search

glpi-project / glpi

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing.
https://glpi-project.org
GNU General Public License v3.0
4.24k stars 1.29k forks source link

problem when I try to login via the API #4506

Closed cayu closed 6 years ago

cayu commented 6 years ago

Hello, I have a problem when I try to login via the API

Y try with 9.1 9.2 9.3 (via upgrades) and the result is the same

SHELL

curl -k -X GET -H 'Content-Type: application/json' -H "Authorization: user_token j9kok1metngbta1jj3xgvvsmkta4rmesv39b96n2" -H "App-Token: Hb623zUcRjnNSzr4d6kdjoEyP6slTqPEMn85Zmig" 'https://glpi/apirest.php/initSession'

BROWSER

https://glpi/apirest.php/initSession?user_token=tepcSiV3Yh5YjaRJGEhxI69gg5pe9ZB97tBlLjyt&app_token=Hb623zUcRjnNSzr4d6kdjoEyP6slTqPEMn85Zmig

PHP SCRIPT 


<?php
$api_url="https://glpi/apirest.php";
$usertoken="tepcSiV3Yh5YjaRJGEhxI69gg5pe9ZB97tBlLjyt";

echo " [+] API GLPI : Session Initializing ";
echo ("   User Token  ===> " . $usertoken);
$headers = array(
    ('Content-Type: application/json'),
    ('Authorization: user_token ' . $usertoken),
    ('App-Token: Hb623zUcRjnNSzr4d6kdjoEyP6slTqPEMn85Zmig')
);

$initurl=$api_url."/initSession/";
echo ("\n   Init Url ===> " . $initurl);

$ch  = curl_init();

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_URL, $initurl);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$request_result = curl_exec($ch);

echo "\n";
echo $request_result;
echo "\n";

curl_close($ch);
$obj = json_decode($request_result,true);
print_r ($obj);
$session_token="";
$session_token=$obj['session_token'];

if ($session_token == ""){
     echo "FATAL ! Error to retrieve Session Token\n";
     exit(2);
}

echo ("   [+] SESSION TOKEN ===> " . $session_token);
echo ("\n\n\n\n");
?>

The user token is correctly

The result is the same

Example output ( [session_token] => nmoa5clfg0mfn8g5i153o8iqep )

["ERROR_GLPI_LOGIN_USER_TOKEN","parámetro de usuario_token parece válido"]

Información sobre la instalación y configuración del sistema

[code]   GLPI 9.3.0 ( => /var/www/glpi) Installation mode: TARBALL

Operating system: Linux glpi 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) x86_64 PHP 5.6.36-0+deb8u1 apache2handler (Core, PDO, Phar, Reflection, SPL, SimpleXML, Zend OPcache, apache2handler, apc, apcu, bcmath, bz2, calendar, ctype, curl, date, dba, dom, ereg, exif, fileinfo, filter, ftp, gd, gettext, hash, iconv, imap, json, ldap, libxml, mbstring, mhash, mysql, mysqli, openssl, pcre, pdo_mysql, posix, readline, session, shmop, soap, sockets, standard, sysvmsg, sysvsem, sysvshm, tokenizer, wddx, xml, xmlreader, xmlrpc, xmlwriter, zip, zlib) Setup: max_execution_time="30" memory_limit="128M" post_max_size="8M" safe_mode="" session.save_handler="files" upload_max_filesize="2M" Software: Apache () Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36 Server Software: MySQL Community Server (GPL) Server Version: 5.6.41 Server SQL Mode: Parameters: debian-sys-maint@127.0.0.1/glpi Host info: 127.0.0.1 via TCP/IP mysqli extension is installed ctype extension is installed fileinfo extension is installed json extension is installed mbstring extension is installed zlib extension is installed curl extension is installed gd extension is installed simplexml extension is installed xml extension is installed ldap extension is installed imap extension is installed Zend OPcache extension is installed APCu extension is installed xmlrpc extension is installed CAS extension is installed Database version seems correct (5.6.41) - Perfect! /var/www/glpi/config : OK /var/www/glpi/files : OK /var/www/glpi/files/_dumps : OK /var/www/glpi/files/_sessions : OK /var/www/glpi/files/_cron : OK /var/www/glpi/files/_graphs : OK /var/www/glpi/files/_lock : OK /var/www/glpi/files/_plugins : OK /var/www/glpi/files/_tmp : OK /var/www/glpi/files/_cache : OK /var/www/glpi/files/_rss : OK /var/www/glpi/files/_uploads : OK /var/www/glpi/files/_pictures : OK /var/www/glpi/files/_log : OK Web access to the files directory should not be allowed but this cannot be checked automatically on this instance. Make sure acces to error log file is forbidden; otherwise review .htaccess file and web server configuration.

htmLawed version 1.2.4 in (/var/www/glpi/lib/htmlawed) SimplePie version 1.5.2 in (/var/www/glpi/vendor/simplepie/simplepie/library) TCPDF version 6.2.17 in (/var/www/glpi/vendor/tecnickcom/tcpdf) michelf/php-markdown in (/var/www/glpi/vendor/michelf/php-markdown/Michelf) true/punycode in (/var/www/glpi/vendor/true/punycode/src) iacaml/autolink in (/var/www/glpi/vendor/iamcal/lib_autolink) sabre/vobject in (/var/www/glpi/vendor/sabre/vobject/lib) phpCas version 1.3.3 in (/usr/share/php)

LDAP directories

Server: '10.1.1.100', Port: '389', BaseDN: 'DC=COMPANY,DC=ROOT', Connection filter: none, RootDN: 'GLPI@COMPANY.ROOT', Use TLS: none

Not active

Way of sending emails: PHP

 

flyvemdm             Name: Administración de dispo Version: 2.0.0-rc.2 State: Enabled
webapplications      Name: Aplicaciones Web               Version: 2.5.0      State: Enabled
autologin            Name: Auto Login                     Version: 2.1.1      State: Enabled
databases            Name: Bases de Datos                 Version: 2.1.0      State: Enabled
certificates         Name: Certificates                   Version: 2.3.0      State: Enabled
consumables          Name: Consumable request             Version: 1.3.1      State: Enabled
accounts             Name: Cuentas                        Version: 2.4.2      State: Enabled
addressing           Name: Direccionamientos IP           Version: 2.6.1      State: Enabled
domains              Name: Domains                        Version: 2.0.0      State: Enabled
fusioninventory      Name: FusionInventory                Version: 9.3+1.1    State: Enabled
mod                  Name: GLPI Modifications             Version: 1.2.1      State: Enabled
pdf                  Name: Imprimir en pdf                Version: 1.3.1.1    State: Enabled
services             Name: ITIL Services                  Version: 1.3.1      State: Not activated
shellcommands        Name: Shell Commands                 Version: 2.2.0      State: Enabled
orthagh commented 6 years ago

Are you sure your glpi token is still valid. We reset all user token on 9.2 migration (security issue detected).

Check in the user preferences.

trasher commented 6 years ago

No feedback, closing

cayu commented 6 years ago

It works correctly thank you very much !!