search

pry0cc / axiom

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
MIT License
4k stars 622 forks source link

do token is not being validated correctly #504

Closed jcr7301 closed 2 years ago

jcr7301 commented 2 years ago

From a fresh reinstall, I'm getting the following output when introducing do token

Please enter your token (required): 
>> <do_token>                                                                                                                                                                        

Validating token... invalid token
Error: Unable to use supplied token to access API: GET https://api.digitalocean.com/v2/account: 401 (request "xxxx") Unable to authenticate you

Autoselecting default region based on ping...Error: GET https://api.digitalocean.com/v2/regions?page=1&per_page=200: 401 (request "xxxx") Unable to authenticate you

Trying to validate the same token manually does not return any error.

xxxx@kali-2020-3:~/.axiom$ curl -X GET   -H "Content-Type: application/json"   -H "Authorization: Bearer <do_token>"   "https://api.digitalocean.com/v2/account"
{"account":{"droplet_limit":10,"floating_ip_limit":3,"volume_limit":10,"email":"xxxx@gmail.com","uuid":"xxxx","email_verified":true,"status":"active","status_message":""}}
jcr7301 commented 2 years ago

I fixed the issue manually. For some reason there's an old token value stored in ~/.config/doctl/config.yaml at line 123

auth-contexts:
  axiom: <old_token_value>

doctl command is using this value even if -t is provided. Changing this value manually works around it.

0xtavian commented 2 years ago

It seems this was an issue with doctl using the wrong api endpoint. I bumped the version just in case. Closing this issue, but if you see this error again don’t hesitate to post a comment.