[英]Using the Barracuda REST API with Ansible - token authentication doesn't work
我正在嘗試使用梭子魚ADC和/或WAF的REST API,並且當我使用cURL時它可以工作(來自文檔):
請求:
$ curl
-X POST \
-H "Content-Type:application/json" \
-d '{"username": "admin", "password": "admin"}' \ http://10.11.19.104:8000/restapi/v2/login
響應:
{ “標記”: “eyJldCI6IjEzODAyMzE3NTciLCJwYXNzd29yZCI6ImY3NzY2ZTFmNTgwMzgyNmE1YTAzZWZlMzcy \\ nYzgzOTMyIiwidXNlciI6ImFkbWluIn0 = \\ n” 個}
然后,我們應該使用該令牌在API上執行命令,例如:
$ curl
-X GET \
-H "Content-Type:application/json" \
-u 'eyJldCI6IjEzODAyMzE3NTciLCJwYXNzd29yZCI6ImY3NzY2ZTFmNTgwMzgyNmE1YTAzZWZlMzcy\nYzgzOTMyIiwidXNlciI6ImFkbWluIn0=\n': \
http://10.11.19.104:8000/restapi/v2/virtual_service_groups
它會給我一個響應列表(在這種情況下)我的虛擬服務組,它可以與cURL一起使用。
現在,當我嘗試使用ansible做相同的事情時,身份驗證的第一步成功進行了(我什至可以將生成的令牌與cURL一起使用並接受它),但是第二步始終使用生成的令牌運行命令給我401錯誤(無效的憑據):
- name: login into the load balancer
uri:
url: "{{ barracuda_url }}/login"
method: POST
body_format: json
body:
username: "{{ barracuda_user }}"
password: "{{ barracuda_pass }}"
headers:
Content-Type: application/json
return_content: yes
force_basic_auth: yes
register: login
tags: login, debug
- debug: msg="{{ login.json.token }}"
tags: debug
- name: get
uri:
url: "{{ barracuda_url }}/virtual_service_groups"
method: GET
body_format: json
user: "{{ login.json.token }}:"
headers:
Content-Type: application/json
return_content: yes
force_basic_auth: yes
register: response
我的劇本的輸出:
TASK [loadbalancer : login into the load balancer] *****************************
ok: [localhost]
TASK [loadbalancer : debug] ****************************************************
ok: [localhost] => {
"msg": "eyJldCI9IjE0ODQ2MDcxNTAiXCJwYXNzd29yZCI6IjRmM2TlYWMwN2ExNmUxYWFhNGEwNTU5NTMw\nZGQ3ZmM3IiwiaXNlciI6IndpYSJ9\n"
}
TASK [loadbalancer : get] ******************************************************
fatal: [localhost]: FAILED! => {"changed": false, "connection": "close", "content": "{\"error\":{\"msg\":\"Please log in to get valid token\",\"status\":401,\"type\":\"Invalid Credentials\"}}", "content_type": "application/json; charset=utf8", "date": "Mon, 16 Jan 2017 22:32:30 GMT", "failed": true, "json": {"error": {"msg": "Please log in to get valid token", "status": 401, "type": "Invalid Credentials"}}, "msg": "Status code was not [200]: HTTP Error 401: ", "redirected": false, "server": "BarracudaHTTP 4.0", "status": 401, "transfer_encoding": "chunked", "url": "http://10.11.19.104:8000/restapi/v2/virtual_service_groups"}
從user
參數中的"{{ login.json.token }}:"
中刪除冒號。 采用:
user: "{{ login.json.token }}"
冒號不是用戶名的一部分,而是curl
語法(在您的示例中用於避免交互式密碼提示):
-u, --user <user:password> [ ] If you simply specify the user name, curl will prompt for a password.
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.