search

eNMS-automation / eNMS

An enterprise-grade vendor-agnostic network automation platform.
https://www.enms.io/
GNU General Public License v3.0
812 stars 162 forks source link

API is not working with Basic Auth #397

Open viperbmw opened 1 year ago

viperbmw commented 1 year ago

The API for the eNMS rest is not working correctly with using Basic auth

The Ping endpoint works all others do not when trying basic auth

`<!doctype html>

TypeError: descriptor 'keys' for 'dict' objects doesn't apply to a 'Authorization' object // Werkzeug Debugger

TypeError

TypeError: descriptor 'keys' for 'dict' objects doesn't apply to a 'Authorization' object

Traceback (most recent call last)

  • File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 2552, in __call__

        def __call__(self, environ: dict, start_response: t.Callable) -> t.Any:
            """The WSGI server calls the Flask application object as the
            WSGI application. This calls :meth:`wsgi_app`, which can be
            wrapped to apply middleware.
            """
            return self.wsgi_app(environ, start_response)

  • File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 2532, in wsgi_app

                try:
                    ctx.push()
                    response = self.full_dispatch_request()
                except Exception as e:
                    error = e
                    response = self.handle_exception(e)
                except:  # noqa: B001
                    error = sys.exc_info()[1]
                    raise
                return response(environ, start_response)
            finally:

  • File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 2529, in wsgi_app

            ctx = self.request_context(environ)
            error: t.Optional[BaseException] = None
            try:
                try:
                    ctx.push()
                    response = self.full_dispatch_request()
                except Exception as e:
                    error = e
                    response = self.handle_exception(e)
                except:  # noqa: B001
                    error = sys.exc_info()[1]

  • File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1825, in full_dispatch_request

                request_started.send(self)
                rv = self.preprocess_request()
                if rv is None:
                    rv = self.dispatch_request()
            except Exception as e:
                rv = self.handle_user_exception(e)
            return self.finalize_request(rv)
     
        def finalize_request(
            self,
            rv: t.Union[ft.ResponseReturnValue, HTTPException],

  • File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1823, in full_dispatch_request

     
            try:
                request_started.send(self)
                rv = self.preprocess_request()
                if rv is None:
                    rv = self.dispatch_request()
            except Exception as e:
                rv = self.handle_user_exception(e)
            return self.finalize_request(rv)
     
        def finalize_request(

  • File "/usr/local/lib/python3.10/dist-packages/flask/app.py", line 1799, in dispatch_request

                and req.method == "OPTIONS"
            ):
                return self.make_default_options_response()
            # otherwise dispatch to the handler for that endpoint
            view_args: t.Dict[str, t.Any] = req.view_args  # type: ignore[assignment]
            return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
     
        def full_dispatch_request(self) -> Response:
            """Dispatches the request and on top of that performs request
            pre and postprocessing as well as HTTP exception catching and
            error handling.

  • File "/eNMS/eNMS/server.py", line 132, in decorated_function

                request_property = f"{request.method.lower()}_requests"
                endpoint_rbac = vs.rbac[request_property].get(endpoint)
                if rest_request:
                    user = None
                    if request.authorization:
                        user = env.authenticate_user(**request.authorization)
                    if user:
                        login_user(user)
                username = getattr(current_user, "name", "Unknown")
                if not endpoint_rbac:
                    status_code = 404

  • File "/usr/local/lib/python3.10/dist-packages/werkzeug/datastructures/auth.py", line 491, in wrapper

                "Treating 'Authorization' and 'WWWAuthenticate' as a dict is deprecated and"
                " will be removed in Werkzeug 3.0. Use the 'parameters' attribute instead.",
                DeprecationWarning,
                stacklevel=2,
            )
            return f(*args, **kwargs)
     
        return wrapper
     
     
    for name in (
TypeError: descriptor 'keys' for 'dict' objects doesn't apply to a 'Authorization' object

This is the Copy/Paste friendly version of the traceback.

The debugger caught an exception in your WSGI application. You can now look at the traceback which led to the error. If you enable JavaScript you can also use additional features such as code execution (if the evalex feature is enabled), automatic pasting of the exceptions and much more.
Brought to you by DON'T PANIC, your friendly Werkzeug powered traceback interpreter.

Console Locked

The console is locked and needs to be unlocked by entering the PIN. You can find the PIN printed out on the standard output of your shell that runs the server.

PIN:

`