search

grahampugh / jamf-upload

Scripts for uploading packages to Jamf Cloud
Apache License 2.0
147 stars 37 forks source link

Auth Token Error with JamfPackageCleaner #135

Closed mhrono closed 5 months ago

mhrono commented 5 months ago

Env: Jamf Pro 11.2.1 AutoPkg 3.0.0RC2 macOS 13.6.4 (on GitHub Actions Runner) API client ID associated with this run has all permissions documented in the wiki Source recipe: https://github.com/mhrono/autopkg-recipes/blob/main/1Password/1Password8.jamf.recipe.yaml

This issue seems to be intermittent and I unfortunately haven't yet found any commonalities between when it works vs fails. When it does fail, JamfPackageCleaner outputs the following:

com.github.grahampugh.jamf-upload.processors/JamfPackageCleaner
{'Input': {'API_USERNAME': '<<redacted>>',
           'CLIENT_ID': '***',
           'CLIENT_SECRET': '***',
           'JSS_URL': 'https://<<redacted>>.jamfcloud.com/'}}
JamfPackageCleaner: No value supplied for pkg_name_match, setting default value of: 
JamfPackageCleaner: No value supplied for versions_to_keep, setting default value of: 5
JamfPackageCleaner: No value supplied for minimum_name_length, setting default value of: 3
JamfPackageCleaner: No value supplied for maximum_allowed_packages_to_delete, setting default value of: 20
JamfPackageCleaner: No value supplied for dry_run, setting default value of: False
JamfPackageCleaner: Getting all packages from https://<<redacted>>.jamfcloud.com/
JamfPackageCleaner: Checking for existing authentication token
JamfPackageCleaner: Checking https://<<redacted>>.jamfcloud.com/ against https://<<redacted>>.jamfcloud.com/
JamfPackageCleaner: URL and user for token matches current request
JamfPackageCleaner: No existing valid token found
JamfPackageCleaner: Getting an authentication token using OAuth
JamfPackageCleaner: Output file is:  <<<header redacted>>>
JamfPackageCleaner: curl command: /usr/bin/curl --dump-header <<<header redacted>>> https://<<redacted>>.jamfcloud.com/api/oauth/token --request POST --silent --show-error --header Content-Type: application/x-www-form-urlencoded --output <<<header redacted>>> --cookie-jar <<<header redacted>>> --cookie <<<header redacted>>> --data-urlencode client_id=*** --data-urlencode grant_type=client_credentials --data-urlencode client_secret=***
JamfPackageCleaner: Session token received
JamfPackageCleaner: Token: ***
JamfPackageCleaner: Expires: 2024-03-08T16:02:28.433338Z
JamfPackageCleaner: Output file is:  <<<header redacted>>>
JamfPackageCleaner: curl command: /usr/bin/curl --dump-header <<<header redacted>>> https://<<redacted>>.jamfcloud.com/JSSResource/packages --request GET --silent --show-error --header <<<header redacted>>> --header Accept: application/json --output <<<header redacted>>> --cookie-jar <<<header redacted>>> --cookie <<<header redacted>>>
JamfPackageCleaner: Found 5 packages to keep and 1 to delete
JamfPackageCleaner: ✅ 1Password-8.10.27.pkg
JamfPackageCleaner: ✅ 1Password-8.10.26.pkg
JamfPackageCleaner: ✅ 1Password-8.10.24.pkg
JamfPackageCleaner: ✅ 1Password-latest-x86_64-8.10.24.196371.pkg
JamfPackageCleaner: ✅ 1Password-8.10.23.pkg
JamfPackageCleaner: ❌ 1Password-8.10.20.pkg (will be deleted)
JamfPackageCleaner: Checking for existing authentication token
JamfPackageCleaner: Checking https://<<redacted>>.jamfcloud.com/ against https://<<redacted>>.jamfcloud.com/
JamfPackageCleaner: URL and user for token matches current request
JamfPackageCleaner: No existing valid token found
JamfPackageCleaner: Getting an authentication token using Basic Auth
JamfPackageCleaner: Output file is:  <<<header redacted>>>
JamfPackageCleaner: curl command: /usr/bin/curl --dump-header <<<header redacted>>> https://<<redacted>>.jamfcloud.com/api/v1/auth/token --request POST --silent --show-error --header <<<header redacted>>> --header Content-type: application/json --output <<<header redacted>>> --cookie-jar <<<header redacted>>> --cookie <<<header redacted>>>
JamfPackageCleaner: ERROR: No token received
Traceback (most recent call last):
  File "/Library/AutoPkg/autopkglib/__init__.py", line 878, in process
    self.env = processor.process()
  File "/Library/AutoPkg/autopkglib/__init__.py", line 661, in process
    self.main()
  File "/Users/runner/Library/AutoPkg/RecipeRepos/com.github.grahampugh.jamf-upload/JamfUploaderProcessors/JamfPackageCleaner.py", line 114, in main
    self.execute()
  File "/Users/runner/Library/AutoPkg/RecipeRepos/com.github.grahampugh.jamf-upload/JamfUploaderProcessors/JamfUploaderLib/JamfPackageCleanerBase.py", line 263, in execute
    token = self.handle_api_auth(
  File "/Users/runner/Library/AutoPkg/RecipeRepos/com.github.grahampugh.jamf-upload/JamfUploaderProcessors/JamfUploaderLib/JamfUploaderBase.py", line 306, in handle_api_auth
    raise ProcessorError("No token found, cannot continue")
autopkglib.ProcessorError: No token found, cannot continue
  File "/Library/AutoPkg/autopkglib/__init__.py", line 878, in process
    self.env = processor.process()
Receipt written to /Users/runner/Library/AutoPkg/Cache/local.jamf.1Password8/receipts/1Password8-receipt-20240308-150229.plist

The following recipes failed:
    1Password8.jamf
        Error in local.jamf.1Password8: Processor: com.github.grahampugh.jamf-upload.processors/JamfPackageCleaner: Error: No token found, cannot continue

All prior actions in the recipe complete successfully as expected.

Happy to run any additional tests to gather more info. Hopefully this is helpful!

grahampugh commented 5 months ago

Looks like it switched to basic auth for some reason, which won't work with API clients. 🤔