modules/express/lib/router/index.js:646:15
2024-10-15 09:27:28|ERROR| at next (/opt/fwcloud/api/node_modules/express/lib/router/index.js:265:14)

 

[Carles Munyoz]

¿Has seguido el mismo procedimiento de ver la petición que genera el navegador a la hora de crear una nueva FWCloud para así incluir todos los parámetros necesarios?