Zabbix api authentication not working in 6.4.0rc1 (and probably higher)

[solitprojects]

During testing version 6.4.0rc1 of Zabbix, the json rpc authentication fails apparently instead of 'user' you need to use 'username' as parameter name now

maybe not really a plugin bug, but unless Zabbix confirms this as a bug themselves, the authentication mechanism in your plugin should change to be able to work in newer versions of Zabbix

original parameters are not working: error = Invalid parameter \"/\": unexpected parameter \"user\".

new parameters are working (change user -> username) :

Grafana	Zabbix	Grafana-Zabbix Plugin
v9.3.2	6.4.0rc1	4.2.10

[solitprojects]

update: apparently the "user" parameter was deprecated in version 5.4. Support for it is dropped in 6.4, see [ZBXNEXT-8085]. Please update the API call in the plugin

[alexanderzobnin]

Yes, user was renamed to username.

[lfernandosg]

dear,

I'm on zabbix 6.4 b5 and grafana 9.3.2. Until version 6.4 b4 it was working but now I get the same error. I'm not finding in my debian file /usr/share/zabbix/api_jsonrpc.php that part to change the name to username.

follow my file

<?php /* Zabbix Copyright (C) 2001-2022 Zabbix SIA This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. **/

header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Headers: Content-Type'); header('Access-Control-Allow-Methods: POST'); header('Access-Control-Max-Age: 1000');

if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { return; }

require_once dirname(FILE).'/include/func.inc.php'; require_once dirname(FILE).'/include/classes/core/CHttpRequest.php';

$allowed_content = [ 'application/json-rpc' => 'json-rpc', 'application/json' => 'json-rpc', 'application/jsonrequest' => 'json-rpc' ]; $http_request = new CHttpRequest(); $content_type = $http_request->header('Content-Type'); $content_type = explode(';', $content_type); $content_type = $content_type[0];

if (!isset($allowed_content[$content_type])) { header('HTTP/1.0 412 Precondition Failed'); return; }

require_once dirname(FILE).'/include/classes/core/APP.php';

header('Content-Type: application/json'); $data = $http_request->body();

try { APP::getInstance()->run(APP::EXEC_MODE_API);

    $apiClient = API::getWrapper()->getClient();

    // unset wrappers so that calls between methods would be made directly to the services
    API::setWrapper();

    $jsonRpc = new CJsonRpc($apiClient, $data);
    echo $jsonRpc->execute();

} catch (Exception $e) { // decode input json request to get request's id $jsonData = json_decode($data, true);

    $response = [
            'jsonrpc' => '2.0',
            'error' => [
                    'code' => 1,
                    'message' => $e->getMessage(),
                    'data' => ''
            ],
            'id' => (isset($jsonData['id']) ? $jsonData['id'] : null)
    ];

    echo json_encode($response);

}

session_write_close();

[alexanderzobnin]

Here's a test build (linux+windows). You can try it and see if issue is fixed

alexanderzobnin-zabbix-app.zip

[solitprojects]

thanks! I’m using the docker image so there is no possibility for me to manually update plugins , since i don’t have root access to that image. I will have to wait for the plugin to be published

[lfernandosg]

Alexandre, the commands you have in the readme are the same ones we install in normally. How do I apply this build? is it by cli? which command? or is it through the web gui? which way?

Here's a test build (linux+windows). You can try it and see if issue is fixed

alexanderzobnin-zabbix-app.zip

Alexandre, the commands you have in the readme are the same ones we install in normally. How do I apply this build? is it by cli? which command? or is it through the web gui? which way?

[lfernandosg]

Alexandre, the commands you have in the readme are the same ones we install in normally. How do I apply this build? is it by cli? which command? or is it through the web gui? which way?

Here's a test build (linux+windows). You can try it and see if issue is fixed alexanderzobnin-zabbix-app.zip

Alexandre, the commands you have in the readme are the same ones we install in normally. How do I apply this build? is it by cli? which command? or is it through the web gui? which way?

when copying the files to the /var/lib/grafana/plugins/alexanderzobnin-zabbix-app folder it deactivates the plugin and does not let it activate asking to reinstall the plugin.

[kestjones]

Here's a test build (linux+windows). You can try it and see if issue is fixed

alexanderzobnin-zabbix-app.zip @alexanderzobnin , I uninstalled the old plugin, applied the bug fix and the problem still exists. I get the following message: Invalid params. Invalid parameter "/": unexpected parameter "user".

[byteschubser]

Here's a test build (linux+windows). You can try it and see if issue is fixed

alexanderzobnin-zabbix-app.zip

Please sign this test version.

plugin=alexanderzobnin-zabbix-app path=/var/lib/grafana/plugins/alexanderzobnin-zabbix-app/gpx_zabbix-plugin_freebsd_arm64 logger=plugin.loader t=2023-01-10T09:50:13.860210076Z level=warn msg="Skipping loading plugin due to problem with signature" pluginID=alexanderzobnin-zabbix-datasource status=modified logger=plugin.loader t=2023-01-10T09:50:13.860429449Z level=warn msg="Skipping loading plugin due to problem with signature" pluginID=alexanderzobnin-zabbix-triggers-panel status=modified logger=plugin.loader t=2023-01-10T09:50:13.860523876Z level=warn msg="Skipping loading plugin due to problem with signature" pluginID=alexanderzobnin-zabbix-app status=modified

[gimguang]

Although the unsigned plug-in is set in grafana.ini, it still cannot be used

[plugins]
enable_alpha = true
app_tls_skip_verify_insecure = true
# Enter a comma-separated list of plugin identifiers to identify plugins to load even if they are unsigned. Plugins with modified signatures are never loaded.
allow_loading_unsigned_plugins = alexanderzobnin-zabbix-datasource
# Enable or disable installing / uninstalling / updating plugins directly from within Grafana.
plugin_admin_enabled = true
;plugin_admin_external_manage_enabled = false

[greenaar]

Also running Zabbix 6.4b5. Unsigned option in grafana does not seem to work. Could you sign either your test build or a new release?

[byteschubser]

Thanks for the hint. The following works for me:

[plugins]
allow_loading_unsigned_plugins = alexanderzobnin-zabbix-app,alexanderzobnin-zabbix-datasource,alexanderzobnin-zabbix-triggers-panel

[kestjones]

I can't get the plugin to work. It gives the error:

level=warn msg="Skipping loading plugin due to problem with signature" pluginID=alexanderzobnin-zabbix-datasource status=modified. Even adding the line:

[plugins] allow_loading_unsigned_plugins = alexanderzobnin-zabbix-app,alexanderzobnin-zabbix-datasource,alexanderzobnin-zabbix-triggers-panel

According to grafana documentation plugins with modified signature cannot be loaded. Has anyone managed to resolve?

[solitprojects]

got it "solved" since this afternoon :

delete MANIFEST.txt from the plugin directory and restart

then it will load as "unsigned" plugin, if you add it to [plugins] allow_loading_unsigned_plugins = alexanderzobnin-zabbix-app,alexanderzobnin-zabbix-datasource,alexanderzobnin-zabbix-triggers-panel

in short: unsigned plugins can be overwritten, incorrect signed plugins, cannot so the trick is to delete the signing key ...

[kestjones]

got it "solved" since this afternoon :

delete MANIFEST.txt from the plugin directory and restart

then it will load as "unsigned" plugin, if you add it to [plugins] allow_loading_unsigned_plugins = alexanderzobnin-zabbix-app,alexanderzobnin-zabbix-datasource,alexanderzobnin-zabbix-triggers-panel

in short: unsigned plugins can be overwritten, incorrect signed plugins, cannot so the trick is to delete the signing key ...

@solitprojects , It worked thank you very much.

[clintclil]

I can't get the plugin to work. It gives the error: Plugin disabled

[spectroman]

field "user" is now only accepted as "username"

(not) nice, useless zabbix changes.

[clintclil]

Is it any tricky way to avoid this bug in pluggin side

[valdoltra]

I installed 4.2.10 but still getting the same problems with sending user instead of username. Any workarounds? I have tried almost everything except compiling it from the source(which I am doing right now as I write).

As for digital signature I have no issues. I enabled unsigned plugins as per below, updated it through grafana UI from 4.2.6 to 4.2.10 and it can be used...

_[plugins] allow_loading_unsignedplugins = alexanderzobnin-zabbix-app,alexanderzobnin-zabbix-datasource,alexanderzobnin-zabbix-triggers-panel

But it still throws the user param error.

Any suggestions?

[jdbarondo]

Hi, I also have the same problem. I have upgraded everything (Zabbix and Grafana) to their latest versions, and I still continue to get the same error:

Invalid params. Invalid parameter "/": unexpected parameter "user".

logger=plugin.alexanderzobnin-zabbix-datasource t=2023-02-21T15:10:45.300991485Z level=error msg="Zabbix API request error" error="Invalid params. Invalid parameter \"/\": unexpected parameter \"user\"." logger=context userId=1 orgId=1 uname=admin t=2023-02-21T15:10:45.301609358Z level=error msg="Request Completed" method=POST path=/api/datasources/10/resources/zabbix-api status=500 remote_addr=X.X.X.X time_ms=60 duration=60.692836ms size=117 referer=https://grafana.test.es:3000/datasources/edit/mBeMTU0Vk handler=/api/datasources/:id/resources/*

[javier-lancharro]

Hi, and thanks for excellent integration...

I installed the last version of plugin that you has published in this thread... i solved "unsigned plugin" errors... but the error persist: "Invalid params. Invalid parameter "/": unexpected parameter "user".

Zabbix 6.4.0rc2

Can you help me please? I'm migrating from PRTG Network Monitor to Zabbix + Grafana and this error stops our migration.

Sorry for my poor english

Thx for advance

Best regards

[Xileck]

got it "solved" since this afternoon :

delete MANIFEST.txt from the plugin directory and restart

then it will load as "unsigned" plugin, if you add it to [plugins] allow_loading_unsigned_plugins = alexanderzobnin-zabbix-app,alexanderzobnin-zabbix-datasource,alexanderzobnin-zabbix-triggers-panel

in short: unsigned plugins can be overwritten, incorrect signed plugins, cannot so the trick is to delete the signing key ...

Thanks a lot mate this worked for me and thanks @alexanderzobnin for providing the test build, I was able to do these changes on my Grafana docker container and it worked!, you saved my life (Got a meeting this monday on how we are now monitoring network and servers using this awesome plugin)

[bpbp-boop]

Another option is editing api_jsonrpc.php on your zabbix servers to update the user parameter

52a53
> $data = str_replace('"user"', '"username"', $data);

[simonecerbone]

hello @bpbp-boop, where is the file ? I have docker installation thanks

[glange84]

= str_replace('"user"', '"username"', $data);

Top man! Thanks!

[jpconfessor]

file is located here: /usr/share/zabbix/api_jsonrpc.php

then, I just had to include the additional line provided by bpbp-boop after $data variable:

...
header('Content-Type: application/json');
$data = $http_request->body();
$data = str_replace('"user"', '"username"', $data);

don't forget to make a makup before adding any changes! ;) hope this will be fixed in the future

[pptfz]

Thank you. That solves the problem