Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

API Examples

Reply

Getting cookie authentication working with Perl and WAPI REST

Expert
Posts: 185
2745     3

Ok so I'm a bit of an old fossil using Perl, I haven't jumped on the Python bandwagon yet, but Perl does what I need. However I am no expert when it comes to REST coding and I have struggled to get the simplest things working, such as cookie authentication. The docs just don't have any clear examples for newbies/beginners and even searching the web I really struggled to find any decent explanations of how to do it, however I have finally cracked it and wanted to share my knowledge to help others.

 

So here's a framework that other ancient fossils who use Perl can utlise to get started. This is a bit rough around the edges but maybe if any experts here have any tips they can suggest improvements?...

 

#!/bin/perl
#
use strict;
use Data:Smiley Very Happyumper;
use REST::Client;
use JSON;
use MIME::Base64;
use Term::ReadKey;

#

my $gm_ip = $ARGV[0]; # Grid master IP address
my $username = $ARGV[1];
#

 

sub usage {
# instruct users for correct script format
  print "Please run as $0 <Gid Master IP address> <Username>\n";
  exit 0;
}

 

# Verify correct user input for script format.
if (!$gm_ip) {
  usage;
}

 

if (!$username) {
  usage;
}

 

#Get password from command line
ReadMode('raw');
my $password = '';
$|=1; #Turn on AutoFlush (helps with display of asterisks during password input)
print STDERR "Password: "; # Use STDERR so if user has redirected output to a log file, this still gets displayed on the terminal

 

while (1) {
  my $c;
  1 until defined($c = ReadKey(-1));
  last if ($c eq "\r");
  print "*"; # Print a "*" for each character
  $password .= $c;
}

 

print "\n";  # Print carriage return after user has hit "return"

ReadMode('restore');

 

my $host = "https://$gm_ip/wapi/v2.10.1";  # Set API URL

my $client = REST::Client->new();

 

# don't verify SSL cert if using self-signed cert
$client->getUseragent()->ssl_opts(verify_hostname => 0);

 

# initialise cookie jar

$client->getUseragent()->cookie_jar({});

 

# Set up authentication header

my $auth_header = {
  Authorization => 'Basic ' . encode_base64($username . ':' . $password)
};

 

# Link the REST object to the Infoblox URL
$client->setHost($host);

 

# Login with creds by getting grid object
$client->GET('/grid?_return_fields=security_setting',$auth_header);

 

# Add your own code to check http status and verify auth was successful

 

# Decode the response...

my $decoded_json = decode_json($client->responseContent());
my $security_setting = $decoded_json->[0]->{security_setting};
my $session_timeout = $security_setting->{session_timeout};
my $grid_ref = $decoded_json->[0]->{_ref};

print "Session timeout = $session_timeout\n";

 

# Now we have logged in we have the cookie stored in our cookie jar and it will

# get used automatically by the REST object, no need to supply any headers,

# we just start using the API without having to re-authenticate

# e.g. to get the grid object:

 

$client->GET("/$grid_ref?_return_fields=name,service_status");

print Dumper $client->responseContent();

 

# Don't forget to logout at the end else you'll leave the cookie active

# for whatever value session_timeout is set to.

 

$client->POST('/logout');

 

# Now the cookie's dead, if you try any more API calls you'll get HTTP error 401 "auth required".

 

If you try and cut and paste this code, you'll have to convert the white space (indents etc.) to tabs, Perl seems to barf on a lot of it.

 

It's taken me quite a few hours to figure all this out, hopefully this'll help someone else.

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE
Showing results for 
Search instead for 
Did you mean: 

Recommended for You