search

tiredofit / docker-fusiondirectory

Dockerized web based LDAP manager
MIT License
48 stars 18 forks source link

FusionDirectory 1.4 Api request not working #44

Closed tomflenner closed 1 year ago

tomflenner commented 3 years ago

Summary

Cannot request fusiondirectory api

Steps to reproduce

Launch fusiondirectory containre and try to request the featuring link : fusiondirectory/rest.php/v1

What is the expected correct behavior?

The webserver accept request on /rest.php/v1 We can target the /rest.php but not the /rest.php/v1

Relevant logs and/or screenshots

image

image

Environment

Any logs | docker-compose.yml

The fusiondirectory image is used with a nginx-proxy container https://hub.docker.com/r/jwilder/nginx-proxy (maybe the nginx-proxy server is not configured well to accept these url ?)

Possible fixes

I have this email from FusionDirectory list :

Le Tue, 25 May 2021 11:03:03 +0000 (UTC),
Tom Flenner <flennert@yahoo.fr> a écrit :

>  Hello,
> Thanks for the answer but i still have a problem :
> I cannot POST anything on my fusion-directory
> app : https://fusion-directory.m1miaa.fr/rest.php/v1 i have a 404 Not Found
> return from my nginx-server. Do you have any idea ? Thanks.

https://fusion-directory.m1miaa.fr/rest.php works but
https://fusion-directory.m1miaa.fr/rest.php/v1 returns a 404.

It seems your web server is not correctly running rest.php file in this case.

Most likely this is a configuration problem with nginx. From what I gather on
the web it is related to using .php$ in the location directive for the
configuration file.

Compare with this one for instance:
https://github.com/tiredofit/docker-fusiondirectory/blob/1.4/install/etc/nginx/conf.d/default.conf

I think the important part here is having .php(/|$) and the
fastcgi_split_path_info directive. But I’m no expert of nginx, this might need
a few modifications, it’s the first one I found that seemed to take this into
account.

Côme

But the solution point on your docker container, and i alreay use it so i dont know why it doesn't works well :/

tiredofit commented 3 years ago

Yes, this is probably it, not your reverse proxy.

I don't have a 1.4 instance up and running but if you wanted to experiment you could do the following:

Enter the container and edit /etc/nginx/conf.d/default.conf`

These two lines are likely suspect, , but the whole block could be wrong. All that you need to do is keep the 'include' statement to connect to the PHP backend.

    `location ~ .+[^/]\.php(/|$) {`
    `fastcgi_split_path_info ^/fd(.+?\.php)(.*)$;`

After making your changes execute nginx -s reload and test to see if your url works. If you find a working block I will incorporate it into the image, that config has been there for years now and it hasn't changed, so there is bound to be errors.

tiredofit commented 3 years ago

Alright, a new version should be available. I've also done a couple things:

All of these options may change in the future as we continue to develop on this image but that's where things work right now. I can get it to a /rest/v1/ - Access Denied response now, which is better than the 404 that you were seeing.

Let me know if this works for you!

tomflenner commented 3 years ago

Thanks for the work, the rest.php is now accessible with a denied (403), its a little bit better.

But i cannot POST and get loggin on the API :/

Get a 403 Forbidden on this POST request :

URL : https://fusion-directory.m1miaa.fr/rest.php/v1/login

Body :
{
"directory": "default",
"user": "fd-admin",
"password": "password"
}

I tried to disable "Force SSL" on the Fusion-Directory configuration panel, but not seems to change anything :/

If you have any idea, im trying to search

tiredofit commented 3 years ago

I have encountered a nasty bug in our 1.4 install, I don't know if its the image or not, so I will try a few tests on my end as our 1.4 instance is accessible via the web. Will let you know..

tiredofit commented 3 years ago

Alright. Nginx is a real PITA sometimes :) Have a go at it now. I am able to get it to respond on my own installation but still not get authenticated.

tomflenner commented 3 years ago

Im excited to see the result !

The api authentication part is not a problem on Fusion Directory ? or you think its still nginx side ?

tiredofit commented 3 years ago

I can't tell. I can get /rest.php/v1/directories to respond, but I am having a problem getting /rest.php/v1/login work.

tomflenner commented 3 years ago

Hi, i come back to you for news !

Did you success with rest api ?

Note : I get back on version 1.3 in order to works with JSON RPC service due to my fast need to have something that works.

tiredofit commented 3 years ago

Haven't done anything with it to be honest. I'm swamped on other work not related to Docker/FD.. Am willing to make changes though if its figured out what is the problem

grharry commented 2 years ago

I believe there is a typo error in install/etc/cont-init.d/40-fusiondirectory line 51

Webservice / REST

...

sed -i "/include \/etc\/nginx\/conf.available\/rest.template;/d" /etc/nginx/conf.available/default.conf

should be sed -i "/include \/etc\/nginx\/conf.available\/rest.template;/d" /etc/nginx/conf.d/default.conf

Sorry no pull request ! Regards Harry

tiredofit commented 2 years ago

Thanks for eyeing this! Definitely an issue. New build coming shortly.

tiredofit commented 1 year ago

Closing this off, I'm finally getting to look into REST for FusionDirectory in my organization, With PLUGIN_WEBSERVICE=TRUE I can successfully login and manipulate the directory.