Giter VIP home page Giter VIP logo

Comments (12)

addelovein avatar addelovein commented on September 8, 2024 
    proxmox = proxmoxer.ProxmoxAPI(
              ^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\AddeLovein\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.12_qbz5n2kfra8p0\LocalCache\local-packages\Python312\site-packages\proxmoxer\core.py", line 210, in __init__
    self._backend = importlib.import_module(f".backends.{backend}", "proxmoxer").Backend(
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\AddeLovein\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.12_qbz5n2kfra8p0\LocalCache\local-packages\Python312\site-packages\proxmoxer\backends\https.py", line 302, in __init__
    self.auth = ProxmoxHTTPAuth(
                ^^^^^^^^^^^^^^^^
  File "C:\Users\AddeLovein\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.12_qbz5n2kfra8p0\LocalCache\local-packages\Python312\site-packages\proxmoxer\backends\https.py", line 59, in __init__
    self._get_new_tokens(password=password, otp=otp)
  File "C:\Users\AddeLovein\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.12_qbz5n2kfra8p0\LocalCache\local-packages\Python312\site-packages\proxmoxer\backends\https.py", line 77, in _get_new_tokens
    raise AuthenticationError(
proxmoxer.core.AuthenticationError: Couldn't authenticate use```

from proxmoxer.

jhollowe avatar jhollowe commented on September 8, 2024

Please try having the OTP be a strongstring rather than an integer. I don't know if that is the issue, but I think it might be

from proxmoxer.

addelovein avatar addelovein commented on September 8, 2024

strong

Same issue if I declare totp with totp="292695"

from proxmoxer.

jhollowe avatar jhollowe commented on September 8, 2024

Can you look at the network traffic in your browser and see what data the api2/json/access/ticket request has?

from proxmoxer.

addelovein avatar addelovein commented on September 8, 2024

You mean when I log in to proxmox via browser?

First ticket:

Request

username: adde
password: test123
realm: pve
new-format: 1

Response

{
    "success": 1,
    "data": {
        "ticket": "PVE:!tfa!{\"totp\"%3Atrue}:***********::JElr2K5oW2*************************BbxjQsa/HvhIfYrfoe*********************ULU57YW1S9pvD417VesGsKWLMLnXllg9CKSO9k*****************lSLEu7OUikT78mZ56JIIMw1IMyUXBV35+TpkR0wyZ0Lb28VpAnsFOABOqd5vZGT1e7N1ZJEx7QEXDBSqH7vhnSu0Qk1CSUQQfgyOy0V/x1GLQqLbj0jF3elamU69KiR*************************g==",
        "username": "adde@pve",
        "NeedTFA": 1,
        "CSRFPreventionToken": "65B4DD50:URrwhOOq+7tWqbOsBW6Xg2EJ3yn24R05XRqV9PpsOTc"
    }
}

Second Ticket (The Real Authentication)

Request

username: adde@pve
tfa-challenge: PVE:!tfa!{"totp"%3Atrue}:***********::JElr2K5oW2*************************BbxjQsa/HvhIfYrfoe*********************ULU57YW1S9pvD417VesGsKWLMLnXllg9CKSO9k*****************lSLEu7OUikT78mZ56JIIMw1IMyUXBV35+TpkR0wyZ0Lb28VpAnsFOABOqd5vZGT1e7N1ZJEx7QEXDBSqH7vhnSu0Qk1CSUQQfgyOy0V/x1GLQqLbj0jF3elamU69KiR*************************g=="
password: totp:473543

Response
Authenticated.....

That should be enough data ;-)

from proxmoxer.

jhollowe avatar jhollowe commented on September 8, 2024

I'm not sure. You might try asking in the proxmox forums how to pass OTP values to the api2/json/access/ticket API endpoint. proxmoxer does not do the two-step OTP process and instead just passes the username, password, and OTP all in one request. This may be no longer supported by the Proxmox auth layer and we may need to adjust the login flow if an OTP value is provided.

from proxmoxer.

addelovein avatar addelovein commented on September 8, 2024

It sure is supported, this code works... Just wrote it based of how proxmox itself authenticates its webui...

import sys
import requests, json

pvehost = "pve.yourdomain.se"
pveport = "8006"
username = "adde"
password = "test123"
realm = "pve"


headers = {'Content-Type': 'application/x-www-form-urlencoded'}

data = {"realm": realm, "username": username, "password": password, "new-format": 1}
print("\nSending Payload: ", data)
r = requests.post(f'https://{pvehost}:{pveport}/api2/json/access/ticket', headers=headers, data=data, verify=True)
if r.status_code!=200:
    print("Auth Failed at Step One, cant proceed with OTP")
    sys.exit()

bytes_value = r.content
jsonval = bytes_value.decode('utf8').replace("'", '"')
jsondata = json.loads(jsonval)
print("RESPONSE: ",jsondata['data'])

ticket = jsondata['data']['ticket']
code = input("\n\tEnter your value: ") 

totp={"tfa-challenge" : ticket, "username": username, "password": f"totp:{code}","realm": realm }

print("\nSending Payload: ", totp)
r2 = requests.post(f'https://{pvehost}:{pveport}/api2/json/access/ticket', headers=headers, data=totp, verify=True)
bytes_value = r2.content
jsonval = bytes_value.decode('utf8').replace("'", '"')
jsondata = json.loads(jsonval)


if r2.status_code==200:
        print("Auth Success: ", r2.json)
else:
        print("Auth Failed: ", r2.json)

from proxmoxer.

addelovein avatar addelovein commented on September 8, 2024

No response on this at all?

from proxmoxer.

jpattWPC avatar jpattWPC commented on September 8, 2024

I added #158 to address this on the HTTPS backend. Please let me know if this can be merged into a release.

from proxmoxer.

jhollowe avatar jhollowe commented on September 8, 2024

@addelovein sorry for the slow response, this fell off my radar.

Thanks @jpattWPC for the PR!

I've started a thread in the PVE forums to see if the single request flow is still supported or if this meeds to move to the two-step flow:
https://forum.proxmox.com/threads/single-post-auth-with-otp-no-longer-supported.141830/

from proxmoxer.

addelovein avatar addelovein commented on September 8, 2024

I posted a working example...

from proxmoxer.

jpattWPC avatar jpattWPC commented on September 8, 2024

from proxmoxer.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.