search

ndejong / pfsense_fauxapi

REST based API interface for pfSense 2.3.x and 2.4.x to facilitate devops
Apache License 2.0
354 stars 61 forks source link

Authentication failed, even though credentials were added #85

Closed 1vnt closed 2 years ago

1vnt commented 2 years ago

I get an error ({"callid":"62a0ce4ec1c32","message":"authentication failed"}) everytime I try calling an API function. I have set up my credentials.ini file like described in the comment.

fauxapi_auth() {

    fauxapi_apikey=${1}
    fauxapi_apisecret=${2}

    fauxapi_timestamp=`date --utc +%Y%m%dZ%H%M%S`
    fauxapi_nonce=`head -c 40 /dev/urandom | md5sum | head -c 8`

    # NB:-
    #  auth = apikey:timestamp:nonce:HASH(apisecret:timestamp:nonce)

    fauxapi_hash=`echo -n ${fauxapi_apisecret}${fauxapi_timestamp}${fauxapi_nonce} | sha256sum | cut -d' ' -f1`
    fauxapi_auth=${fauxapi_apikey}:${fauxapi_timestamp}:${fauxapi_nonce}:${fauxapi_hash}

    echo ${fauxapi_auth}
}

curl --header "fauxapi_auth: $(fauxapi_auth xxx xxx)" \
    'https://xxx/fauxapi/v1/?action=config_reload'

This is my script I use for testing (copied from the bash lib). Same thing happens with the python client. Is there any possible fix? I tried reinstalling the package, restarting php and other web stuff and added a new api key

1vnt commented 2 years ago

Sorry, was an issue with my local machines time sync (80+ seconds behind)