github-actions[bot]
commented
1 year ago Your report is appreciated. Please star this repository to motivate its developers! :star:
Closed palmtown closed 1 year ago
github-actions[bot]
commented
1 year ago Your report is appreciated. Please star this repository to motivate its developers! :star:
lmangani
commented
1 year ago Please attach the actual errors from clients and/or backend.
Have you validated this is the case using the HOMER Admin > API Documentation app?
palmtown
commented
1 year ago Hello @lmangani
Thanks for responding. Please see the error, pathname and headers below. In terms of validating the case, I can successfully consume the resource "/api/v3/export/call/messages/pcap" using a jwt token I get from the "user/token" however, I am unable to use the token I generated on the backend on the "AUTH TOKEN" page that you show in your snapshot.
My question is, can the auth token I get from the "AUTH TOKEN" page be used as authentication for the API? When I create it, the success message says to use it in the header "Auth-Token" in the admin panel, however, this doesn't work.
While I can get a jwt token from "user/token" that doesn't seem to be efficient as my use case is server to server communication and the user/token seems more designed for user authentication.
Error: HTTPError: Response code 401 (Unauthorized)
pathname: '/api/v3/export/call/messages/pcap'
headers: { 'auth-token': [redacted], 'content-type': 'application/json', 'content-length': '326', 'accept-encoding': 'gzip, deflate, br' },
adubovikov
commented
1 year ago Hello @palmtown,
you have to provide the Auth-Token as a HTTP request header and put the tocken inside.
Please be sure that the header is case sensitive - please write it as Auth-Token, and not as "auth-token" :-)
palmtown
commented
1 year ago Hello @adubovikov
I really appreciate your response. The package I am using is automatically changing the header to lower case. I am going to research this further to see how to avoid that. However, I am happy to get your insight as I too saw the header in the file, however, assumed homer was case insensitive.
I'll give that a try and report back.
adubovikov
commented
1 year ago try to fix it from your side - if it will be not easy - we can add an exception
adubovikov
commented
1 year ago @palmtown hold on
the auth-token doesn't work for API - only for HepSub
let us add it
palmtown
commented
1 year ago Hello @adubovikov
Thanks for the update. I would appreciate if this is implemented. Also, I would kindly request it to be case insensitive. As I am finding, according to section "4.2 Message Headers" at https://www.rfc-editor.org/rfc/rfc2616#section-4.2 "Field names are case-insensitive."
adubovikov
commented
1 year ago https://github.com/sipcapture/homer-app/commit/0cd50fbaf5c14a4e1090cfcce56d28b4c5c8ebf5
@palmtown can you please re-compile and recheck ?
palmtown
commented
1 year ago Hello @adubovikov
Absolutely, trying now.
palmtown
commented
1 year ago Hello @adubovikov
I'm using the https://github.com/sipcapture/homer7-docker deployment; it doesn't seem it pull the latest source when I try to redeploy. I'll need to setup install manually. Once I get that done and test, I'll update.
palmtown
commented
1 year ago Hello @adubovikov
My initial test shows that the Auth-Token is working, however, more testing is needed as the error is gone, but no data is being returned. Also, note to get it to work, I had to change "enable_token_access": true
I saw in your commit you added this, however, it is false by default.
adubovikov
commented
1 year ago ah, yes, the enable_token_access should be true. Let me know and we can rebuild dockers
lmangani
commented
1 year ago containers should be pushed by now
palmtown
commented
1 year ago Hello @lmangani
Excellent, I'll test it now. Thanks for the update.
palmtown
commented
1 year ago Hello @adubovikov & @lmangani
It works great! On the docker deployment, similar as above in that I had to add "enable_token_access": true in etc/webapp_config.json. I also added "auth_token_header": "Auth-Token" as shown in the commit. Note that these variables are not present in the docker deployment whereas in the source, they are present, just that "enable_token_access": false.
Thanks, very much appreciated it. I'll continue my integration and report any issue.
lmangani
commented
1 year ago Thanks @palmtown feel free to open an issue for adding those ENV variables in containers if needed.
Hello,
The Auth-Token header is not working when trying to consume the API. Note that I created an token at preference/auth%2520token and added it to the headers, however, the API returns a 401 error.
Does the Auth-Token work to consume API services?