Comments (12)
proxmox = proxmoxer.ProxmoxAPI(
^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\AddeLovein\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.12_qbz5n2kfra8p0\LocalCache\local-packages\Python312\site-packages\proxmoxer\core.py", line 210, in __init__
self._backend = importlib.import_module(f".backends.{backend}", "proxmoxer").Backend(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\AddeLovein\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.12_qbz5n2kfra8p0\LocalCache\local-packages\Python312\site-packages\proxmoxer\backends\https.py", line 302, in __init__
self.auth = ProxmoxHTTPAuth(
^^^^^^^^^^^^^^^^
File "C:\Users\AddeLovein\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.12_qbz5n2kfra8p0\LocalCache\local-packages\Python312\site-packages\proxmoxer\backends\https.py", line 59, in __init__
self._get_new_tokens(password=password, otp=otp)
File "C:\Users\AddeLovein\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.12_qbz5n2kfra8p0\LocalCache\local-packages\Python312\site-packages\proxmoxer\backends\https.py", line 77, in _get_new_tokens
raise AuthenticationError(
proxmoxer.core.AuthenticationError: Couldn't authenticate use```
from proxmoxer.
Please try having the OTP be a strongstring rather than an integer. I don't know if that is the issue, but I think it might be
from proxmoxer.
strong
Same issue if I declare totp with totp="292695"
from proxmoxer.
Can you look at the network traffic in your browser and see what data the api2/json/access/ticket
request has?
from proxmoxer.
You mean when I log in to proxmox via browser?
First ticket:
Request
username: adde
password: test123
realm: pve
new-format: 1
Response
{
"success": 1,
"data": {
"ticket": "PVE:!tfa!{\"totp\"%3Atrue}:***********::JElr2K5oW2*************************BbxjQsa/HvhIfYrfoe*********************ULU57YW1S9pvD417VesGsKWLMLnXllg9CKSO9k*****************lSLEu7OUikT78mZ56JIIMw1IMyUXBV35+TpkR0wyZ0Lb28VpAnsFOABOqd5vZGT1e7N1ZJEx7QEXDBSqH7vhnSu0Qk1CSUQQfgyOy0V/x1GLQqLbj0jF3elamU69KiR*************************g==",
"username": "adde@pve",
"NeedTFA": 1,
"CSRFPreventionToken": "65B4DD50:URrwhOOq+7tWqbOsBW6Xg2EJ3yn24R05XRqV9PpsOTc"
}
}
Second Ticket (The Real Authentication)
Request
username: adde@pve
tfa-challenge: PVE:!tfa!{"totp"%3Atrue}:***********::JElr2K5oW2*************************BbxjQsa/HvhIfYrfoe*********************ULU57YW1S9pvD417VesGsKWLMLnXllg9CKSO9k*****************lSLEu7OUikT78mZ56JIIMw1IMyUXBV35+TpkR0wyZ0Lb28VpAnsFOABOqd5vZGT1e7N1ZJEx7QEXDBSqH7vhnSu0Qk1CSUQQfgyOy0V/x1GLQqLbj0jF3elamU69KiR*************************g=="
password: totp:473543
Response
Authenticated.....
That should be enough data ;-)
from proxmoxer.
I'm not sure. You might try asking in the proxmox forums how to pass OTP values to the api2/json/access/ticket
API endpoint. proxmoxer does not do the two-step OTP process and instead just passes the username, password, and OTP all in one request. This may be no longer supported by the Proxmox auth layer and we may need to adjust the login flow if an OTP value is provided.
from proxmoxer.
It sure is supported, this code works... Just wrote it based of how proxmox itself authenticates its webui...
import sys
import requests, json
pvehost = "pve.yourdomain.se"
pveport = "8006"
username = "adde"
password = "test123"
realm = "pve"
headers = {'Content-Type': 'application/x-www-form-urlencoded'}
data = {"realm": realm, "username": username, "password": password, "new-format": 1}
print("\nSending Payload: ", data)
r = requests.post(f'https://{pvehost}:{pveport}/api2/json/access/ticket', headers=headers, data=data, verify=True)
if r.status_code!=200:
print("Auth Failed at Step One, cant proceed with OTP")
sys.exit()
bytes_value = r.content
jsonval = bytes_value.decode('utf8').replace("'", '"')
jsondata = json.loads(jsonval)
print("RESPONSE: ",jsondata['data'])
ticket = jsondata['data']['ticket']
code = input("\n\tEnter your value: ")
totp={"tfa-challenge" : ticket, "username": username, "password": f"totp:{code}","realm": realm }
print("\nSending Payload: ", totp)
r2 = requests.post(f'https://{pvehost}:{pveport}/api2/json/access/ticket', headers=headers, data=totp, verify=True)
bytes_value = r2.content
jsonval = bytes_value.decode('utf8').replace("'", '"')
jsondata = json.loads(jsonval)
if r2.status_code==200:
print("Auth Success: ", r2.json)
else:
print("Auth Failed: ", r2.json)
from proxmoxer.
No response on this at all?
from proxmoxer.
I added #158 to address this on the HTTPS backend. Please let me know if this can be merged into a release.
from proxmoxer.
@addelovein sorry for the slow response, this fell off my radar.
Thanks @jpattWPC for the PR!
I've started a thread in the PVE forums to see if the single request flow is still supported or if this meeds to move to the two-step flow:
https://forum.proxmox.com/threads/single-post-auth-with-otp-no-longer-supported.141830/
from proxmoxer.
I posted a working example...
from proxmoxer.
from proxmoxer.
Related Issues (20)
- How to create a container? HOT 2
- Not displaying containers using example from docs HOT 4
- feature request: qemu agent exec-status pid re-checker
- Update description in vm config HOT 4
- Parameter verification failed: 'sshkeys' VM config option HTTP query argument is improperly escaped. HOT 5
- OIDC Login HOT 1
- How to use ssh-public-key in pct create for lxc HOT 6
- Status or progress of uploads to /nodes/{node}/storage/{storage}/upload
- qemu monitor api failed to call command like `info block` HOT 4
- Feature Request: SDN API Support HOT 1
- InsecureRequestWarning HOT 5
- How to reach API endpoint options with '-' in the name ? HOT 1
- I can't install proxmoxer HOT 7
- How to create a datastore with keep-monthly option? HOT 1
- Remote console access HOT 1
- "No 'get' handler defined for 'host/path'" error after upgrading to 2.1.0 when using openssh backend HOT 2
- htmlmail option for Proxmox Mail Gateway HOT 9
- proxmoxer doesn't distinguish between error types HOT 2
- restore vm by api HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from proxmoxer.