[pve-devel] [PATCH apiclient] implement api token support

Fabian Grünbichler f.gruenbichler at proxmox.com
Thu Jan 30 12:07:52 CET 2020 

and add an example for it.

Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
 PVE/APIClient/LWP.pm | 22 ++++++++++++++++++++--
 examples/example3.pl | 24 ++++++++++++++++++++++++
 2 files changed, 44 insertions(+), 2 deletions(-)
 create mode 100755 examples/example3.pl

diff --git a/PVE/APIClient/LWP.pm b/PVE/APIClient/LWP.pm
index 97fd64f..c18210d 100755
--- a/PVE/APIClient/LWP.pm
+++ b/PVE/APIClient/LWP.pm
@@ -192,12 +192,13 @@ sub call {
     delete $self->{last_unknown_fingerprint};
 
     my $ticket = $self->{ticket};
+    my $apitoken = $self->{apitoken};
 
     my $ua = $self->{useragent};
 
     # fixme: check ticket lifetime?
 
-    if (!$ticket && $self->{username} && $self->{password}) {
+    if (!$ticket && !$apitoken && $self->{username} && $self->{password}) {
 	$self->login();
     }
 
@@ -346,9 +347,26 @@ sub new {
 
     $self->{useragent}->default_header('Accept-Encoding' => 'gzip'); # allow gzip
 
-    $self->update_ticket($param{ticket}) if $param{ticket};
+    if ($param{apitoken} && $param{password}) {
+	warn "password will be ignored in favor of API token\n";
+	delete $self->{password};
+    }
+    if ($param{ticket}) {
+	if ($param{apitoken}) {
+	    warn "ticket will be ignored in favor of API token\n";
+	} else {
+	    $self->update_ticket($param{ticket});
+	}
+    }
     $self->update_csrftoken($param{csrftoken}) if $param{csrftoken};
 
+    if ($param{apitoken}) {
+	my $agent = $self->{useragent};
+
+	$self->{apitoken} = $param{apitoken};
+
+	$agent->default_header('Authorization', $param{apitoken});
+    }
 
     return $self;
 }
diff --git a/examples/example3.pl b/examples/example3.pl
new file mode 100755
index 0000000..d09e052
--- /dev/null
+++ b/examples/example3.pl
@@ -0,0 +1,24 @@
+#!/usr/bin/perl
+
+# NOTE: you need to set the API token and PVE host below for this to work
+
+use strict;
+use warnings;
+
+use PVE::APIClient::LWP;
+
+use JSON;
+
+my $apitoken = 'PVEAPIToken=USER at REALM!TOKENID=TOKENVALUE';
+my $hostname = "127.0.0.1";
+
+my $conn = PVE::APIClient::LWP->new(
+    apitoken => $apitoken,
+    host => $hostname,
+    # allow manual fingerprint verification
+    manual_verification => 1,
+    );
+
+my $res = $conn->get("/access/permissions", {});
+
+print to_json($res, { pretty => 1, canonical => 1});
-- 
2.20.1

More information about the pve-devel mailing list