search

StephenOTT / TAXII-Server

TAXII Server supporting the 2.1 spec.
MIT License
18 stars 6 forks source link

apiRoot - page not found #38

Closed VVX7 closed 4 years ago

VVX7 commented 4 years ago

Hi! Cool project!

I just started the docker container but I'm not able to call any of the API endpoints. I'm not sure what the value for apiRoot is supposed to be, and when I make a GET to http://localhost:8080/ I'm getting the following error.

Any idea what I've done wrong?

404
b'{"message":"Page Not Found","_links":{"self":{"href":"/","templated":false}}}'
StephenOTT commented 4 years ago

Does http://localhost:8080/taxii2 work?

VVX7 commented 4 years ago

Nope, same thing. b'{"title":"This TAXII Endpoint is not implemented.","http_status":"501"}'

StephenOTT commented 4 years ago

@VVX7 can you try in the browser to go to localhost:8080/taxii2? You should get a basic auth (see readme) and then you should get 

{"title":"Some Default TAXII Server","description":"This is some Default TAXII Server","contact":"Some Contact goes here","default":"/default-root-1","api_roots":["/default-root-1","/root2","/root3"]}

The Taxii endpoint is not implement is normal for any endpoint that does not have a "Provider"

Example: https://github.com/StephenOTT/TAXII-Server/blob/master/src/main/kotlin/com/github/stephenott/stix/taxii/action/actions/DiscoveryProvider.kt vs https://github.com/StephenOTT/TAXII-Server/blob/master/src/main/kotlin/com/github/stephenott/stix/taxii/action/actions/GetCollectionProvider.kt

StephenOTT commented 4 years ago

localhost:8080 should return a "client does not have access to this resource" (assuming you passed basic auth)

localhost:8080/anything-goes-here anything in the apiRoot position will return the same root as the provider is just statically coded to return {"title":"default-root-1","description":"this is the default root 1","versions":["application/taxii+json;version=2.1"],"max_content_length":104857600}

In practice the provider would be connected with a data repository like another system, database, rest, queue, etc.

VVX7 commented 4 years ago

In the browser I'm also getting a 501.

image

I'm using python requests with basic auth (default credentials in the README) and getting that message.

import requests
from requests.auth import HTTPBasicAuth

request = requests.get("http://localhost:8080/taxii2", auth=HTTPBasicAuth("sherlock", "password"))

print(request.content)

>>> b'{"title":"This TAXII Endpoint is not implemented.","http_status":"501"}'
StephenOTT commented 4 years ago

I just pushed some code that was not committed. Try downloading source again and try it. It should not make a difference, but maybe did not see something.
You are getting a not implemented response. So it is picking it up as a Taxii endpoint. But it was not implemented, BUT it is implemented here: https://github.com/StephenOTT/TAXII-Server/blob/master/src/main/kotlin/com/github/stephenott/stix/taxii/action/actions/DiscoveryProvider.kt

from my browser: taxii2

VVX7 commented 4 years ago

The docker image pulls release 0.5. I'll try building from source tomorrow. Thanks for your help so far.

StephenOTT commented 4 years ago

Sorry yes you are correct. That was error on my part. I have updated the build release to 0.6 and the docker file:

https://github.com/StephenOTT/TAXII-Server/releases/tag/v0.6

https://github.com/StephenOTT/TAXII-Server/blob/v0.6/dockerfile

VVX7 commented 4 years ago

All good now. Thanks! image

StephenOTT commented 4 years ago

Great!!